diff --git a/vblog/apps/user/impl/impl.go b/vblog/apps/user/impl/impl.go index fd58948..4754647 100644 --- a/vblog/apps/user/impl/impl.go +++ b/vblog/apps/user/impl/impl.go @@ -3,7 +3,9 @@ package impl import ( "context" + "github.com/infraboard/mcube/v2/ioc/config/datasource" "gitlab.com/go-course-project/go17/vblog/apps/user" + "golang.org/x/crypto/bcrypt" ) var UserService user.Service = &UserServiceImpl{} @@ -14,8 +16,20 @@ type UserServiceImpl struct { } // DescribeUser implements user.Service. -func (u *UserServiceImpl) DescribeUser(context.Context, *user.DescribeUserRequest) (*user.User, error) { - panic("unimplemented") +func (u *UserServiceImpl) DescribeUser(ctx context.Context, in *user.DescribeUserRequest) (*user.User, error) { + query := datasource.DBFromCtx(ctx) + switch in.DescribeBy { + case user.DESCRIBE_BY_ID: + query = query.Where("id = ?", in.Value) + case user.DESCRIBE_BY_USERNAME: + query = query.Where("username = ?", in.Value) + } + + ins := &user.User{} + if err := query.Take(ins).Error; err != nil { + return nil, err + } + return ins, nil } // Registry implements user.Service. @@ -25,6 +39,24 @@ func (u *UserServiceImpl) Registry(ctx context.Context, in *user.RegistryRequest return nil, err } + // 明文密码保持到数据库,是不安全 + // 对称加密/非对称, 解密 + // 消息摘要, 无法还原 + // 怎么知道用户的密码 比对hash 123 -> (xxx) + // md5 sha1/256/512, hmac, ... + // 结果固定 + hashPass, err := bcrypt.GenerateFromPassword([]byte(in.Password), bcrypt.DefaultCost) + if err != nil { + return nil, err + } + ins.Password = string(hashPass) + + if err := datasource.DBFromCtx(ctx).Create(ins).Error; err != nil { + return nil, err + } + + // context.WithValue() + // 无事务的模式 // datasource.DB().Transaction(func(tx *gorm.DB) error { // ctx := datasource.WithTransactionCtx(ctx) diff --git a/vblog/apps/user/impl_test.go b/vblog/apps/user/impl_test.go index 8c84121..5ef84d0 100644 --- a/vblog/apps/user/impl_test.go +++ b/vblog/apps/user/impl_test.go @@ -14,10 +14,29 @@ var ( // 我要测试的对象是什么?, 这个服务的具体实现 // Service的具体实现?现在还没实现 +// $2a$10$yHVSVuyIpTrQxwiuZUwSMuaJFsnd4YBd6hgA.31xNzuyTu4voD/QW +// $2a$10$fe0lsMhM15i4cjHmWudroOOIIBR27Nb7vwrigwK.9PhWdFld44Yze +// $2a$10$RoR0qK37vfc7pddPV0mpU.nN15Lv8745A40MkCJLe47Q00Ag83Qru +// https://gitee.com/infraboard/go-course/blob/master/day09/go-hash.md#bcrypt func TestRegistry(t *testing.T) { - ins, err := impl.UserService.Registry(ctx, &user.RegistryRequest{}) + req := user.NewRegistryRequest() + req.Username = "test02" + req.Password = "123456" + ins, err := impl.UserService.Registry(ctx, req) if err != nil { t.Fatal(err) } t.Log(ins) } + +func TestDescribeUser(t *testing.T) { + ins, err := impl.UserService.DescribeUser(ctx, &user.DescribeUserRequest{ + user.DESCRIBE_BY_USERNAME, "admin", + }) + if err != nil { + t.Fatal(err) + } + // + // if ins.Password = in.Password + t.Log(ins.CheckPassword("1234567")) +} diff --git a/vblog/apps/user/model.go b/vblog/apps/user/model.go index cb6e53f..af1b8d1 100644 --- a/vblog/apps/user/model.go +++ b/vblog/apps/user/model.go @@ -5,7 +5,9 @@ import ( "github.com/infraboard/mcube/v2/exception" "github.com/infraboard/mcube/v2/ioc/config/validator" + "github.com/infraboard/mcube/v2/tools/pretty" "gitlab.com/go-course-project/go17/vblog/utils" + "golang.org/x/crypto/bcrypt" ) func New(in *RegistryRequest) (*User, error) { @@ -25,17 +27,29 @@ type User struct { RegistryRequest } +func (r *User) String() string { + return pretty.ToJSON(r) +} + +func NewRegistryRequest() *RegistryRequest { + return &RegistryRequest{} +} + type RegistryRequest struct { // 用户名 Username string `json:"username" gorm:"column:username;unique;index" validate:"required"` // 密码 - Password string `json:"password" gorm:"column:username;type:varchar(255)" validate:"required"` + Password string `json:"password" gorm:"column:password;type:varchar(255)" validate:"required"` // Profile 信息 Profile // 用户状态 Status } +func (r *RegistryRequest) CheckPassword(password string) error { + return bcrypt.CompareHashAndPassword([]byte(r.Password), []byte(password)) +} + func (r *RegistryRequest) Validate() error { return validator.Validate(r) }