CarrotSkin/backend
4
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e05ba3b041a12cb80a5dd376781e69d310378a8c
backend/internal/service/user_service_impl.go

369 lines
8.9 KiB
Go
Raw Normal View History

feat: Service层接口化 新增Service接口定义(internal/service/interfaces.go): - UserService: 用户认证、查询、更新等接口 - ProfileService: 档案CRUD、状态管理接口 - TextureService: 材质管理、收藏功能接口 - TokenService: 令牌生命周期管理接口 - VerificationService: 验证码服务接口 - CaptchaService: 滑动验证码接口 - UploadService: 上传服务接口 - YggdrasilService: Yggdrasil API接口 新增Service实现: - user_service_impl.go: 用户服务实现 - profile_service_impl.go: 档案服务实现 - texture_service_impl.go: 材质服务实现 - token_service_impl.go: 令牌服务实现 更新Container: - 添加Service层字段 - 初始化Service实例 - 添加With*Service选项函数 遵循Go最佳实践: - 接口定义与实现分离 - 依赖通过构造函数注入 - 便于单元测试mock
2025-12-02 17:50:52 +08:00
package service
import (
"carrotskin/internal/model"
"carrotskin/internal/repository"
"carrotskin/pkg/auth"
"carrotskin/pkg/config"
"carrotskin/pkg/redis"
"context"
"errors"
"fmt"
"net/url"
"strings"
"time"
"go.uber.org/zap"
)
// userServiceImpl UserService的实现
type userServiceImpl struct {
userRepo repository.UserRepository
configRepo repository.SystemConfigRepository
jwtService *auth.JWTService
redis *redis.Client
logger *zap.Logger
}
// NewUserService 创建UserService实例
func NewUserService(
userRepo repository.UserRepository,
configRepo repository.SystemConfigRepository,
jwtService *auth.JWTService,
redisClient *redis.Client,
logger *zap.Logger,
) UserService {
return &userServiceImpl{
userRepo: userRepo,
configRepo: configRepo,
jwtService: jwtService,
redis: redisClient,
logger: logger,
}
}
func (s *userServiceImpl) Register(username, password, email, avatar string) (*model.User, string, error) {
// 检查用户名是否已存在
existingUser, err := s.userRepo.FindByUsername(username)
if err != nil {
return nil, "", err
}
if existingUser != nil {
return nil, "", errors.New("用户名已存在")
}
// 检查邮箱是否已存在
existingEmail, err := s.userRepo.FindByEmail(email)
if err != nil {
return nil, "", err
}
if existingEmail != nil {
return nil, "", errors.New("邮箱已被注册")
}
// 加密密码
hashedPassword, err := auth.HashPassword(password)
if err != nil {
return nil, "", errors.New("密码加密失败")
}
// 确定头像URL
avatarURL := avatar
if avatarURL != "" {
if err := s.ValidateAvatarURL(avatarURL); err != nil {
return nil, "", err
}
} else {
avatarURL = s.getDefaultAvatar()
}
// 创建用户
user := &model.User{
Username: username,
Password: hashedPassword,
Email: email,
Avatar: avatarURL,
Role: "user",
Status: 1,
Points: 0,
}
if err := s.userRepo.Create(user); err != nil {
return nil, "", err
}
// 生成JWT Token
token, err := s.jwtService.GenerateToken(user.ID, user.Username, user.Role)
if err != nil {
return nil, "", errors.New("生成Token失败")
}
return user, token, nil
}
func (s *userServiceImpl) Login(usernameOrEmail, password, ipAddress, userAgent string) (*model.User, string, error) {
ctx := context.Background()
// 检查账号是否被锁定
if s.redis != nil {
identifier := usernameOrEmail + ":" + ipAddress
locked, ttl, err := CheckLoginLocked(ctx, s.redis, identifier)
if err == nil && locked {
return nil, "", fmt.Errorf("登录尝试次数过多,请在 %d 分钟后重试", int(ttl.Minutes())+1)
}
}
// 查找用户
var user *model.User
var err error
if strings.Contains(usernameOrEmail, "@") {
user, err = s.userRepo.FindByEmail(usernameOrEmail)
} else {
user, err = s.userRepo.FindByUsername(usernameOrEmail)
}
if err != nil {
return nil, "", err
}
if user == nil {
s.recordLoginFailure(ctx, usernameOrEmail, ipAddress, userAgent, 0, "用户不存在")
return nil, "", errors.New("用户名/邮箱或密码错误")
}
// 检查用户状态
if user.Status != 1 {
s.recordLoginFailure(ctx, usernameOrEmail, ipAddress, userAgent, user.ID, "账号已被禁用")
return nil, "", errors.New("账号已被禁用")
}
// 验证密码
if !auth.CheckPassword(user.Password, password) {
s.recordLoginFailure(ctx, usernameOrEmail, ipAddress, userAgent, user.ID, "密码错误")
return nil, "", errors.New("用户名/邮箱或密码错误")
}
// 登录成功,清除失败计数
if s.redis != nil {
identifier := usernameOrEmail + ":" + ipAddress
_ = ClearLoginAttempts(ctx, s.redis, identifier)
}
// 生成JWT Token
token, err := s.jwtService.GenerateToken(user.ID, user.Username, user.Role)
if err != nil {
return nil, "", errors.New("生成Token失败")
}
// 更新最后登录时间
now := time.Now()
user.LastLoginAt = &now
_ = s.userRepo.UpdateFields(user.ID, map[string]interface{}{
"last_login_at": now,
})
// 记录成功登录日志
s.logSuccessLogin(user.ID, ipAddress, userAgent)
return user, token, nil
}
func (s *userServiceImpl) GetByID(id int64) (*model.User, error) {
return s.userRepo.FindByID(id)
}
func (s *userServiceImpl) GetByEmail(email string) (*model.User, error) {
return s.userRepo.FindByEmail(email)
}
func (s *userServiceImpl) UpdateInfo(user *model.User) error {
return s.userRepo.Update(user)
}
func (s *userServiceImpl) UpdateAvatar(userID int64, avatarURL string) error {
return s.userRepo.UpdateFields(userID, map[string]interface{}{
"avatar": avatarURL,
})
}
func (s *userServiceImpl) ChangePassword(userID int64, oldPassword, newPassword string) error {
user, err := s.userRepo.FindByID(userID)
if err != nil || user == nil {
return errors.New("用户不存在")
}
if !auth.CheckPassword(user.Password, oldPassword) {
return errors.New("原密码错误")
}
hashedPassword, err := auth.HashPassword(newPassword)
if err != nil {
return errors.New("密码加密失败")
}
return s.userRepo.UpdateFields(userID, map[string]interface{}{
"password": hashedPassword,
})
}
func (s *userServiceImpl) ResetPassword(email, newPassword string) error {
user, err := s.userRepo.FindByEmail(email)
if err != nil || user == nil {
return errors.New("用户不存在")
}
hashedPassword, err := auth.HashPassword(newPassword)
if err != nil {
return errors.New("密码加密失败")
}
return s.userRepo.UpdateFields(user.ID, map[string]interface{}{
"password": hashedPassword,
})
}
func (s *userServiceImpl) ChangeEmail(userID int64, newEmail string) error {
existingUser, err := s.userRepo.FindByEmail(newEmail)
if err != nil {
return err
}
if existingUser != nil && existingUser.ID != userID {
return errors.New("邮箱已被其他用户使用")
}
return s.userRepo.UpdateFields(userID, map[string]interface{}{
"email": newEmail,
})
}
func (s *userServiceImpl) ValidateAvatarURL(avatarURL string) error {
if avatarURL == "" {
return nil
}
// 允许相对路径
if strings.HasPrefix(avatarURL, "/") {
return nil
}
// 解析URL
parsedURL, err := url.Parse(avatarURL)
if err != nil {
return errors.New("无效的URL格式")
}
// 必须是HTTP或HTTPS协议
if parsedURL.Scheme != "http" && parsedURL.Scheme != "https" {
return errors.New("URL必须使用http或https协议")
}
host := parsedURL.Hostname()
if host == "" {
return errors.New("URL缺少主机名")
}
// 从配置获取允许的域名列表
cfg, err := config.GetConfig()
if err != nil {
allowedDomains := []string{"localhost", "127.0.0.1"}
return s.checkDomainAllowed(host, allowedDomains)
}
return s.checkDomainAllowed(host, cfg.Security.AllowedDomains)
}
func (s *userServiceImpl) GetMaxProfilesPerUser() int {
config, err := s.configRepo.GetByKey("max_profiles_per_user")
if err != nil || config == nil {
return 5
}
var value int
fmt.Sscanf(config.Value, "%d", &value)
if value <= 0 {
return 5
}
return value
}
func (s *userServiceImpl) GetMaxTexturesPerUser() int {
config, err := s.configRepo.GetByKey("max_textures_per_user")
if err != nil || config == nil {
return 50
}
var value int
fmt.Sscanf(config.Value, "%d", &value)
if value <= 0 {
return 50
}
return value
}
// 私有辅助方法
func (s *userServiceImpl) getDefaultAvatar() string {
config, err := s.configRepo.GetByKey("default_avatar")
if err != nil || config == nil || config.Value == "" {
return ""
}
return config.Value
}
func (s *userServiceImpl) checkDomainAllowed(host string, allowedDomains []string) error {
host = strings.ToLower(host)
for _, allowed := range allowedDomains {
allowed = strings.ToLower(strings.TrimSpace(allowed))
if allowed == "" {
continue
}
if host == allowed {
return nil
}
if strings.HasPrefix(allowed, "*.") {
suffix := allowed[1:]
if strings.HasSuffix(host, suffix) {
return nil
}
}
}
return errors.New("URL域名不在允许的列表中")
}
func (s *userServiceImpl) recordLoginFailure(ctx context.Context, usernameOrEmail, ipAddress, userAgent string, userID int64, reason string) {
if s.redis != nil {
identifier := usernameOrEmail + ":" + ipAddress
count, _ := RecordLoginFailure(ctx, s.redis, identifier)
if count >= MaxLoginAttempts {
s.logFailedLogin(userID, ipAddress, userAgent, reason+"-账号已锁定")
return
}
}
s.logFailedLogin(userID, ipAddress, userAgent, reason)
}
func (s *userServiceImpl) logSuccessLogin(userID int64, ipAddress, userAgent string) {
log := &model.UserLoginLog{
UserID: userID,
IPAddress: ipAddress,
UserAgent: userAgent,
LoginMethod: "PASSWORD",
IsSuccess: true,
}
_ = s.userRepo.CreateLoginLog(log)
}
func (s *userServiceImpl) logFailedLogin(userID int64, ipAddress, userAgent, reason string) {
log := &model.UserLoginLog{
UserID: userID,
IPAddress: ipAddress,
UserAgent: userAgent,
LoginMethod: "PASSWORD",
IsSuccess: false,
FailureReason: reason,
}
_ = s.userRepo.CreateLoginLog(log)
}
Reference in New Issue Copy Permalink