add
This commit is contained in:
vipg
77
trading_assistant_api/services/user/db/schema.sql
Normal file
77
trading_assistant_api/services/user/db/schema.sql
Normal file
@@ -0,0 +1,77 @@
|
|||||||
|
-- 1. 创建用户基础信息表
|
||||||
|
CREATE TABLE IF NOT EXISTS users (
|
||||||
|
user_id UUID PRIMARY KEY DEFAULT uuidv7(),
|
||||||
|
deleted BOOLEAN NOT NULL DEFAULT false,
|
||||||
|
create_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
update_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP
|
||||||
|
);
|
||||||
|
|
||||||
|
COMMENT ON TABLE users IS '用户基础信息表';
|
||||||
|
COMMENT ON COLUMN users.user_id IS '用户唯一标识,主键,自动生成UUIDv7';
|
||||||
|
COMMENT ON COLUMN users.deleted IS '逻辑删除标识:false-未删除,true-已删除';
|
||||||
|
COMMENT ON COLUMN users.create_time IS '记录创建时间(带时区)';
|
||||||
|
COMMENT ON COLUMN users.update_time IS '记录更新时间(带时区)';
|
||||||
|
|
||||||
|
-- 2. 创建用户登录账户表
|
||||||
|
CREATE TABLE IF NOT EXISTS user_login_accounts (
|
||||||
|
follow_id UUID PRIMARY KEY DEFAULT uuidv7(),
|
||||||
|
user_id UUID NOT NULL,
|
||||||
|
value VARCHAR(100) NOT NULL,
|
||||||
|
deleted BOOLEAN NOT NULL DEFAULT false,
|
||||||
|
create_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
update_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
CONSTRAINT fk_user_login_accounts_user_id FOREIGN KEY (user_id) REFERENCES users(user_id),
|
||||||
|
CONSTRAINT uk_user_login_accounts_value UNIQUE (value, deleted)
|
||||||
|
);
|
||||||
|
|
||||||
|
COMMENT ON TABLE user_login_accounts IS '用户登录账户表(手机号/邮箱/用户名等)';
|
||||||
|
COMMENT ON COLUMN user_login_accounts.follow_id IS '记录唯一标识,主键,自动生成UUIDv7';
|
||||||
|
COMMENT ON COLUMN user_login_accounts.user_id IS '关联用户ID,外键关联users表';
|
||||||
|
COMMENT ON COLUMN user_login_accounts.value IS '登录账户值(手机号/邮箱/用户名)';
|
||||||
|
COMMENT ON COLUMN user_login_accounts.deleted IS '逻辑删除标识:false-未删除,true-已删除';
|
||||||
|
COMMENT ON COLUMN user_login_accounts.create_time IS '记录创建时间(带时区)';
|
||||||
|
COMMENT ON COLUMN user_login_accounts.update_time IS '记录更新时间(带时区)';
|
||||||
|
|
||||||
|
-- 3. 创建用户登录密码表
|
||||||
|
CREATE TABLE IF NOT EXISTS user_login_passwords (
|
||||||
|
follow_id UUID PRIMARY KEY DEFAULT uuidv7(),
|
||||||
|
user_id UUID NOT NULL,
|
||||||
|
value VARCHAR(255) NOT NULL,
|
||||||
|
deleted BOOLEAN NOT NULL DEFAULT false,
|
||||||
|
create_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
update_time TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT CURRENT_TIMESTAMP,
|
||||||
|
CONSTRAINT fk_user_login_passwords_user_id FOREIGN KEY (user_id) REFERENCES users(user_id),
|
||||||
|
CONSTRAINT uk_user_login_passwords_user_id UNIQUE (user_id, deleted)
|
||||||
|
);
|
||||||
|
|
||||||
|
COMMENT ON TABLE user_login_passwords IS '用户登录密码表(存储加密后的密码)';
|
||||||
|
COMMENT ON COLUMN user_login_passwords.follow_id IS '记录唯一标识,主键,自动生成UUIDv7';
|
||||||
|
COMMENT ON COLUMN user_login_passwords.user_id IS '关联用户ID,外键关联users表';
|
||||||
|
COMMENT ON COLUMN user_login_passwords.value IS '加密后的登录密码(建议使用bcrypt/argon2等算法)';
|
||||||
|
COMMENT ON COLUMN user_login_passwords.deleted IS '逻辑删除标识:false-未删除,true-已删除';
|
||||||
|
COMMENT ON COLUMN user_login_passwords.create_time IS '记录创建时间(带时区)';
|
||||||
|
COMMENT ON COLUMN user_login_passwords.update_time IS '记录更新时间(带时区)';
|
||||||
|
|
||||||
|
-- 4. 创建update_time自动更新触发器
|
||||||
|
CREATE OR REPLACE FUNCTION update_timestamp()
|
||||||
|
RETURNS TRIGGER AS $$
|
||||||
|
BEGIN
|
||||||
|
NEW.update_time = CURRENT_TIMESTAMP;
|
||||||
|
RETURN NEW;
|
||||||
|
END;
|
||||||
|
$$ LANGUAGE plpgsql;
|
||||||
|
|
||||||
|
CREATE TRIGGER trigger_users_update_time
|
||||||
|
BEFORE UPDATE ON users
|
||||||
|
FOR EACH ROW
|
||||||
|
EXECUTE FUNCTION update_timestamp();
|
||||||
|
|
||||||
|
CREATE TRIGGER trigger_user_login_accounts_update_time
|
||||||
|
BEFORE UPDATE ON user_login_accounts
|
||||||
|
FOR EACH ROW
|
||||||
|
EXECUTE FUNCTION update_timestamp();
|
||||||
|
|
||||||
|
CREATE TRIGGER trigger_user_login_passwords_update_time
|
||||||
|
BEFORE UPDATE ON user_login_passwords
|
||||||
|
FOR EACH ROW
|
||||||
|
EXECUTE FUNCTION update_timestamp();
|
||||||
@@ -3,5 +3,6 @@ module user
|
|||||||
go 1.25.7
|
go 1.25.7
|
||||||
|
|
||||||
require common v0.0.0
|
require common v0.0.0
|
||||||
|
require golang.org/x/crypto v0.31.0
|
||||||
|
|
||||||
replace common => ../../common
|
replace common => ../../common
|
||||||
|
|||||||
@@ -3,16 +3,26 @@ package main
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
|
"strings"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"os/signal"
|
"os/signal"
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
"database/sql"
|
||||||
|
"common/db"
|
||||||
"common/logger"
|
"common/logger"
|
||||||
"common/utils"
|
"common/utils"
|
||||||
|
"golang.org/x/crypto/bcrypt"
|
||||||
|
"github.com/jackc/pgconn"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var pg *sql.DB
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
port := utils.GetEnv("PORT", "8080")
|
port := utils.GetEnv("PORT", "8080")
|
||||||
srv := &http.Server{
|
srv := &http.Server{
|
||||||
@@ -20,6 +30,17 @@ func main() {
|
|||||||
Handler: routes(),
|
Handler: routes(),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
var err error
|
||||||
|
pg, err = db.InitPostgres()
|
||||||
|
if err != nil {
|
||||||
|
logger.L().Fatalf("postgres init: %v", err)
|
||||||
|
}
|
||||||
|
if utils.GetEnv("MIGRATE_ON_START", "0") == "1" {
|
||||||
|
if err := applySchema("db/schema.sql"); err != nil {
|
||||||
|
logger.L().Fatalf("apply schema: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
logger.L().Printf("user service starting on :%s", port)
|
logger.L().Printf("user service starting on :%s", port)
|
||||||
|
|
||||||
go func() {
|
go func() {
|
||||||
@@ -38,6 +59,7 @@ func main() {
|
|||||||
if err := srv.Shutdown(ctx); err != nil {
|
if err := srv.Shutdown(ctx); err != nil {
|
||||||
logger.L().Printf("server shutdown: %v", err)
|
logger.L().Printf("server shutdown: %v", err)
|
||||||
}
|
}
|
||||||
|
_ = db.ClosePostgres()
|
||||||
logger.L().Printf("user service exited")
|
logger.L().Printf("user service exited")
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -54,5 +76,138 @@ func routes() http.Handler {
|
|||||||
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
||||||
fmt.Fprintf(w, "hello from user-service")
|
fmt.Fprintf(w, "hello from user-service")
|
||||||
})
|
})
|
||||||
|
mux.HandleFunc("/register", registerHandler)
|
||||||
|
mux.HandleFunc("/login", loginHandler)
|
||||||
return mux
|
return mux
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type registerReq struct {
|
||||||
|
Account string `json:"account"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
}
|
||||||
|
type loginReq struct {
|
||||||
|
Account string `json:"account"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
}
|
||||||
|
type loginResp struct {
|
||||||
|
UserID string `json:"user_id"`
|
||||||
|
}
|
||||||
|
|
||||||
|
func registerHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
if r.Method != http.MethodPost {
|
||||||
|
w.WriteHeader(http.StatusMethodNotAllowed)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
var req registerReq
|
||||||
|
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
w.Write([]byte("invalid json"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if !validAccount(req.Account) || !validPassword(req.Password) {
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
w.Write([]byte("invalid account or password"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
hashed, err := bcrypt.GenerateFromPassword([]byte(req.Password), 12)
|
||||||
|
if err != nil {
|
||||||
|
w.WriteHeader(http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
tx, err := pg.Begin()
|
||||||
|
if err != nil {
|
||||||
|
w.WriteHeader(http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
defer func() {
|
||||||
|
_ = tx.Rollback()
|
||||||
|
}()
|
||||||
|
var userID string
|
||||||
|
if err := tx.QueryRow(`INSERT INTO users DEFAULT VALUES RETURNING user_id`).Scan(&userID); err != nil {
|
||||||
|
w.WriteHeader(http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if _, err := tx.Exec(`INSERT INTO user_login_accounts (user_id, value, deleted) VALUES ($1, $2, false)`, userID, req.Account); err != nil {
|
||||||
|
if isUniqueViolation(err) {
|
||||||
|
w.WriteHeader(http.StatusConflict)
|
||||||
|
w.Write([]byte("account exists"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.WriteHeader(http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if _, err := tx.Exec(`INSERT INTO user_login_passwords (user_id, value, deleted) VALUES ($1, $2, false)`, userID, string(hashed)); err != nil {
|
||||||
|
w.WriteHeader(http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if err := tx.Commit(); err != nil {
|
||||||
|
w.WriteHeader(http.StatusInternalServerError)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.WriteHeader(http.StatusCreated)
|
||||||
|
io.WriteString(w, userID)
|
||||||
|
}
|
||||||
|
|
||||||
|
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
|
if r.Method != http.MethodPost {
|
||||||
|
w.WriteHeader(http.StatusMethodNotAllowed)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
var req loginReq
|
||||||
|
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
w.Write([]byte("invalid json"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if !validAccount(req.Account) || !validPassword(req.Password) {
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
w.Write([]byte("invalid account or password"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
var userID string
|
||||||
|
if err := pg.QueryRow(`SELECT user_id FROM user_login_accounts WHERE value = $1 AND deleted = false`, req.Account).Scan(&userID); err != nil {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
var hashed string
|
||||||
|
if err := pg.QueryRow(`SELECT value FROM user_login_passwords WHERE user_id = $1 AND deleted = false`, userID).Scan(&hashed); err != nil {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if bcrypt.CompareHashAndPassword([]byte(hashed), []byte(req.Password)) != nil {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
w.Header().Set("Content-Type", "application/json")
|
||||||
|
w.WriteHeader(http.StatusOK)
|
||||||
|
json.NewEncoder(w).Encode(loginResp{UserID: userID})
|
||||||
|
}
|
||||||
|
|
||||||
|
func validAccount(a string) bool {
|
||||||
|
n := len(a)
|
||||||
|
return n >= 3 && n <= 100
|
||||||
|
}
|
||||||
|
func validPassword(p string) bool {
|
||||||
|
n := len(p)
|
||||||
|
return n >= 8 && n <= 128
|
||||||
|
}
|
||||||
|
|
||||||
|
func isUniqueViolation(err error) bool {
|
||||||
|
var pe *pgconn.PgError
|
||||||
|
if errors.As(err, &pe) {
|
||||||
|
return pe.Code == "23505"
|
||||||
|
}
|
||||||
|
if err != nil && (strings.Contains(err.Error(), "duplicate key") || strings.Contains(err.Error(), "unique constraint")) {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
func applySchema(path string) error {
|
||||||
|
b, err := os.ReadFile(path)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
_, err = pg.Exec(string(b))
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user