98 lines
3.4 KiB
Rust
98 lines
3.4 KiB
Rust
use axum::{
|
|
Json,
|
|
extract::{Extension, State},
|
|
http::{HeaderMap, StatusCode},
|
|
response::IntoResponse,
|
|
};
|
|
use module_auth::{PasswordEntryError, PasswordEntryInput};
|
|
use serde_json::json;
|
|
use shared_contracts::auth::{PasswordEntryRequest, PasswordEntryResponse};
|
|
|
|
use crate::{
|
|
api_response::json_success_body,
|
|
auth_payload::map_auth_user_payload,
|
|
auth_session::{
|
|
attach_set_cookie_header, build_refresh_session_cookie_header, create_password_auth_session,
|
|
},
|
|
http_error::AppError,
|
|
request_context::RequestContext,
|
|
session_client::resolve_session_client_context,
|
|
state::AppState,
|
|
};
|
|
|
|
pub async fn password_entry(
|
|
State(state): State<AppState>,
|
|
Extension(request_context): Extension<RequestContext>,
|
|
headers: HeaderMap,
|
|
Json(payload): Json<PasswordEntryRequest>,
|
|
) -> Result<impl IntoResponse, AppError> {
|
|
let input = PasswordEntryInput {
|
|
phone_number: payload.phone,
|
|
password: payload.password,
|
|
};
|
|
let result = if state.config.dev_password_entry_auto_register_enabled {
|
|
state
|
|
.password_entry_service()
|
|
.execute_with_dev_registration(input)
|
|
.await
|
|
} else {
|
|
state.password_entry_service().execute(input).await
|
|
}
|
|
.map_err(map_password_entry_error)?;
|
|
let session_client = resolve_session_client_context(&headers);
|
|
let signed_session = create_password_auth_session(&state, &result.user, &session_client)?;
|
|
state
|
|
.sync_auth_store_snapshot_to_spacetime()
|
|
.await
|
|
.map_err(|error| {
|
|
AppError::from_status(StatusCode::INTERNAL_SERVER_ERROR)
|
|
.with_message(format!("同步认证快照失败:{error}"))
|
|
})?;
|
|
|
|
let mut headers = HeaderMap::new();
|
|
attach_set_cookie_header(
|
|
&mut headers,
|
|
build_refresh_session_cookie_header(&state, &signed_session.refresh_token)?,
|
|
);
|
|
|
|
Ok((
|
|
headers,
|
|
json_success_body(
|
|
Some(&request_context),
|
|
PasswordEntryResponse {
|
|
token: signed_session.access_token,
|
|
user: map_auth_user_payload(result.user),
|
|
},
|
|
),
|
|
))
|
|
}
|
|
|
|
fn map_password_entry_error(error: PasswordEntryError) -> AppError {
|
|
match error {
|
|
PasswordEntryError::InvalidPhoneNumber => AppError::from_status(StatusCode::BAD_REQUEST)
|
|
.with_message("手机号格式不正确")
|
|
.with_details(json!({
|
|
"field": "phone",
|
|
})),
|
|
PasswordEntryError::InvalidPasswordLength => AppError::from_status(StatusCode::BAD_REQUEST)
|
|
.with_message("密码长度需要在 6 到 128 位之间")
|
|
.with_details(json!({
|
|
"field": "password",
|
|
})),
|
|
PasswordEntryError::InvalidPublicUserCode => AppError::from_status(StatusCode::BAD_REQUEST)
|
|
.with_message("叙世号格式不正确")
|
|
.with_details(json!({
|
|
"field": "phone",
|
|
})),
|
|
PasswordEntryError::InvalidCredentials => {
|
|
AppError::from_status(StatusCode::UNAUTHORIZED).with_message("手机号或密码错误")
|
|
}
|
|
PasswordEntryError::UserNotFound => {
|
|
AppError::from_status(StatusCode::UNAUTHORIZED).with_message("手机号或密码错误")
|
|
}
|
|
PasswordEntryError::Store(_) | PasswordEntryError::PasswordHash(_) => {
|
|
AppError::from_status(StatusCode::INTERNAL_SERVER_ERROR).with_message(error.to_string())
|
|
}
|
|
}
|
|
}
|