fix #52 & add auto refresh token #53

fix: cannot delete user

cmd/apimain.go

@@ -101,7 +101,7 @@ func main() {
 }
 
 func DatabaseAutoUpdate() {
-	version := 245
+	version := 246
 
 	db := global.DB
 
@@ -150,7 +150,7 @@ func DatabaseAutoUpdate() {
 		if v.Version < 245 {
 			//oauths 表的 oauth_type 字段设置为 op同样的值
 			db.Exec("update oauths set oauth_type = op")
-			db.Exec("update oauths set issuer = 'https://accounts.google.com' where op = 'google' and issuer = ''")
+			db.Exec("update oauths set issuer = 'https://accounts.google.com' where op = 'google'")
 			db.Exec("update user_thirds set oauth_type = third_type, op = third_type")
 			//通过email迁移旧的google授权
 			uts := make([]model.UserThird, 0)
@@ -161,6 +161,9 @@ func DatabaseAutoUpdate() {
 				}
 			}
 		}
+		if v.Version < 246 {
+			db.Exec("update oauths set issuer = 'https://accounts.google.com' where op = 'google' and issuer is null")
+		}
 	}
 
 }

http/middleware/admin.go

@@ -17,7 +17,7 @@ func AdminAuth() gin.HandlerFunc {
 			c.Abort()
 			return
 		}
-		user := service.AllService.UserService.InfoByAccessToken(token)
+		user, ut := service.AllService.UserService.InfoByAccessToken(token)
 		if user.Id == 0 {
 			response.Fail(c, 403, "请先登录")
 			c.Abort()
@@ -26,6 +26,8 @@ func AdminAuth() gin.HandlerFunc {
 
 		c.Set("curUser", user)
 		c.Set("token", token)
+		//如果时间小于1天,token自动续期
+		service.AllService.UserService.AutoRefreshAccessToken(ut)
 
 		c.Next()
 	}

http/middleware/rustauth.go

@@ -28,7 +28,7 @@ func RustAuth() gin.HandlerFunc {
 		//这里只是简单的提取
 		token = token[7:]
 		//验证token
-		user := service.AllService.UserService.InfoByAccessToken(token)
+		user, ut := service.AllService.UserService.InfoByAccessToken(token)
 		if user.Id == 0 {
 			c.JSON(401, gin.H{
 				"error": "Unauthorized",
@@ -46,6 +46,9 @@ func RustAuth() gin.HandlerFunc {
 
 		c.Set("curUser", user)
 		c.Set("token", token)
+
+		service.AllService.UserService.AutoRefreshAccessToken(ut)
+
 		c.Next()
 	}
 }

service/user.go

@@ -53,18 +53,18 @@ func (us *UserService) InfoByUsernamePassword(username, password string) *model.
 }
 
 // InfoByAccesstoken 根据accesstoken取用户信息
-func (us *UserService) InfoByAccessToken(token string) *model.User {
+func (us *UserService) InfoByAccessToken(token string) (*model.User, *model.UserToken) {
 	u := &model.User{}
 	ut := &model.UserToken{}
 	global.DB.Where("token = ?", token).First(ut)
 	if ut.Id == 0 {
-		return u
+		return u, ut
 	}
 	if ut.ExpiredAt < time.Now().Unix() {
-		return u
+		return u, ut
 	}
 	global.DB.Where("id = ?", ut.UserId).First(u)
-	return u
+	return u, ut
 }
 
 // GenerateToken 生成token
@@ -215,12 +215,12 @@ func (us *UserService) Delete(u *model.User) error {
 		tx.Rollback()
 		return err
 	}
+	tx.Commit()
 	// 删除关联的peer
 	if err := AllService.PeerService.EraseUserId(u.Id); err != nil {
-		tx.Rollback()
-		return err
+		global.Logger.Warn("User deleted successfully, but failed to unlink peer.")
+		return nil
 	}
-	tx.Commit()
 	return nil
 }
 
@@ -448,3 +448,13 @@ func (us *UserService) getAdminUserCount() int64 {
 	global.DB.Model(&model.User{}).Where("is_admin = ?", true).Count(&count)
 	return count
 }
+
+func (us *UserService) RefreshAccessToken(ut *model.UserToken) {
+	ut.ExpiredAt = time.Now().Add(time.Hour * 24 * 7).Unix()
+	global.DB.Model(ut).Update("expired_at", ut.ExpiredAt)
+}
+func (us *UserService) AutoRefreshAccessToken(ut *model.UserToken) {
+	if ut.ExpiredAt-time.Now().Unix() < 86400 {
+		us.RefreshAccessToken(ut)
+	}
+}