paopao-ce/internal/servants/web/broker/user.go

// Copyright 2022 ROC. All rights reserved.
// Use of this source code is governed by a MIT style
// license that can be found in the LICENSE file.

package broker

import (
	"fmt"
	"regexp"
	"strings"
	"time"
	"unicode/utf8"

	"github.com/gin-gonic/gin"
	"github.com/gofrs/uuid"
	"github.com/rocboss/paopao-ce/internal/conf"
	"github.com/rocboss/paopao-ce/internal/core"
	"github.com/rocboss/paopao-ce/pkg/convert"
	"github.com/rocboss/paopao-ce/pkg/errcode"
	"github.com/rocboss/paopao-ce/pkg/util"
	"github.com/sirupsen/logrus"
)

const _MaxCaptchaTimes = 2

type PhoneCaptchaReq struct {
	Phone        string `json:"phone" form:"phone" binding:"required"`
	ImgCaptcha   string `json:"img_captcha" form:"img_captcha" binding:"required"`
	ImgCaptchaID string `json:"img_captcha_id" form:"img_captcha_id" binding:"required"`
}

type UserPhoneBindReq struct {
	Phone   string `json:"phone" form:"phone" binding:"required"`
	Captcha string `json:"captcha" form:"captcha" binding:"required"`
}

type AuthRequest struct {
	Username string `json:"username" form:"username" binding:"required"`
	Password string `json:"password" form:"password" binding:"required"`
}

type RegisterRequest struct {
	Username string `json:"username" form:"username" binding:"required"`
	Password string `json:"password" form:"password" binding:"required"`
}

type ChangePasswordReq struct {
	Password    string `json:"password" form:"password" binding:"required"`
	OldPassword string `json:"old_password" form:"old_password" binding:"required"`
}

type ChangeNicknameReq struct {
	Nickname string `json:"nickname" form:"nickname" binding:"required"`
}

type ChangeAvatarReq struct {
	Avatar string `json:"avatar" form:"avatar" binding:"required"`
}

type ChangeUserStatusReq struct {
	ID     int64 `json:"id" form:"id" binding:"required"`
	Status int   `json:"status" form:"status" binding:"required"`
}

type RequestingFriendReq struct {
	UserId    int64  `json:"user_id" binding:"required"`
	Greetings string `json:"greetings" binding:"required"`
}

type AddFriendReq struct {
	UserId int64 `json:"user_id" binding:"required"`
}

type RejectFriendReq struct {
	UserId int64 `json:"user_id" binding:"required"`
}

type DeleteFriendReq struct {
	UserId int64 `json:"user_id"`
}

type UserProfileResp struct {
	ID       int64  `json:"id"`
	Nickname string `json:"nickname"`
	Username string `json:"username"`
	Status   int    `json:"status"`
	Avatar   string `json:"avatar"`
	IsAdmin  bool   `json:"is_admin"`
	IsFriend bool   `json:"is_friend"`
}

const (
	_LoginErrKey      = "PaoPaoUserLoginErr"
	_MaxLoginErrTimes = 10
)

// DoLogin 用户认证
func DoLogin(ctx *gin.Context, param *AuthRequest) (*core.User, error) {
	user, err := ds.GetUserByUsername(param.Username)
	if err != nil {
		return nil, errcode.UnauthorizedAuthNotExist
	}

	if user.Model != nil && user.ID > 0 {
		if errTimes, err := conf.Redis.Get(ctx, fmt.Sprintf("%s:%d", _LoginErrKey, user.ID)).Result(); err == nil {
			if convert.StrTo(errTimes).MustInt() >= _MaxLoginErrTimes {
				return nil, errcode.TooManyLoginError
			}
		}

		// 对比密码是否正确
		if ValidPassword(user.Password, param.Password, user.Salt) {

			if user.Status == core.UserStatusClosed {
				return nil, errcode.UserHasBeenBanned
			}

			// 清空登录计数
			conf.Redis.Del(ctx, fmt.Sprintf("%s:%d", _LoginErrKey, user.ID))
			return user, nil
		}

		// 登录错误计数
		_, err = conf.Redis.Incr(ctx, fmt.Sprintf("%s:%d", _LoginErrKey, user.ID)).Result()
		if err == nil {
			conf.Redis.Expire(ctx, fmt.Sprintf("%s:%d", _LoginErrKey, user.ID), time.Hour).Result()
		}

		return nil, errcode.UnauthorizedAuthFailed
	}

	return nil, errcode.UnauthorizedAuthNotExist
}

// ValidPassword 检查密码是否一致
func ValidPassword(dbPassword, password, salt string) bool {
	return strings.Compare(dbPassword, util.EncodeMD5(util.EncodeMD5(password)+salt)) == 0
}

// CheckStatus 检测用户权限
func CheckStatus(user *core.User) bool {
	return user.Status == core.UserStatusNormal
}

// ValidUsername 验证用户
func ValidUsername(username string) error {
	// 检测用户是否合规
	if utf8.RuneCountInString(username) < 3 || utf8.RuneCountInString(username) > 12 {
		return errcode.UsernameLengthLimit
	}

	if !regexp.MustCompile(`^[a-zA-Z0-9]+$`).MatchString(username) {
		return errcode.UsernameCharLimit
	}

	// 重复检查
	user, _ := ds.GetUserByUsername(username)

	if user.Model != nil && user.ID > 0 {
		return errcode.UsernameHasExisted
	}

	return nil
}

// CheckPassword 密码检查
func CheckPassword(password string) error {
	// 检测用户是否合规
	if utf8.RuneCountInString(password) < 6 || utf8.RuneCountInString(password) > 16 {
		return errcode.PasswordLengthLimit
	}

	return nil
}

// CheckPhoneCaptcha 验证手机验证码
func CheckPhoneCaptcha(phone, captcha string) *errcode.Error {
	// 如果禁止phone verify 则允许通过任意验证码
	if DisablePhoneVerify {
		return nil
	}

	c, err := ds.GetLatestPhoneCaptcha(phone)
	if err != nil {
		return errcode.ErrorPhoneCaptcha
	}

	if c.Captcha != captcha {
		return errcode.ErrorPhoneCaptcha
	}

	if c.ExpiredOn < time.Now().Unix() {
		return errcode.ErrorPhoneCaptcha
	}

	if c.UseTimes >= _MaxCaptchaTimes {
		return errcode.MaxPhoneCaptchaUseTimes
	}

	// 更新检测次数
	ds.UsePhoneCaptcha(c)

	return nil
}

// CheckPhoneExist 检测手机号是否存在
func CheckPhoneExist(uid int64, phone string) bool {
	u, err := ds.GetUserByPhone(phone)
	if err != nil {
		return false
	}

	if u.Model == nil || u.ID == 0 {
		return false
	}

	if u.ID == uid {
		return false
	}

	return true
}

// EncryptPasswordAndSalt 密码加密&生成salt
func EncryptPasswordAndSalt(password string) (string, string) {
	salt := uuid.Must(uuid.NewV4()).String()[:8]
	password = util.EncodeMD5(util.EncodeMD5(password) + salt)

	return password, salt
}

// Register 用户注册
func Register(username, password string) (*core.User, error) {
	password, salt := EncryptPasswordAndSalt(password)

	user := &core.User{
		Nickname: username,
		Username: username,
		Password: password,
		Avatar:   GetRandomAvatar(),
		Salt:     salt,
		Status:   core.UserStatusNormal,
	}

	user, err := ds.CreateUser(user)
	if err != nil {
		return nil, err
	}

	return user, nil
}

func RequestingFriend(user *core.User, param *RequestingFriendReq) error {
	if _, err := ds.GetUserByID(param.UserId); err != nil {
		return errcode.NotExistFriendId
	}
	return ds.RequestingFriend(user.ID, param.UserId, param.Greetings)
}

func AddFriend(user *core.User, param *AddFriendReq) error {
	if _, err := ds.GetUserByID(param.UserId); err != nil {
		return errcode.NotExistFriendId
	}
	return ds.AddFriend(user.ID, param.UserId)
}

func RejectFriend(user *core.User, param *RejectFriendReq) error {
	if _, err := ds.GetUserByID(param.UserId); err != nil {
		return errcode.NotExistFriendId
	}
	return ds.RejectFriend(user.ID, param.UserId)
}

func DeleteFriend(user *core.User, param *DeleteFriendReq) error {
	if _, err := ds.GetUserByID(param.UserId); err != nil {
		return errcode.NotExistFriendId
	}
	return ds.DeleteFriend(user.ID, param.UserId)
}

func GetContacts(user *core.User, offset int, limit int) (*core.ContactList, error) {
	return ds.GetContacts(user.ID, offset, limit)
}

// GetUserInfo 获取用户信息
func GetUserInfo(param *AuthRequest) (*core.User, error) {
	user, err := ds.GetUserByUsername(param.Username)

	if err != nil {
		return nil, err
	}

	if user.Model != nil && user.ID > 0 {
		return user, nil
	}

	return nil, errcode.UnauthorizedAuthNotExist
}

func GetUserByID(id int64) (*core.User, error) {
	user, err := ds.GetUserByID(id)

	if err != nil {
		return nil, err
	}

	if user.Model != nil && user.ID > 0 {
		return user, nil
	}

	return nil, errcode.NoExistUsername
}

func GetUserByUsername(user *core.User, username string) (*UserProfileResp, error) {
	other, err := ds.GetUserByUsername(username)
	if err != nil {
		return nil, err
	}

	var resp *UserProfileResp
	if other.Model != nil && other.ID > 0 {
		resp = &UserProfileResp{
			ID:       other.ID,
			Nickname: other.Nickname,
			Username: other.Username,
			Status:   other.Status,
			Avatar:   other.Avatar,
			IsAdmin:  other.IsAdmin,
			IsFriend: !(user == nil || user.ID == other.ID),
		}
	} else {
		return nil, errcode.NoExistUsername
	}

	if user != nil && user.ID != other.ID {
		resp.IsFriend = ds.IsFriend(user.ID, other.ID)
	}
	return resp, nil
}

// UpdateUserInfo 更新用户信息
func UpdateUserInfo(user *core.User) *errcode.Error {
	if err := ds.UpdateUser(user); err != nil {
		return errcode.ServerError
	}
	return nil
}

func ChangeUserAvatar(user *core.User, avatar string) (err *errcode.Error) {
	defer func() {
		if err != nil {
			deleteOssObjects([]string{avatar})
		}
	}()

	if err := ds.CheckAttachment(avatar); err != nil {
		return errcode.InvalidParams
	}

	if err := oss.PersistObject(oss.ObjectKey(avatar)); err != nil {
		logrus.Errorf("service.ChangeUserAvatar persist object failed: %s", err)
		return errcode.ServerError
	}

	user.Avatar = avatar
	err = UpdateUserInfo(user)
	return
}

// GetUserCollections 获取用户收藏列表
func GetUserCollections(userID int64, offset, limit int) ([]*core.PostFormated, int64, error) {
	collections, err := ds.GetUserPostCollections(userID, offset, limit)
	if err != nil {
		return nil, 0, err
	}
	totalRows, err := ds.GetUserPostCollectionCount(userID)
	if err != nil {
		return nil, 0, err
	}
	var posts []*core.Post
	for _, collection := range collections {
		posts = append(posts, collection.Post)
	}
	postsFormated, err := ds.MergePosts(posts)
	if err != nil {
		return nil, 0, err
	}

	return postsFormated, totalRows, nil
}

// GetUserStars 获取用户点赞列表
func GetUserStars(userID int64, offset, limit int) ([]*core.PostFormated, int64, error) {
	stars, err := ds.GetUserPostStars(userID, offset, limit)
	if err != nil {
		return nil, 0, err
	}
	totalRows, err := ds.GetUserPostStarCount(userID)
	if err != nil {
		return nil, 0, err
	}

	var posts []*core.Post
	for _, star := range stars {
		posts = append(posts, star.Post)
	}
	postsFormated, err := ds.MergePosts(posts)
	if err != nil {
		return nil, 0, err
	}

	return postsFormated, totalRows, nil
}

// GetUserWalletBills 获取用户账单列表
func GetUserWalletBills(userID int64, offset, limit int) ([]*core.WalletStatement, int64, error) {
	bills, err := ds.GetUserWalletBills(userID, offset, limit)
	if err != nil {
		return nil, 0, err
	}
	totalRows, err := ds.GetUserWalletBillCount(userID)
	if err != nil {
		return nil, 0, err
	}

	return bills, totalRows, nil
}

// SendPhoneCaptcha 发送短信验证码
func SendPhoneCaptcha(ctx *gin.Context, phone string) error {

	err := ds.SendPhoneCaptcha(phone)
	if err != nil {
		return err
	}

	// 写入计数缓存
	conf.Redis.Incr(ctx, "PaoPaoSmsCaptcha:"+phone).Result()

	currentTime := time.Now()
	endTime := time.Date(currentTime.Year(), currentTime.Month(), currentTime.Day(), 23, 59, 59, 0, currentTime.Location())

	conf.Redis.Expire(ctx, "PaoPaoSmsCaptcha:"+phone, endTime.Sub(currentTime))

	return nil
}

// GetSuggestUsers 根据关键词获取用户推荐
func GetSuggestUsers(keyword string) ([]string, error) {
	users, err := ds.GetUsersByKeyword(keyword)
	if err != nil {
		return nil, err
	}

	usernames := []string{}
	for _, user := range users {
		usernames = append(usernames, user.Username)
	}

	return usernames, nil
}

// GetSuggestTags 根据关键词获取标签推荐
func GetSuggestTags(keyword string) ([]string, error) {
	tags, err := ds.GetTagsByKeyword(keyword)
	if err != nil {
		return nil, err
	}

	ts := []string{}
	for _, t := range tags {
		ts = append(ts, t.Tag)
	}

	return ts, nil
}

func IsFriend(userId, friendId int64) bool {
	return ds.IsFriend(userId, friendId)
}

// checkPermision 检查是否拥有者或管理员
func checkPermision(user *core.User, targetUserId int64) *errcode.Error {
	if user == nil || (user.ID != targetUserId && !user.IsAdmin) {
		return errcode.NoPermission
	}
	return nil
}