重构

2023-08-22 19:25:39 +08:00
parent 38d3b7450e
commit 96de169777
45 changed files with 881 additions and 676 deletions
--- a/handle/service/login.go
+++ b/handle/service/login.go
@@ -0,0 +1,66 @@
+package service
+
+import (
+	"crypto/x509"
+	"encoding/base64"
+	"encoding/pem"
+	"errors"
+	"omc/ca"
+	"omc/conf"
+	"omc/core/db"
+	"omc/core/utils"
+	"omc/handle/model"
+
+	"github.com/aceld/zinx/zlog"
+)
+
+// UserLogin 用户登录
+func UserLogin(name, passwd string) error {
+	// 用户名密码校验
+	var user model.User
+	err := db.Client.Model(&model.User{}).Where("account_id=?", name).First(&user).Error
+	if err != nil {
+		return err
+	}
+
+	if err := utils.Compare(user.Password, passwd); err != nil {
+		zlog.Ins().ErrorF("Password Login[%s]:%s", name, err)
+		return errors.New("incorrect username and password")
+	}
+	return nil
+}
+
+func CMCALogin(source, sign, cert string) (login bool, err error) {
+	defer func() {
+		if r := recover(); r != nil {
+			zlog.Ins().ErrorF("CMCALogin panic:%v", r)
+		}
+	}()
+	//base64 解码签名数据
+	signBytes, err := base64.StdEncoding.DecodeString(sign)
+	if err != nil {
+		return false, err
+	}
+	//证书加载
+	block, _ := pem.Decode([]byte(cert))
+
+	//证书解析
+	certBody, err := x509.ParseCertificate(block.Bytes)
+	if err != nil {
+		return false, err
+	}
+
+	//证书校验
+	if conf.OmcConf.CA.Check {
+		if err := ca.VerifyCert(certBody); err != nil {
+			return false, err
+		}
+	}
+
+	//签名验证
+	err = ca.VerifyRSA([]byte(source), signBytes, certBody)
+	if err != nil {
+		return false, err
+	}
+	return true, nil
+}