close_issue_1
/
shop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FIX]密码改为密文存储

This commit is contained in:
viletyy 2020-09-29 19:35:03 +08:00
parent 2051f39c3f
commit d9be1cab40
8 changed files with 83 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/docs.go
View File

@ -94,6 +94,12 @@ var doc = `{
"description": "State",
"name": "state",
"in": "query"
},
{
"type": "integer",
"description": "Page",
"name": "page",
"in": "query"
}
],
"responses": {

6
docs/swagger.json
View File

@ -74,6 +74,12 @@
"description": "State",
"name": "state",
"in": "query"
},
{
"type": "integer",
"description": "Page",
"name": "page",
"in": "query"
}
],
"responses": {

4
docs/swagger.yaml
View File

@ -45,6 +45,10 @@ paths:
in: query
name: state
type: integer
- description: Page
in: query
name: page
type: integer
produces:
- application/json
responses:

1
go.mod
View File

@ -21,6 +21,7 @@ require (
github.com/swaggo/swag v1.6.7
github.com/ugorji/go v1.1.8 // indirect
github.com/unknwon/com v1.0.1
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
golang.org/x/net v0.0.0-20200904194848-62affa334b73 // indirect
golang.org/x/sys v0.0.0-20200909081042-eff7692f9009 // indirect
golang.org/x/tools v0.0.0-20200921210052-fa0125251cc4 // indirect

30
models/employee.go
View File

@ -1,6 +1,8 @@
package models
import "github.com/jinzhu/gorm"
import (
"github.com/jinzhu/gorm"
)
type Employee struct {
Model
@ -80,8 +82,30 @@ func GetEmployee(id int) (*Employee, error) {
return &employee, nil
}
func EditEmployee(id int, data interface{}) error {
if err := db.Model(&Employee{}).Where("id = ? AND deleted_on = ?", id, 0).Updates(data).Error; err != nil {
func GetEmployeeByUsername(username string) (*Employee, error) {
var employee Employee
err := db.Where("username = ? AND deleted_on = ? ", username, 0).First(&employee).Error
if err != nil && err != gorm.ErrRecordNotFound {
return nil, err
}
err = db.Model(&employee).Error
if err != nil && err != gorm.ErrRecordNotFound {
return nil, err
}
return &employee, nil
}
func EditEmployee(id int, data map[string]interface{}) error {
if err := db.Model(&Employee{}).Where("id = ? AND deleted_on = ?", id, 0).Updates(Employee{
AvatarUrl: data["avatar_url"].(string),
Username: data["username"].(string),
Password: data["password"].(string),
Department: data["department"].(string),
Position: data["position"].(string),
State: data["state"].(int),
}).Error; err != nil {
return err
}
return nil

37
routers/admin/login.go
View File

@ -4,9 +4,10 @@ import (
"github.com/astaxie/beego/validation"
"github.com/gin-gonic/gin"
"github.com/go-pripro/shop/models"
"github.com/go-pripro/shop/pkg/app"
"github.com/go-pripro/shop/pkg/e"
"github.com/go-pripro/shop/pkg/logging"
"github.com/go-pripro/shop/pkg/util"
"golang.org/x/crypto/bcrypt"
"net/http"
)
@ -22,34 +23,32 @@ type Employee struct {
// @Success 200 {string} json "{"code":200,"data":{},"msg":"ok"}"
// @Router /admin/login [get]
func GetLogin(c *gin.Context) {
appG := app.Gin{C: c}
username := c.Query("username")
password := c.Query("password")
valid := validation.Validation{}
a := Employee{Username: username, Password: password}
ok, _ := valid.Valid(&a)
if ok, err := valid.Valid(&a); err != nil || !ok {
app.MarkErrors(valid.Errors)
appG.Response(http.StatusBadRequest, e.InvalidParams, nil)
return
}
data := make(map[string]interface{})
code := e.InvalidParams
if ok {
isExist := models.CheckEmployee(username, password)
if isExist {
if fEmployee, err := models.GetEmployeeByUsername(username); err != nil {
appG.Response(http.StatusInternalServerError, e.ErrorAuth, nil)
} else {
if err := bcrypt.CompareHashAndPassword([]byte(fEmployee.Password), []byte(password)); err != nil{
appG.Response(http.StatusInternalServerError, e.ErrorAuth, nil)
} else {
token, err := util.GenerateToken(username, password)
if err != nil {
code = e.ErrorAuthToken
appG.Response(http.StatusInternalServerError, e.ErrorAuthToken, nil)
} else {
data["token"] = token
code = e.SUCCESS
appG.Response(http.StatusOK, e.SUCCESS, data)
}
} else {
code = e.ErrorAuth
}
} else {
for _, err := range valid.Errors {
logging.Info(err.Key, err.Message)
}
}
c.JSON(http.StatusOK, gin.H{
"code": code,
"msg": e.GetMsg(code),
"data": data,
})
}

32
routers/admin/v1/employee.go
View File

@ -127,6 +127,7 @@ func GetEmployee(c *gin.Context) {
// @Param department query string false "Department"
// @Param position query string false "Position"
// @Param state query int false "State"
// @Param page query int false "Page"
// @Success 200 {string} json "{"code": 200, "data": {}, "msg":"ok"}"
// @Router /admin/v1/employees [get]
func GetEmployees(c *gin.Context) {
@ -197,7 +198,7 @@ func EditEmployee(c *gin.Context) {
valid := validation.Validation{}
valid.Min(id, 1, "id").Message("必须是有效的员工id")
valid.Range(state, 0, 1, "state").Message("状态只允许0或1")
if valid.HasErrors() {
app.MarkErrors(valid.Errors)
appG.Response(http.StatusBadRequest, e.InvalidParams, nil)
@ -221,29 +222,12 @@ func EditEmployee(c *gin.Context) {
appG.Response(http.StatusInternalServerError, e.ErrorExistEmployee, nil)
}
if avatarUrl != "" {
employeeService.AvatarUrl = avatarUrl
}
if username != "" {
employeeService.Username = username
}
if password != "" {
employeeService.Password = password
}
if department != "" {
employeeService.Department = department
}
if position != "" {
employeeService.Position = position
}
if state >= 0 {
employeeService.State = state
}
employeeService.AvatarUrl = avatarUrl
employeeService.Username = username
employeeService.Password = password
employeeService.Department = department
employeeService.Position = position
employeeService.State = state
if err := employeeService.Edit(); err == nil {
appG.Response(http.StatusOK, e.SUCCESS, employeeService)

15
service/employee_service/employee.go
View File

@ -7,6 +7,7 @@ import (
"github.com/go-pripro/shop/pkg/gredis"
"github.com/go-pripro/shop/pkg/logging"
"github.com/go-pripro/shop/service/cache_service"
"golang.org/x/crypto/bcrypt"
)
type Employee struct {
@ -25,11 +26,19 @@ type Employee struct {
PageSize int
}
func (syncEmployee *Employee) EncodePassword(password string) string {
if hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost); err == nil {
return string(hash)
}
return string(rune(0))
}
func (syncEmployee *Employee) Add() error {
encodePassword := syncEmployee.EncodePassword(syncEmployee.Password)
employee := map[string]interface{}{
"avatar_url": syncEmployee.AvatarUrl,
"username": syncEmployee.Username,
"password": syncEmployee.Password,
"password": encodePassword,
"department": syncEmployee.Department,
"position": syncEmployee.Position,
"state": syncEmployee.State,
@ -43,10 +52,12 @@ func (syncEmployee *Employee) Add() error {
}
func (syncEmployee *Employee) Edit() error {
encodePassword := syncEmployee.EncodePassword(syncEmployee.Password)
return models.EditEmployee(syncEmployee.ID, map[string]interface{}{
"avatar_url": syncEmployee.AvatarUrl,
"username": syncEmployee.Username,
"password": syncEmployee.Password,
"password": encodePassword,
"department": syncEmployee.Department,
"position": syncEmployee.Position,
"state": syncEmployee.State,