add
This commit is contained in:
vipg
77
trading_assistant_api/services/user/db/schema.sql
Normal file
77
trading_assistant_api/services/user/db/schema.sql
Normal file
@@ -0,0 +1,77 @@
|
||||
-- 1. 创建用户基础信息表
|
||||
CREATE TABLE IF NOT EXISTS users (
|
||||
user_id UUID PRIMARY KEY DEFAULT uuidv7(),
|
||||
deleted BOOLEAN NOT NULL DEFAULT false,
|
||||
create_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
update_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP
|
||||
);
|
||||
|
||||
COMMENT ON TABLE users IS '用户基础信息表';
|
||||
COMMENT ON COLUMN users.user_id IS '用户唯一标识,主键,自动生成UUIDv7';
|
||||
COMMENT ON COLUMN users.deleted IS '逻辑删除标识:false-未删除,true-已删除';
|
||||
COMMENT ON COLUMN users.create_time IS '记录创建时间(带时区)';
|
||||
COMMENT ON COLUMN users.update_time IS '记录更新时间(带时区)';
|
||||
|
||||
-- 2. 创建用户登录账户表
|
||||
CREATE TABLE IF NOT EXISTS user_login_accounts (
|
||||
follow_id UUID PRIMARY KEY DEFAULT uuidv7(),
|
||||
user_id UUID NOT NULL,
|
||||
value VARCHAR(100) NOT NULL,
|
||||
deleted BOOLEAN NOT NULL DEFAULT false,
|
||||
create_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
update_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
CONSTRAINT fk_user_login_accounts_user_id FOREIGN KEY (user_id) REFERENCES users(user_id),
|
||||
CONSTRAINT uk_user_login_accounts_value UNIQUE (value, deleted)
|
||||
);
|
||||
|
||||
COMMENT ON TABLE user_login_accounts IS '用户登录账户表(手机号/邮箱/用户名等)';
|
||||
COMMENT ON COLUMN user_login_accounts.follow_id IS '记录唯一标识,主键,自动生成UUIDv7';
|
||||
COMMENT ON COLUMN user_login_accounts.user_id IS '关联用户ID,外键关联users表';
|
||||
COMMENT ON COLUMN user_login_accounts.value IS '登录账户值(手机号/邮箱/用户名)';
|
||||
COMMENT ON COLUMN user_login_accounts.deleted IS '逻辑删除标识:false-未删除,true-已删除';
|
||||
COMMENT ON COLUMN user_login_accounts.create_time IS '记录创建时间(带时区)';
|
||||
COMMENT ON COLUMN user_login_accounts.update_time IS '记录更新时间(带时区)';
|
||||
|
||||
-- 3. 创建用户登录密码表
|
||||
CREATE TABLE IF NOT EXISTS user_login_passwords (
|
||||
follow_id UUID PRIMARY KEY DEFAULT uuidv7(),
|
||||
user_id UUID NOT NULL,
|
||||
value VARCHAR(255) NOT NULL,
|
||||
deleted BOOLEAN NOT NULL DEFAULT false,
|
||||
create_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
update_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||
CONSTRAINT fk_user_login_passwords_user_id FOREIGN KEY (user_id) REFERENCES users(user_id),
|
||||
CONSTRAINT uk_user_login_passwords_user_id UNIQUE (user_id, deleted)
|
||||
);
|
||||
|
||||
COMMENT ON TABLE user_login_passwords IS '用户登录密码表(存储加密后的密码)';
|
||||
COMMENT ON COLUMN user_login_passwords.follow_id IS '记录唯一标识,主键,自动生成UUIDv7';
|
||||
COMMENT ON COLUMN user_login_passwords.user_id IS '关联用户ID,外键关联users表';
|
||||
COMMENT ON COLUMN user_login_passwords.value IS '加密后的登录密码(建议使用bcrypt/argon2等算法)';
|
||||
COMMENT ON COLUMN user_login_passwords.deleted IS '逻辑删除标识:false-未删除,true-已删除';
|
||||
COMMENT ON COLUMN user_login_passwords.create_time IS '记录创建时间(带时区)';
|
||||
COMMENT ON COLUMN user_login_passwords.update_time IS '记录更新时间(带时区)';
|
||||
|
||||
-- 4. 创建update_time自动更新触发器
|
||||
CREATE OR REPLACE FUNCTION update_timestamp()
|
||||
RETURNS TRIGGER AS $$
|
||||
BEGIN
|
||||
NEW.update_time = CURRENT_TIMESTAMP;
|
||||
RETURN NEW;
|
||||
END;
|
||||
$$ LANGUAGE plpgsql;
|
||||
|
||||
CREATE TRIGGER trigger_users_update_time
|
||||
BEFORE UPDATE ON users
|
||||
FOR EACH ROW
|
||||
EXECUTE FUNCTION update_timestamp();
|
||||
|
||||
CREATE TRIGGER trigger_user_login_accounts_update_time
|
||||
BEFORE UPDATE ON user_login_accounts
|
||||
FOR EACH ROW
|
||||
EXECUTE FUNCTION update_timestamp();
|
||||
|
||||
CREATE TRIGGER trigger_user_login_passwords_update_time
|
||||
BEFORE UPDATE ON user_login_passwords
|
||||
FOR EACH ROW
|
||||
EXECUTE FUNCTION update_timestamp();
|
||||
@@ -3,5 +3,6 @@ module user
|
||||
go 1.25.7
|
||||
|
||||
require common v0.0.0
|
||||
require golang.org/x/crypto v0.31.0
|
||||
|
||||
replace common => ../../common
|
||||
|
||||
@@ -3,16 +3,26 @@ package main
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"strings"
|
||||
"net/http"
|
||||
"os"
|
||||
"os/signal"
|
||||
"syscall"
|
||||
"time"
|
||||
|
||||
"database/sql"
|
||||
"common/db"
|
||||
"common/logger"
|
||||
"common/utils"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
"github.com/jackc/pgconn"
|
||||
)
|
||||
|
||||
var pg *sql.DB
|
||||
|
||||
func main() {
|
||||
port := utils.GetEnv("PORT", "8080")
|
||||
srv := &http.Server{
|
||||
@@ -20,6 +30,17 @@ func main() {
|
||||
Handler: routes(),
|
||||
}
|
||||
|
||||
var err error
|
||||
pg, err = db.InitPostgres()
|
||||
if err != nil {
|
||||
logger.L().Fatalf("postgres init: %v", err)
|
||||
}
|
||||
if utils.GetEnv("MIGRATE_ON_START", "0") == "1" {
|
||||
if err := applySchema("db/schema.sql"); err != nil {
|
||||
logger.L().Fatalf("apply schema: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
logger.L().Printf("user service starting on :%s", port)
|
||||
|
||||
go func() {
|
||||
@@ -38,6 +59,7 @@ func main() {
|
||||
if err := srv.Shutdown(ctx); err != nil {
|
||||
logger.L().Printf("server shutdown: %v", err)
|
||||
}
|
||||
_ = db.ClosePostgres()
|
||||
logger.L().Printf("user service exited")
|
||||
}
|
||||
|
||||
@@ -54,5 +76,138 @@ func routes() http.Handler {
|
||||
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||
fmt.Fprintf(w, "hello from user-service")
|
||||
})
|
||||
mux.HandleFunc("/register", registerHandler)
|
||||
mux.HandleFunc("/login", loginHandler)
|
||||
return mux
|
||||
}
|
||||
|
||||
type registerReq struct {
|
||||
Account string `json:"account"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
type loginReq struct {
|
||||
Account string `json:"account"`
|
||||
Password string `json:"password"`
|
||||
}
|
||||
type loginResp struct {
|
||||
UserID string `json:"user_id"`
|
||||
}
|
||||
|
||||
func registerHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != http.MethodPost {
|
||||
w.WriteHeader(http.StatusMethodNotAllowed)
|
||||
return
|
||||
}
|
||||
var req registerReq
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
w.Write([]byte("invalid json"))
|
||||
return
|
||||
}
|
||||
if !validAccount(req.Account) || !validPassword(req.Password) {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
w.Write([]byte("invalid account or password"))
|
||||
return
|
||||
}
|
||||
hashed, err := bcrypt.GenerateFromPassword([]byte(req.Password), 12)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
tx, err := pg.Begin()
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
defer func() {
|
||||
_ = tx.Rollback()
|
||||
}()
|
||||
var userID string
|
||||
if err := tx.QueryRow(`INSERT INTO users DEFAULT VALUES RETURNING user_id`).Scan(&userID); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if _, err := tx.Exec(`INSERT INTO user_login_accounts (user_id, value, deleted) VALUES ($1, $2, false)`, userID, req.Account); err != nil {
|
||||
if isUniqueViolation(err) {
|
||||
w.WriteHeader(http.StatusConflict)
|
||||
w.Write([]byte("account exists"))
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if _, err := tx.Exec(`INSERT INTO user_login_passwords (user_id, value, deleted) VALUES ($1, $2, false)`, userID, string(hashed)); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if err := tx.Commit(); err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusCreated)
|
||||
io.WriteString(w, userID)
|
||||
}
|
||||
|
||||
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
if r.Method != http.MethodPost {
|
||||
w.WriteHeader(http.StatusMethodNotAllowed)
|
||||
return
|
||||
}
|
||||
var req loginReq
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
w.Write([]byte("invalid json"))
|
||||
return
|
||||
}
|
||||
if !validAccount(req.Account) || !validPassword(req.Password) {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
w.Write([]byte("invalid account or password"))
|
||||
return
|
||||
}
|
||||
var userID string
|
||||
if err := pg.QueryRow(`SELECT user_id FROM user_login_accounts WHERE value = $1 AND deleted = false`, req.Account).Scan(&userID); err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
var hashed string
|
||||
if err := pg.QueryRow(`SELECT value FROM user_login_passwords WHERE user_id = $1 AND deleted = false`, userID).Scan(&hashed); err != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
if bcrypt.CompareHashAndPassword([]byte(hashed), []byte(req.Password)) != nil {
|
||||
w.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
w.WriteHeader(http.StatusOK)
|
||||
json.NewEncoder(w).Encode(loginResp{UserID: userID})
|
||||
}
|
||||
|
||||
func validAccount(a string) bool {
|
||||
n := len(a)
|
||||
return n >= 3 && n <= 100
|
||||
}
|
||||
func validPassword(p string) bool {
|
||||
n := len(p)
|
||||
return n >= 8 && n <= 128
|
||||
}
|
||||
|
||||
func isUniqueViolation(err error) bool {
|
||||
var pe *pgconn.PgError
|
||||
if errors.As(err, &pe) {
|
||||
return pe.Code == "23505"
|
||||
}
|
||||
if err != nil && (strings.Contains(err.Error(), "duplicate key") || strings.Contains(err.Error(), "unique constraint")) {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func applySchema(path string) error {
|
||||
b, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = pg.Exec(string(b))
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user