55 changed files with 1 additions and 11904 deletions
--- a/.gitignore
+++ b/.gitignore
@ -271,6 +271,4 @@ Sessionx.vim
 tags
 # Persistent undo
 [._]*.un~
-oa.db
+
 static
 OneAuth
--- a/api/api.go
+++ b/api/api.go
@ -1,22 +0,0 @@
 package api
 import (
 	"OneAuth/api/app"
 	"OneAuth/api/user"
 	"OneAuth/api/wx"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/core"
 )
 func Router(r OneBD.Router) {
 	r.SetNotFoundFunc(func(m core.Meta) {
 		m.Write([]byte("{\"status\": 0}"))
 	})
 	r.SetInternalErrorFunc(func(m core.Meta) {
 		m.Write([]byte("{\"status\": 0}"))
 	})
 	user.Router(r.SubRouter("/auth/user"))
 	wx.Router(r.SubRouter("wx"))
 	app.Router(r.SubRouter("app"))
 	//message.Router(r.SubRouter("/message"))
 }
--- a/api/app/app.go
+++ b/api/app/app.go
@ -1,39 +0,0 @@
 package app
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/base"
 	"OneAuth/libs/oerr"
 	"OneAuth/models"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 )
 func Router(r OneBD.Router) {
 	r.Set("/:id", appHandlerP, rfc.MethodGet)
 }
 var appHandlerP = OneBD.NewHandlerPool(func() OneBD.Handler {
 	h := &appHandler{}
 	h.Ignore(rfc.MethodGet)
 	return h
 })
 type appHandler struct {
 	base.ApiHandler
 	query *models.App
 }
 func (h *appHandler) Get() (interface{}, error) {
 	id := h.Meta().Params("id")
 	if id == "" {
 		return nil, oerr.ApiArgsMissing
 	}
 	h.query = &models.App{}
 	h.query.UUID = id
 	err := cfg.DB().Where(h.query).Preload("Wx").First(h.query).Error
 	if err != nil {
 		return nil, err
 	}
 	return h.query, nil
 }
--- a/api/role/auth.go
+++ b/api/role/auth.go
@ -1,22 +0,0 @@
 package role
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/base"
 	"OneAuth/models"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/core"
 )
 var authP = OneBD.NewHandlerPool(func() core.Handler {
 	return &authHandler{}
 })
 type authHandler struct {
 	base.ApiHandler
 }
 func (h *authHandler) Get() (interface{}, error) {
 	l := make([]*models.Auth, 0, 10)
 	return &l, cfg.DB().Find(&l).Error
 }
--- a/api/role/role.go
+++ b/api/role/role.go
@ -1,138 +0,0 @@
 package role
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/base"
 	"OneAuth/libs/oerr"
 	"OneAuth/models"
 	"errors"
 	"github.com/veypi/OneBD"
 	"gorm.io/gorm"
 )
 var roleP = OneBD.NewHandlerPool(func() OneBD.Handler {
 	return &roleHandler{}
 })
 type roleHandler struct {
 	base.ApiHandler
 }
 func (h *roleHandler) Get() (interface{}, error) {
 	id := h.Meta().ParamsInt("id")
 	aid := h.Meta().ParamsInt("aid")
 	act := h.Meta().Params("action")
 	if id > 0 {
 		role := &models.Role{}
 		role.ID = uint(id)
 		err := cfg.DB().Preload("Auths").Preload("Users").First(role).Error
 		if err != nil {
 			return nil, err
 		}
 		if aid <= 0 {
 			return role, nil
 		}
 		if !h.CheckAuth("admin", "").CanDoAny() {
 			return nil, oerr.NoAuth
 		}
 		at := &models.RoleAuth{}
 		at.RoleID = role.ID
 		at.AuthID = uint(aid)
 		defer models.SyncGlobalRoles()
 		if act == "bind" {
 			err = cfg.DB().Where(at).FirstOrCreate(at).Error
 		} else if act == "unbind" {
 			err = cfg.DB().Where(at).Delete(at).Error
 		}
 		return role, nil
 	}
 	roles := make([]*models.Role, 0, 10)
 	err := cfg.DB().Preload("Auths").Preload("Users").Find(&roles).Error
 	return roles, err
 }
 func (h *roleHandler) Post() (interface{}, error) {
 	if !h.CheckAuth("role", "").CanCreate() {
 		return nil, oerr.NoAuth
 	}
 	role := &models.Role{}
 	err := h.Meta().ReadJson(role)
 	if err != nil {
 		return nil, err
 	}
 	role.ID = 0
 	if role.Category == 0 || role.Name == "" {
 		return nil, oerr.ApiArgsMissing
 	}
 	defer models.SyncGlobalRoles()
 	return role, cfg.DB().Where(role).FirstOrCreate(role).Error
 }
 func (h *roleHandler) Patch() (interface{}, error) {
 	if !h.CheckAuth("role", "").CanUpdate() {
 		return nil, oerr.NoAuth
 	}
 	query := &struct {
 		Name *string `json:"name"`
 		// 角色标签
 		Tag      *string `json:"tag" gorm:"default:''"`
 		IsUnique *bool   `json:"is_unique" gorm:"default:false"`
 	}{}
 	err := h.Meta().ReadJson(query)
 	if err != nil {
 		return nil, err
 	}
 	rid := h.Meta().ParamsInt("id")
 	if rid <= 0 {
 		return nil, oerr.ApiArgsError
 	}
 	role := &models.Role{}
 	role.ID = uint(rid)
 	err = cfg.DB().Preload("Users").Where(role).First(role).Error
 	if err != nil {
 		return nil, err
 	}
 	return nil, cfg.DB().Transaction(func(tx *gorm.DB) error {
 		var err error
 		if query.Tag != nil && *query.Tag != role.Tag {
 			err = tx.Model(role).Update("tag", *query.Tag).Error
 			if err != nil {
 				return err
 			}
 		}
 		if query.Name != nil && *query.Name != role.Name {
 			err = tx.Model(role).Update("name", *query.Name).Error
 			if err != nil {
 				return err
 			}
 		}
 		if query.IsUnique != nil && *query.IsUnique != role.IsUnique {
 			if *query.IsUnique && len(role.Users) > 1 {
 				return errors.New("该角色绑定用户已超过1个，请解绑后在修改")
 			}
 			err = tx.Table("roles").Where("id = ?", role.ID).Update("is_unique", *query.IsUnique).Error
 			if err != nil {
 				return err
 			}
 		}
 		return err
 	})
 }
 func (h *roleHandler) Delete() (interface{}, error) {
 	if !h.CheckAuth("role").CanDelete() {
 		return nil, oerr.NoAuth
 	}
 	rid := h.Meta().ParamsInt("id")
 	if rid <= 2 {
 		return nil, oerr.NoAuth
 	}
 	role := &models.Role{}
 	role.ID = uint(rid)
 	err := cfg.DB().Where(role).First(role).Error
 	if err != nil {
 		return nil, err
 	}
 	defer models.SyncGlobalRoles()
 	return nil, cfg.DB().Delete(role).Error
 }
--- a/api/role/router.go
+++ b/api/role/router.go
@ -1,13 +0,0 @@
 package role
 import (
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 )
 func Router(r OneBD.Router) {
 	r.Set("/role/", roleP, rfc.MethodGet, rfc.MethodPost)
 	r.Set("/role/:id", roleP, rfc.MethodGet, rfc.MethodDelete, rfc.MethodPatch)
 	r.Set("/role/:id/:action/:aid", roleP, rfc.MethodGet)
 	r.Set("/auth/", authP, rfc.MethodGet)
 }
--- a/api/user/user.go
+++ b/api/user/user.go
@ -1,242 +0,0 @@
 package user
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/base"
 	"OneAuth/libs/oerr"
 	"OneAuth/models"
 	//"OneAuth/ws"
 	"encoding/base64"
 	"fmt"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 	"github.com/veypi/utils/log"
 	"gorm.io/gorm"
 	"math/rand"
 	"strconv"
 	"time"
 )
 func Router(r OneBD.Router) {
 	pool := OneBD.NewHandlerPool(func() OneBD.Handler {
 		h := &handler{}
 		h.Ignore(rfc.MethodHead)
 		return h
 	})
 	r.Set("/", pool, rfc.MethodGet, rfc.MethodPost) // list
 	r.Set("/:user_id", pool, rfc.MethodGet, rfc.MethodPatch, rfc.MethodHead, rfc.MethodDelete)
 	r.Set("/:user_id/role/", userRoleP, rfc.MethodPost)
 	r.Set("/:user_id/role/:role_id", userRoleP, rfc.MethodDelete)
 	//r.WS("/ws", func(m OneBD.Meta) (conn OneBD.WebsocketConn, err error) {
 	//return ws.User.Upgrade(m.ResponseWriter(), m.Request())
 	//})
 }
 type handler struct {
 	base.ApiHandler
 	User *models.User
 }
 // Get get user data
 func (h *handler) Get() (interface{}, error) {
 	username := h.Meta().Query("username")
 	if username != "" {
 		users := make([]*models.User, 0, 10)
 		err := cfg.DB().Preload("Scores").Preload("Roles.Auths").Where("username LIKE ? OR nickname LIKE ?", "%"+username+"%", "%"+username+"%").Find(&users).Error
 		if err != nil {
 			return nil, err
 		}
 		return users, nil
 	}
 	userID := h.Meta().ParamsInt("user_id")
 	if userID != 0 {
 		user := &models.User{}
 		user.ID = uint(userID)
 		return user, cfg.DB().Where(user).Preload("Scores").Preload("Roles.Auths").Preload("Favorites").First(user).Error
 	} else {
 		users := make([]models.User, 10)
 		skip, err := strconv.Atoi(h.Meta().Query("skip"))
 		if err != nil || skip < 0 {
 			skip = 0
 		}
 		if err := cfg.DB().Preload("Scores").Preload("Roles.Auths").Offset(skip).Find(&users).Error; err != nil {
 			return nil, err
 		}
 		return users, nil
 	}
 }
 // Post register user
 func (h *handler) Post() (interface{}, error) {
 	if !h.CheckAuth("user").CanCreate() {
 		return nil, oerr.NoAuth
 	}
 	var userdata = struct {
 		Username string `json:"username"`
 		Password string `json:"password"`
 		Nickname string `json:"nickname"`
 		Phone    string `json:"phone"`
 		Email    string `json:"email"`
 		Domain   string `json:"domain"`
 		Title    string `json:"title"`
 		Position string `json:"position"`
 	}{}
 	if err := h.Meta().ReadJson(&userdata); err != nil {
 		return nil, err
 	}
 	pass, err := base64.StdEncoding.DecodeString(userdata.Password)
 	if err != nil {
 		return nil, err
 	}
 	if len(pass) > 32 || len(pass) < 6 {
 		return nil, oerr.PassError
 	}
 	r := rand.New(rand.NewSource(time.Now().UnixNano()))
 	h.User = new(models.User)
 	h.User.Icon = fmt.Sprintf("/media/icon/default/%04d.jpg", r.Intn(230))
 	h.User.Nickname = userdata.Nickname
 	h.User.Phone = userdata.Phone
 	h.User.Username = userdata.Username
 	h.User.Email = userdata.Email
 	h.User.Position = userdata.Position
 	if err := h.User.UpdateAuth(string(pass)); err != nil {
 		log.HandlerErrs(err)
 		return nil, oerr.ResourceCreatedFailed
 	}
 	tx := cfg.DB().Begin()
 	if err := tx.Create(&h.User).Error; err != nil {
 		tx.Rollback()
 		return nil, oerr.ResourceDuplicated
 	}
 	tx.Commit()
 	return h.User, nil
 }
 // Patch update user data
 func (h *handler) Patch() (interface{}, error) {
 	uid := h.Meta().Params("user_id")
 	opts := struct {
 		Password string `json:"password"`
 		Nickname string `json:"nickname"`
 		Phone    string `json:"phone" gorm:"type:varchar(20);unique;default:null" json:",omitempty"`
 		Email    string `json:"email" gorm:"type:varchar(50);unique;default:null" json:",omitempty"`
 		Status   string `json:"status"`
 		Position string `json:"position"`
 	}{}
 	if err := h.Meta().ReadJson(&opts); err != nil {
 		return nil, err
 	}
 	target := models.User{}
 	if tempID, err := strconv.Atoi(uid); err != nil || tempID <= 0 {
 		return nil, oerr.ApiArgsError.Attach(err)
 	} else {
 		target.ID = uint(tempID)
 	}
 	tx := cfg.DB().Begin()
 	if err := cfg.DB().Where(&target).First(&target).Error; err != nil {
 		return nil, err
 	}
 	if target.ID != h.Payload.ID && !h.CheckAuth("admin").CanDoAny() {
 		return nil, oerr.NoAuth
 	}
 	if len(opts.Password) >= 6 {
 		if err := target.UpdateAuth(opts.Password); err != nil {
 			log.HandlerErrs(err)
 			return nil, oerr.ApiArgsError.AttachStr(err.Error())
 		}
 	}
 	if opts.Nickname != "" {
 		target.Nickname = opts.Nickname
 	}
 	if opts.Position != "" {
 		target.Position = opts.Position
 	}
 	if opts.Phone != "" {
 		target.Phone = opts.Phone
 	}
 	if opts.Email != "" {
 		target.Email = opts.Email
 	}
 	if opts.Status != "" {
 		target.Status = opts.Status
 	}
 	if err := tx.Updates(&target).Error; err != nil {
 		tx.Rollback()
 		return nil, err
 	}
 	tx.Commit()
 	return nil, nil
 }
 // Delete delete user
 func (h *handler) Delete() (interface{}, error) {
 	// TODO::
 	return nil, nil
 }
 // Head user login
 func (h *handler) Head() (interface{}, error) {
 	uid := h.Meta().Params("user_id")
 	pass, err := base64.StdEncoding.DecodeString(h.Meta().Query("password"))
 	if err != nil {
 		return nil, oerr.ApiArgsError.Attach(err)
 	}
 	password := string(pass)
 	if len(uid) == 0 || len(password) == 0 {
 		return nil, oerr.ApiArgsError
 	}
 	h.User = new(models.User)
 	uidType := h.Meta().Query("uid_type")
 	switch uidType {
 	case "username":
 		h.User.Username = uid
 	case "phone":
 		h.User.Phone = uid
 	case "email":
 		h.User.Email = uid
 	default:
 		h.User.Username = uid
 	}
 	if err := cfg.DB().Preload("Roles").Where(h.User).First(h.User).Error; err != nil {
 		if err.Error() == gorm.ErrRecordNotFound.Error() {
 			// admin 登录自动注册
 			if h.User.Username == "admin" {
 				r := rand.New(rand.NewSource(time.Now().UnixNano()))
 				h.User.Icon = fmt.Sprintf("/media/icon/default/%04d.jpg", r.Intn(230))
 				err = h.User.UpdateAuth(password)
 				if err != nil {
 					return nil, err
 				}
 				role := &models.Role{}
 				role.ID = 1
 				h.User.Roles = []*models.Role{role}
 				err = cfg.DB().Create(h.User).Error
 				if err != nil {
 					return nil, err
 				}
 			} else {
 				return nil, oerr.AccountNotExist
 			}
 		} else {
 			log.HandlerErrs(err)
 			return nil, err
 		}
 	}
 	isAuth, err := h.User.CheckLogin(password)
 	if err != nil || !isAuth {
 		return nil, oerr.PassError.Attach(err)
 	}
 	if h.User.Status == "disabled" {
 		return nil, oerr.DisableLogin
 	}
 	token, err := h.User.GetToken(cfg.CFG.Key)
 	if err != nil {
 		log.HandlerErrs(err)
 		return nil, oerr.Unknown.Attach(err)
 	}
 	h.Meta().SetHeader("auth_token", token)
 	log.Info().Msg(h.User.Username + " login")
 	return nil, nil
 }
--- a/api/user/user_role.go
+++ b/api/user/user_role.go
@ -1,86 +0,0 @@
 package user
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/base"
 	"OneAuth/libs/oerr"
 	"OneAuth/models"
 	"errors"
 	"github.com/veypi/OneBD"
 	"gorm.io/gorm"
 )
 var userRoleP = OneBD.NewHandlerPool(func() OneBD.Handler {
 	return &userRoleHandler{}
 })
 type userRoleHandler struct {
 	base.ApiHandler
 }
 func (h *userRoleHandler) Post() (interface{}, error) {
 	if !h.CheckAuth("role").CanCreate() {
 		return nil, oerr.NoAuth
 	}
 	uid := h.Meta().ParamsInt("user_id")
 	if uid <= 0 {
 		return nil, oerr.ApiArgsMissing
 	}
 	query := &models.Role{}
 	err := h.Meta().ReadJson(query)
 	if err != nil {
 		return nil, err
 	}
 	if query.ID != 0 {
 		err = cfg.DB().First(query, query.ID).Error
 	} else if query.Name != "" {
 		err = cfg.DB().Where(map[string]interface{}{
 			"name":     query.Name,
 			"category": query.Category,
 			"tag":      query.Tag,
 		}).First(query).Error
 		if errors.Is(err, gorm.ErrRecordNotFound) {
 			err = cfg.DB().Create(query).Error
 		}
 	} else {
 		return nil, oerr.ApiArgsMissing
 	}
 	if err != nil {
 		return nil, err
 	}
 	if query.IsUnique {
 	}
 	link := &models.UserRole{}
 	link.UserID = uint(uid)
 	link.RoleID = query.ID
 	err = cfg.DB().Transaction(func(tx *gorm.DB) (err error) {
 		if query.IsUnique {
 			err = tx.Where("role_id = ?", query.ID).Delete(models.UserRole{}).Error
 			if err != nil {
 				return err
 			}
 		}
 		return tx.Where(link).FirstOrCreate(link).Error
 	})
 	return link, err
 }
 func (h *userRoleHandler) Delete() (interface{}, error) {
 	if !h.CheckAuth("role").CanDelete() {
 		return nil, oerr.NoAuth
 	}
 	uid := h.Meta().ParamsInt("user_id")
 	id := h.Meta().ParamsInt("role_id")
 	if uid <= 0 || id <= 0 {
 		return nil, oerr.ApiArgsMissing
 	}
 	link := &models.UserRole{}
 	link.UserID = uint(uid)
 	link.RoleID = uint(id)
 	err := cfg.DB().Where(link).First(link).Error
 	if err != nil {
 		return nil, err
 	}
 	return nil, cfg.DB().Delete(link).Error
 }
--- a/api/wx/login.go
+++ b/api/wx/login.go
@ -1,160 +0,0 @@
 package wx
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/tools"
 	"OneAuth/models"
 	"errors"
 	"fmt"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 	"github.com/veypi/utils"
 	"github.com/veypi/utils/log"
 	"net/url"
 	"strings"
 	"time"
 )
 var tokens = map[uint]string{
 	1: "",
 }
 func login(m OneBD.Meta) {
 	var loc = ""
 	defer func() {
 		m.Header().Set("Location", loc)
 		log.Warn().Msg(loc)
 		m.WriteHeader(rfc.StatusPermanentRedirect)
 	}()
 	app := &models.App{
 		UUID: m.Params("id"),
 	}
 	err := cfg.DB().Preload("Wx").Where(app).First(app).Error
 	loc = fmt.Sprintf("/#/wx?uuid=%s&msg=", app.UUID)
 	if err != nil {
 		loc += err.Error()
 		return
 	}
 	if app.Wx == nil {
 		loc += "微信登录未绑定"
 		return
 	}
 	if tokens[app.Wx.ID] == "" {
 		tokens[app.Wx.ID], err = requestCorpToken(app.Wx.CorpID, app.Wx.CorpSecret)
 		if err != nil {
 			log.Warn().Msg("get corp token failed: " + err.Error())
 			loc += err.Error()
 			return
 		}
 	}
 	user, err := getUserID(tokens[app.Wx.ID], m.Query("code"))
 	if err != nil {
 		if strings.Contains(err.Error(), "access_token expired") {
 			tokens[app.Wx.ID], err = requestCorpToken(app.Wx.CorpID, app.Wx.CorpSecret)
 			if err != nil {
 				log.Warn().Msg("refresh corp token failed: " + err.Error())
 				loc += err.Error()
 				return
 			}
 			user, err = getUserID(tokens[app.Wx.ID], m.Query("code"))
 			if err != nil {
 				log.Warn().Msg("get user token failed: " + err.Error())
 				loc += err.Error()
 				return
 			}
 		} else {
 			log.Warn().Msg("get user token failed: " + err.Error())
 			loc += err.Error()
 			return
 		}
 	}
 	info, err := getUserInfo(tokens[app.Wx.ID], user)
 	if err != nil {
 		log.Warn().Msg("get user info failed: " + err.Error())
 		loc += err.Error()
 		return
 	}
 	log.Warn().Msgf("\ncode= %s\nstate= %s\nu = %s\n%v",
 		m.Query("code"), m.Query("state"), user, info)
 	pass, err := utils.AesEncrypt(fmt.Sprintf("%s.%d", user, time.Now().Unix()), []byte(app.UUID))
 	if err != nil {
 		loc += err.Error()
 		return
 	}
 	log.Warn().Msgf("pass: %s", pass)
 	v := url.Values{}
 	v.Add("wid", pass)
 	u, err := url.Parse(app.Host)
 	u.RawQuery = v.Encode()
 	if err != nil {
 		loc += err.Error()
 		return
 	}
 	loc = u.String()
 }
 func requestCorpToken(corpid, corpsecret string) (string, error) {
 	addr := "https://qyapi.weixin.qq.com/cgi-bin/gettoken"
 	query := map[string]string{
 		"corpid":     corpid,
 		"corpsecret": corpsecret,
 	}
 	res := &struct {
 		Errmsg      string `json:"errmsg"`
 		Errcode     *uint  `json:"errcode"`
 		AccessToken string `json:"access_token"`
 	}{}
 	err := tools.Query(addr, query, res)
 	if err != nil {
 		return "", errors.New("request token response json parse err :" + err.Error())
 	}
 	if res.Errcode != nil && *res.Errcode == 0 {
 		return res.AccessToken, nil
 	} else {
 		//返回错误信息
 		err = errors.New(fmt.Sprintf("%d:%s", res.Errcode, res.Errmsg))
 		return "", err
 	}
 }
 func getUserID(token, code string) (string, error) {
 	addr := "https://qyapi.weixin.qq.com/cgi-bin/user/getuserinfo"
 	res := &struct {
 		Errmsg   string `json:"errmsg"`
 		Errcode  *uint  `json:"errcode"`
 		UserId   string `json:"UserId"`
 		DeviceId string `json:"device_id"`
 	}{}
 	query := map[string]string{
 		"access_token": token,
 		"code":         code,
 	}
 	err := tools.Query(addr, query, res)
 	if err != nil {
 		return "", err
 	}
 	if res.Errcode != nil && *res.Errcode == 0 {
 		return res.UserId, nil
 	}
 	return "", errors.New(fmt.Sprintf("%d:%s", res.Errcode, res.Errmsg))
 }
 func getUserInfo(token, id string) (interface{}, error) {
 	addr := "https://qyapi.weixin.qq.com/cgi-bin/user/get"
 	res := map[string]interface{}{}
 	query := map[string]string{
 		"access_token": token,
 		"userid":       id,
 	}
 	err := tools.Query(addr, query, &res)
 	if err != nil {
 		return "", err
 	}
 	errcode := int(res["errcode"].(float64))
 	errmsg := res["errmsg"].(string)
 	if errcode == 0 {
 		log.Warn().Msgf("%v", res)
 		return res, nil
 	}
 	return "", errors.New(fmt.Sprintf("%d:%s", errcode, errmsg))
 }
--- a/api/wx/router.go
+++ b/api/wx/router.go
@ -1,10 +0,0 @@
 package wx
 import (
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 )
 func Router(r OneBD.Router) {
 	r.Set("/login/:id", login, rfc.MethodGet)
 }
--- a/cfg/cfg.go
+++ b/cfg/cfg.go
@ -1,77 +0,0 @@
 package cfg
 import (
 	"fmt"
 	"github.com/veypi/utils/cmd"
 	"gorm.io/driver/mysql"
 	"gorm.io/driver/sqlite"
 	"gorm.io/gorm"
 )
 var Path = cmd.GetCfgPath("OneAuth", "oa")
 var CFG = &struct {
 	AdminUser   string
 	Host        string
 	LoggerPath  string
 	LoggerLevel string
 	Key         string
 	TimeFormat  string
 	Debug       bool
 	EXEDir      string
 	DB          struct {
 		Type string
 		Addr string
 		User string
 		Pass string
 		DB   string
 	}
 }{
 	AdminUser:   "admin",
 	Host:        "0.0.0.0:19528",
 	LoggerPath:  "",
 	LoggerLevel: "debug",
 	TimeFormat:  "2006/01/02 15:04:05",
 	Debug:       true,
 	EXEDir:      "./",
 	DB: struct {
 		Type string
 		Addr string
 		User string
 		Pass string
 		DB   string
 	}{
 		Type: "sqlite",
 		//Addr: "127.0.0.1:3306",
 		Addr: "oa.db",
 		User: "root",
 		Pass: "123456",
 		DB:   "one_auth",
 	},
 }
 var (
 	db *gorm.DB
 )
 func DB() *gorm.DB {
 	if db == nil {
 		ConnectDB()
 	}
 	return db
 }
 func ConnectDB() *gorm.DB {
 	var err error
 	conn := fmt.Sprintf("%s:%s@tcp(%s)/%s?charset=utf8&parseTime=True&loc=Local", CFG.DB.User, CFG.DB.Pass, CFG.DB.Addr, CFG.DB.DB)
 	if CFG.DB.Type == "sqlite" {
 		conn = CFG.DB.Addr
 		db, err = gorm.Open(sqlite.Open(conn), &gorm.Config{})
 	} else {
 		db, err = gorm.Open(mysql.Open(conn), &gorm.Config{})
 	}
 	if err != nil {
 		panic(err)
 	}
 	return db
 }
--- a/go.mod
+++ b/go.mod
@ -1,14 +0,0 @@
 module OneAuth
 go 1.16
 require (
 	github.com/json-iterator/go v1.1.10
 	github.com/urfave/cli/v2 v2.2.0
 	github.com/veypi/OneBD v0.4.1
 	github.com/veypi/utils v0.2.2
 	gorm.io/driver/mysql v1.0.5
 	gorm.io/driver/sqlite v1.1.4
 	gorm.io/gorm v1.21.3
 )
 replace github.com/veypi/OneBD v0.4.1 => ../OceanCurrent/OneBD
--- a/go.sum
+++ b/go.sum
@ -1,77 +0,0 @@
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/go-sql-driver/mysql v1.5.0 h1:ozyZYNQW3x3HtqT1jira07DN2PArx2v7/mN66gGcHOs=
 github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
 github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
 github.com/jinzhu/now v1.1.1 h1:g39TucaRWyV3dwDO++eEc6qf8TVIQ/Da48WmqjZ3i7E=
 github.com/jinzhu/now v1.1.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
 github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/kardianos/service v1.1.0 h1:QV2SiEeWK42P0aEmGcsAgjApw/lRxkwopvT+Gu6t1/0=
 github.com/kardianos/service v1.1.0/go.mod h1:RrJI2xn5vve/r32U5suTbeaSGoMU6GbNPoj36CVYcHc=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/mattn/go-sqlite3 v1.14.5 h1:1IdxlwTNazvbKJQSxoJ5/9ECbEeaTTyeU7sEAZ5KKTQ=
 github.com/mattn/go-sqlite3 v1.14.5/go.mod h1:WVKg1VTActs4Qso6iwGbiFih2UIHo0ENGwNd0Lj+XmI=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421 h1:ZqeYNhU3OHLH3mGKHDcjJRFFRrJa6eAM5H+CtDdOsPc=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLDQ0W1YjYsBW+p8U2u7vzgW2SQVmlNazg=
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
 github.com/rs/zerolog v1.17.2 h1:RMRHFw2+wF7LO0QqtELQwo8hqSmqISyCJeFeAAuWcRo=
 github.com/rs/zerolog v1.17.2/go.mod h1:9nvC1axdVrAHcu/s9taAVfBuIdTZLVQmKQyvrUjF5+I=
 github.com/russross/blackfriday/v2 v2.0.1 h1:lPqVAte+HuHNfhJ/0LC98ESWRz8afy9tM/0RK8m9o+Q=
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/shurcooL/sanitized_anchor_name v1.0.0 h1:PdmoCO6wvbs+7yrJyMORt4/BmY5IYyJwS/kOiWx8mHo=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/urfave/cli/v2 v2.2.0 h1:JTTnM6wKzdA0Jqodd966MVj4vWbbquZykeX1sKbe2C4=
 github.com/urfave/cli/v2 v2.2.0/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ=
 github.com/veypi/OneBD v0.4.1 h1:IkuV2tqay3fyX+FsM9XrKiKS9N7pymUJnrscGx2T0mc=
 github.com/veypi/OneBD v0.4.1/go.mod h1:9IoMOBzwIGyv6IZGF7ZnTYwTcHltLKicDgcwha66G0U=
 github.com/veypi/utils v0.1.5/go.mod h1:oKcwTDfvE1qtuhJuCcDcfvGquv9bHdFaCGA42onVMC4=
 github.com/veypi/utils v0.2.2 h1:BRxu0mYJJpuubPjmIIrRVr0XEq9NMp//KUCrVTkFums=
 github.com/veypi/utils v0.2.2/go.mod h1:rAkC6Fbk5cBa3u+8pyCpsVcnXw74EhEQJGmPND9FvRg=
 github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553 h1:efeOvDhwQ29Dj3SdAV/MJf8oukgn+8D8WgaCaRMchF8=
 golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190204203706-41f3e6584952/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a h1:1BGLXjeY4akVXGgbC9HugT3Jv3hCI0z56oJR5vAMgBU=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/tools v0.0.0-20190828213141-aed303cbaa74/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8=
 gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gorm.io/driver/mysql v1.0.5 h1:WAAmvLK2rG0tCOqrf5XcLi2QUwugd4rcVJ/W3aoon9o=
 gorm.io/driver/mysql v1.0.5/go.mod h1:N1OIhHAIhx5SunkMGqWbGFVeh4yTNWKmMo1GOAsohLI=
 gorm.io/driver/sqlite v1.1.4 h1:PDzwYE+sI6De2+mxAneV9Xs11+ZyKV6oxD3wDGkaNvM=
 gorm.io/driver/sqlite v1.1.4/go.mod h1:mJCeTFr7+crvS+TRnWc5Z3UvwxUN1BGBLMrf5LA9DYw=
 gorm.io/gorm v1.20.7/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw=
 gorm.io/gorm v1.21.3 h1:qDFi55ZOsjZTwk5eN+uhAmHi8GysJ/qCTichM/yO7ME=
 gorm.io/gorm v1.21.3/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw=
--- a/libs/auth/auth.go
+++ b/libs/auth/auth.go
@ -1,43 +0,0 @@
 package auth
 import (
 	"OneAuth/cfg"
 	"OneAuth/libs/oerr"
 	"OneAuth/models"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 )
 type Auth struct {
 	Payload      *models.PayLoad
 	ignoreMethod map[rfc.Method]bool
 }
 func (a *Auth) Init(m OneBD.Meta) error {
 	if a.ignoreMethod != nil && a.ignoreMethod[m.Method()] {
 		return nil
 	}
 	a.Payload = new(models.PayLoad)
 	token := m.GetHeader("auth_token")
 	if token == "" {
 		return oerr.NotLogin
 	}
 	ok, err := models.ParseToken(token, cfg.CFG.Key, a.Payload)
 	if ok {
 		return nil
 	}
 	return oerr.NotLogin.Attach(err)
 }
 func (a *Auth) Ignore(methods ...rfc.Method) {
 	if a.ignoreMethod == nil {
 		a.ignoreMethod = make(map[rfc.Method]bool)
 	}
 	for _, m := range methods {
 		a.ignoreMethod[m] = true
 	}
 }
 func (a *Auth) CheckAuth(name string, tags ...string) models.AuthLevel {
 	return a.Payload.CheckAuth(name, tags...)
 }
--- a/libs/base/api_handler.go
+++ b/libs/base/api_handler.go
@ -1,72 +0,0 @@
 package base
 import (
 	"OneAuth/libs/auth"
 	"OneAuth/libs/oerr"
 	"OneAuth/libs/tools"
 	"github.com/json-iterator/go"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/rfc"
 	"github.com/veypi/utils/log"
 	"strconv"
 	"sync"
 	"time"
 )
 var json = jsoniter.ConfigFastest
 type ApiHandler struct {
 	OneBD.BaseHandler
 	auth.Auth
 }
 func (h *ApiHandler) Init(m OneBD.Meta) error {
 	return tools.MultiIniter(m, &h.BaseHandler, &h.Auth)
 }
 func (h *ApiHandler) OnResponse(data interface{}) {
 	if h.Meta().Method() == rfc.MethodHead {
 		h.Meta().SetHeader("status", "1")
 		return
 	}
 	p, err := json.Marshal(map[string]interface{}{"status": 1, "content": data})
 	if err != nil {
 		log.Warn().Err(err).Msg("encode json data error")
 		return
 	}
 	h.Meta().Write(p)
 }
 func (h *ApiHandler) OnError(err error) {
 	log.WithNoCaller.Warn().Err(err).Msg(h.Meta().RequestPath())
 	msg := err.Error()
 	if h.Meta().Method() == rfc.MethodHead {
 		h.Meta().SetHeader("status", "0")
 		h.Meta().SetHeader("code", strconv.Itoa(int(oerr.OfType(msg))))
 		h.Meta().SetHeader("err", msg)
 	} else {
 		p, _ := json.Marshal(map[string]interface{}{"status": 0, "code": oerr.OfType(msg), "err": msg})
 		h.Meta().Write(p)
 	}
 }
 var ioNumLimit = make(map[string]time.Time)
 var limitLocker = sync.RWMutex{}
 func (h *ApiHandler) SetAccessDelta(d time.Duration) error {
 	// 尽量对写操作加频率限制
 	now := time.Now()
 	limitLocker.Lock()
 	label := h.Meta().RemoteAddr() + h.Meta().RequestPath()
 	last, ok := ioNumLimit[label]
 	defer func() {
 		ioNumLimit[label] = now
 		limitLocker.Unlock()
 	}()
 	if !ok {
 		return nil
 	} else if now.Sub(last) >= d {
 		return nil
 	}
 	return oerr.AccessTooFast
 }
--- a/libs/oerr/oerr.go
+++ b/libs/oerr/oerr.go
@ -1,210 +0,0 @@
 package oerr
 import (
 	"errors"
 	"gorm.io/gorm"
 	"strconv"
 )
 // 错误描述
 type Code uint
 /*
 5位10进制码表示错误, 00000 etc.
 0 代表未知，或不必定义的有通用意义的错误
 ## 第1位 错误类型
 	- 1 : 系统级错误 比如 内存申请失败, 系统调用失败，文件打开失败等等
 	- 2 : 数据库错误
 	- 3 : 保留
 	- 4 : 权限错误
 	- 5 : 配置错误
 	- 6 : 参数错误
 	- 7 : 时序(控制)错误
 ## 第2位 2级错误类型
 ## 第3,4位 具体错误编号
 ## 第5位 错误严重程度
 	- 0 : 无任何影响错误，简单重试可以解决
 	- 1 : 无影响错误，重试不可解决
 	- 2 : 有影响用户体验或系统性能错误, 重试可解决
    - 3 : 有影响用户体验或系统性能错误, 重试不可解决
 	- 4 : 有影响组件功能的错误, 重试可解决
 	- 5 : 有影响组件功能的错误， 重试不可解决
 	- 6 : 有影响服务运行的错误， 重启可解决
 	- 7 : 有影响服务运行的错误，重启不可解决
 	- 8 : 有影响系统运行的错误
 	- 9 : 本不可能发生的错误，例如被人攻击导致数据异常产生的逻辑错误
 */
 const (
 	Unknown Code = 0
 )
 const (
 	// 2 数据库错误
 	//		-1 系统错误
 	// 		-2 数据读写错误
 	DBErr                 Code = 20001
 	ResourceCreatedFailed Code = 22012
 	ResourceDuplicated    Code = 22021
 	ResourceNotExist      Code = 22031
 )
 const (
 // 3
 )
 const (
 	// 4 权限类型错误
 	// 1: 登录权限
 	// 2: 资源操作权限
 	NotLogin        Code = 41001
 	LoginExpired    Code = 41011
 	PassError       Code = 41021
 	DisableLogin    Code = 41031
 	AccountNotExist Code = 41041
 	NoAuth          Code = 42011
 )
 // 6 参数类型错误
 /*
 	-1: 协议参数
 	-2: 接口参数
 	-3: 函数参数
 	-4: 数据依赖错误
 */
 const (
 	MethodNotSupport Code = 61111
 	MethodNotAllowed Code = 61121
 	ApiArgsError     Code = 62001
 	ApiArgsMissing   Code = 62011
 	TableArgsMissing Code = 62021
 	TableArgsErr     Code = 62031
 	FuncArgsError        Code = 63001
 	UrlPatternNotSupport Code = 63117
 	UrlDefinedDuplicate  Code = 63127
 	UrlParamDuplicate    Code = 63137
 	DataError Code = 64009
 )
 // 7 : 时序(控制)错误
 /*
 	-1: 访问控制
 */
 const (
 	AccessErr     Code = 71001
 	AccessTooFast Code = 71010
 )
 var codeMap = map[Code]string{
 	Unknown:               "unknown error",
 	DBErr:                 "db error",
 	ResourceCreatedFailed: "resource created failed",
 	ResourceDuplicated:    "resource duplicated",
 	ResourceNotExist:      "Resource not exist",
 	MethodNotSupport:      "this http method is not supported",
 	MethodNotAllowed:      "this http method is not allowed",
 	ApiArgsError:          "base args error",
 	ApiArgsMissing:        "missing args",
 	TableArgsMissing:      "missing data",
 	TableArgsErr:          "invalid table data",
 	FuncArgsError:         "func args error",
 	UrlPatternNotSupport:  "this router's url pattern is not supported.",
 	UrlDefinedDuplicate:   "this router's url has been defined",
 	UrlParamDuplicate:     "this param defined in router's url duplicated",
 	DataError:             "data error",
 	NotLogin:              "not login",
 	LoginExpired:          "login expired",
 	DisableLogin:          "disabled to login",
 	PassError:             "password/account error",
 	AccountNotExist:       "account not exist",
 	NoAuth:                "no auth to access",
 	AccessErr:             "access error",
 	AccessTooFast:         "access too fast",
 }
 func (c Code) Error() string {
 	return strconv.Itoa(int(c)) + ":" + c.String()
 }
 func (c Code) String() string {
 	s, ok := codeMap[c]
 	if ok && len(s) > 0 {
 		return s
 	}
 	return codeMap[Unknown]
 }
 // 附加错误详细原因
 func (c Code) Attach(errs ...error) (e error) {
 	e = c
 	for _, err := range errs {
 		if err != nil {
 			e = &wrapErr{msg: e.Error() + "\n" + err.Error(), err: e}
 		}
 	}
 	return e
 }
 func (c Code) AttachStr(errs ...string) (e error) {
 	e = c
 	for _, m := range errs {
 		if m != "" {
 			e = &wrapErr{
 				msg: e.Error() + "\n" + m,
 				err: e,
 			}
 		}
 	}
 	return e
 }
 func OfType(errMsg string) Code {
 	s := ""
 	if gorm.ErrRecordNotFound.Error() == errMsg {
 		return ResourceNotExist
 	}
 	for _, v := range errMsg {
 		if v == ':' {
 			break
 		}
 		s += string(v)
 	}
 	c, _ := strconv.Atoi(s)
 	return Code(c)
 }
 type wrapErr struct {
 	msg string
 	err error
 }
 func (w *wrapErr) Error() string {
 	return w.msg
 }
 func (w *wrapErr) UnWrap() error {
 	return w.err
 }
 func CheckMultiErr(errs ...error) error {
 	msg := ""
 	for _, e := range errs {
 		if e != nil {
 			msg += e.Error() + "\n"
 		}
 	}
 	if msg != "" {
 		return errors.New(msg)
 	}
 	return nil
 }
--- a/libs/tools/tools.go
+++ b/libs/tools/tools.go
@ -1,44 +0,0 @@
 package tools
 import (
 	"encoding/json"
 	"github.com/veypi/OneBD"
 	"net/http"
 	"net/url"
 )
 type Initer interface {
 	Init(OneBD.Meta) error
 }
 func MultiIniter(m OneBD.Meta, is ...Initer) (err error) {
 	for _, i := range is {
 		err = i.Init(m)
 		if err != nil {
 			return
 		}
 	}
 	return
 }
 func Query(addr string, query map[string]string, res interface{}) error {
 	u, err := url.Parse(addr)
 	if err != nil {
 		return err
 	}
 	paras := &url.Values{}
 	//设置请求参数
 	for k, v := range query {
 		paras.Set(k, v)
 	}
 	u.RawQuery = paras.Encode()
 	resp, err := http.Get(u.String())
 	//关闭资源
 	if resp != nil && resp.Body != nil {
 		defer resp.Body.Close()
 	}
 	if err != nil {
 		return err
 	}
 	return json.NewDecoder(resp.Body).Decode(res)
 }
--- a/main.go
+++ b/main.go
@ -1,79 +0,0 @@
 package main
 import (
 	"OneAuth/cfg"
 	"OneAuth/sub"
 	"github.com/urfave/cli/v2"
 	"github.com/veypi/utils/cmd"
 	"github.com/veypi/utils/log"
 	"os"
 	"path/filepath"
 )
 const Version = "v0.1.0"
 func main() {
 	cmd.LoadCfg(cfg.Path, cfg.CFG)
 	app := cli.NewApp()
 	app.Name = "OneAuth"
 	app.Usage = "one auth"
 	app.Version = Version
 	app.Flags = []cli.Flag{
 		&cli.BoolFlag{
 			Name:        "debug",
 			Aliases:     []string{"d"},
 			Value:       cfg.CFG.Debug,
 			Destination: &cfg.CFG.Debug,
 		},
 		&cli.StringFlag{
 			Name:        "log_level,log",
 			Value:       cfg.CFG.LoggerLevel,
 			Destination: &cfg.CFG.LoggerLevel,
 		},
 		&cli.StringFlag{
 			Name:        "log_path",
 			Value:       cfg.CFG.LoggerPath,
 			Destination: &cfg.CFG.LoggerPath,
 		},
 		&cli.StringFlag{
 			Name:        "key",
 			Value:       cfg.CFG.Key,
 			Destination: &cfg.CFG.Key,
 		},
 		&cli.StringFlag{
 			Name:        "exe_dir",
 			Value:       cfg.CFG.EXEDir,
 			Destination: &cfg.CFG.EXEDir,
 		},
 		&cli.StringFlag{
 			Name:        "host",
 			Value:       cfg.CFG.Host,
 			Destination: &cfg.CFG.Host,
 		},
 	}
 	app.Commands = []*cli.Command{
 		&sub.Web,
 	}
 	srv, err := cmd.NewSrv(app, sub.RunWeb, cfg.CFG, cfg.Path)
 	if err != nil {
 		log.Warn().Msg(err.Error())
 		return
 	}
 	srv.SetExecMax(1)
 	srv.SetStopFunc(func() {
 	})
 	app.Before = func(c *cli.Context) error {
 		var err error
 		cfg.CFG.EXEDir, err = filepath.Abs(cfg.CFG.EXEDir)
 		if err != nil {
 			return err
 		}
 		if cfg.CFG.Debug {
 			cfg.CFG.LoggerLevel = "debug"
 		}
 		cfg.ConnectDB()
 		return nil
 	}
 	_ = app.Run(os.Args)
 }
--- a/models/app.go
+++ b/models/app.go
@ -1,22 +0,0 @@
 package models
 type App struct {
 	BaseModel
 	Name string  `json:"name"`
 	UUID string  `json:"uuid"`
 	Host string  `json:"host"`
 	WxID string  `json:"wx_id" gorm:""`
 	Wx   *Wechat `json:"wx" gorm:"association_foreignkey:ID"`
 }
 type Wechat struct {
 	BaseModel
 	// 网页授权登录用
 	WxID    string `json:"wx_id"`
 	AgentID string `json:"agent_id"`
 	Url     string `json:"url"`
 	// 获取access_token用
 	CorpID     string `json:"corp_id"`
 	CorpSecret string `json:"corp_secret"`
 }
--- a/models/init.go
+++ b/models/init.go
@ -1,102 +0,0 @@
 package models
 import (
 	"OneAuth/cfg"
 	"bytes"
 	"database/sql/driver"
 	"errors"
 	"fmt"
 	"time"
 )
 type JSON []byte
 func (j JSON) Value() (driver.Value, error) {
 	if j.IsNull() {
 		return nil, nil
 	}
 	return string(j), nil
 }
 func (j *JSON) Scan(value interface{}) error {
 	if value == nil {
 		*j = nil
 		return nil
 	}
 	s, ok := value.([]byte)
 	if !ok {
 		return errors.New("invalid scan source")
 	}
 	*j = append((*j)[0:0], s...)
 	return nil
 }
 func (j JSON) MarshalJSON() ([]byte, error) {
 	if j == nil {
 		return []byte("null"), nil
 	}
 	return j, nil
 }
 func (j *JSON) UnmarshalJSON(data []byte) error {
 	if j == nil {
 		return errors.New("null point exception")
 	}
 	*j = append((*j)[0:0], data...)
 	return nil
 }
 func (j JSON) IsNull() bool {
 	return len(j) == 0 || string(j) == "null"
 }
 func (j JSON) Equals(j1 JSON) bool {
 	return bytes.Equal(j, j1)
 }
 // JSONTime  custom json time
 type JSONTime struct {
 	time.Time
 }
 func Now() *JSONTime {
 	return &JSONTime{time.Now()}
 }
 // MarshalJSON 实现它的json序列化方法
 func (jt JSONTime) MarshalJSON() ([]byte, error) {
 	var stamp = fmt.Sprintf("\"%s\"", jt.Format(cfg.CFG.TimeFormat))
 	return []byte(stamp), nil
 }
 // UnmarshalJSON  反序列化方法
 func (jt *JSONTime) UnmarshalJSON(data []byte) (err error) {
 	now, err := time.ParseInLocation(`"`+cfg.CFG.TimeFormat+`"`, string(data), time.Local)
 	*jt = JSONTime{now}
 	return
 }
 // Value insert timestamp into mysql need this function.
 func (jt JSONTime) Value() (driver.Value, error) {
 	var zeroTime time.Time
 	if jt.Time.UnixNano() == zeroTime.UnixNano() {
 		return nil, nil
 	}
 	return jt.Time, nil
 }
 // Scan value of time.Time
 func (jt *JSONTime) Scan(v interface{}) error {
 	value, ok := v.(time.Time)
 	if ok {
 		*jt = JSONTime{Time: value}
 		return nil
 	}
 	return fmt.Errorf("can not convert %v to timestamp", v)
 }
 func (jt *JSONTime) SetTime(t time.Time) {
 	jt.Time = t
 }
 type BaseModel struct {
 	ID        uint      `json:"id" gorm:"primary_key"`
 	CreatedAt JSONTime  `json:"created_at"`
 	UpdatedAt JSONTime  `json:"updated_at"`
 	DeletedAt *JSONTime `json:"deleted_at" sql:"index"`
 }
--- a/models/role.go
+++ b/models/role.go
@ -1,104 +0,0 @@
 package models
 import (
 	"OneAuth/cfg"
 	"github.com/veypi/utils/log"
 )
 var GlobalRoles = make(map[uint]*Role)
 func SyncGlobalRoles() {
 	roles := make([]*Role, 0, 10)
 	err := cfg.DB().Preload("Auths").Find(&roles).Error
 	if err != nil {
 		log.Warn().Msgf("sync global roles error: %s", err.Error())
 		return
 	}
 	for _, r := range roles {
 		GlobalRoles[r.ID] = r
 	}
 }
 type UserRole struct {
 	BaseModel
 	UserID uint `json:"user_id"`
 	RoleID uint `json:"role_id"`
 }
 type RoleAuth struct {
 	BaseModel
 	RoleID uint `json:"role_id"`
 	AuthID uint `json:"auth_id"`
 }
 type Role struct {
 	BaseModel
 	Name string `json:"name"`
 	// 角色类型
 	// 0: 系统角色   1: 用户角色
 	Category uint `json:"category" gorm:"default:0"`
 	// 角色标签
 	Tag   string  `json:"tag" gorm:"default:''"`
 	Users []*User `json:"users" gorm:"many2many:user_role;"`
 	// 具体权限
 	Auths    []*Auth `json:"auths" gorm:"many2many:role_auth;"`
 	IsUnique bool    `json:"is_unique" gorm:"default:false"`
 }
 func (r Role) CheckAuth(name string, tags ...string) AuthLevel {
 	res := AuthNone
 	tag := ""
 	if len(tags) > 0 {
 		tag = tags[0]
 	}
 	for _, a := range r.Auths {
 		if a.Name == "admin" && a.Tag == "" || (a.Name == "admin" && a.Tag == tag) || (a.Name == name && a.Tag == tag) {
 			if a.Level > res {
 				res = a.Level
 			}
 		}
 	}
 	return res
 }
 type AuthLevel uint
 const (
 	AuthNone   AuthLevel = 0
 	AuthRead   AuthLevel = 1
 	AuthCreate AuthLevel = 2
 	AuthUpdate AuthLevel = 3
 	AuthDelete AuthLevel = 4
 )
 func (a AuthLevel) CanRead() bool {
 	return a >= AuthRead
 }
 func (a AuthLevel) CanCreate() bool {
 	return a >= AuthCreate
 }
 func (a AuthLevel) CanUpdate() bool {
 	return a >= AuthUpdate
 }
 func (a AuthLevel) CanDelete() bool {
 	return a >= AuthDelete
 }
 func (a AuthLevel) CanDoAny() bool {
 	return a >= AuthDelete
 }
 // 资源权限
 type Auth struct {
 	BaseModel
 	Name  string `json:"name"`
 	AppID uint   `json:"app_id"`
 	// 权限标签
 	Tag string `json:"tag"`
 	// 权限等级 0 相当于没有 1 读权限  2 创建权限  3 修改权限  4 删除权限
 	Level AuthLevel `json:"level"`
 }
--- a/models/user.go
+++ b/models/user.go
@ -1,159 +0,0 @@
 package models
 import (
 	"crypto/hmac"
 	"crypto/sha256"
 	"encoding/base64"
 	"encoding/json"
 	"errors"
 	"github.com/veypi/utils"
 	"github.com/veypi/utils/log"
 	"strings"
 	"time"
 )
 // User db user model
 type User struct {
 	BaseModel
 	Username  string `json:"username" gorm:"type:varchar(100);unique;not null"`
 	Nickname  string `json:"nickname" gorm:"type:varchar(100)" json:",omitempty"`
 	Phone     string `json:"phone" gorm:"type:varchar(20);unique;default:null" json:",omitempty"`
 	Email     string `json:"email" gorm:"type:varchar(50);unique;default:null" json:",omitempty"`
 	CheckCode string `gorm:"type:varchar(64);not null" json:"-"`
 	RealCode  string `gorm:"type:varchar(32);not null" json:"-"`
 	Position  string `json:"position"`
 	// disabled 禁用
 	Status string `json:"status"`
 	Icon  string  `json:"icon"`
 	Roles []*Role `json:"roles" gorm:"many2many:user_role;"`
 }
 // TODO:: roles 是否会造成token过大 ?
 type PayLoad struct {
 	ID       uint   `json:"id"`
 	Username string `json:"username"`
 	Nickname string `json:"nickname"`
 	Icon     string `json:"icon"`
 	Iat      int64  `json:"iat"` //token time
 	Exp      int64  `json:"exp"`
 	Roles    []uint `json:"roles"`
 }
 func (p *PayLoad) CheckAuth(name string, tags ...string) AuthLevel {
 	res := AuthNone
 	if p == nil || p.Roles == nil {
 		return res
 	}
 	for _, id := range p.Roles {
 		r := GlobalRoles[id]
 		if r == nil {
 			log.Warn().Msgf("not found role id: %d", id)
 			continue
 		}
 		t := r.CheckAuth(name, tags...)
 		if t > res {
 			res = t
 		}
 	}
 	return res
 }
 func (u *User) String() string {
 	return u.Username + ":" + u.Nickname
 }
 func (u *User) CheckAuth(name string, tags ...string) AuthLevel {
 	res := AuthNone
 	if u == nil || u.Roles == nil {
 		return res
 	}
 	for _, t := range u.Roles {
 		r := GlobalRoles[t.ID]
 		if r == nil {
 			log.Warn().Msgf("not found role id: %d", t.ID)
 			continue
 		}
 		t := r.CheckAuth(name, tags...)
 		if t > res {
 			res = t
 		}
 	}
 	return res
 }
 func (u *User) GetToken(key string) (string, error) {
 	header := map[string]string{
 		"typ": "JWT",
 		"alg": "HS256",
 	}
 	//header := "{\"typ\": \"JWT\", \"alg\": \"HS256\"}"
 	now := time.Now().Unix()
 	payload := PayLoad{
 		ID:       u.ID,
 		Username: u.Username,
 		Nickname: u.Nickname,
 		Icon:     u.Icon,
 		Iat:      now,
 		Exp:      now + 60*60*24,
 	}
 	for _, r := range u.Roles {
 		payload.Roles = append(payload.Roles, r.ID)
 	}
 	a, err := json.Marshal(header)
 	if err != nil {
 		return "", err
 	}
 	b, err := json.Marshal(payload)
 	if err != nil {
 		return "", err
 	}
 	A := base64.StdEncoding.EncodeToString(a)
 	B := base64.StdEncoding.EncodeToString(b)
 	hmacCipher := hmac.New(sha256.New, []byte(key))
 	hmacCipher.Write([]byte(A + "." + B))
 	C := hmacCipher.Sum(nil)
 	return A + "." + B + "." + base64.StdEncoding.EncodeToString(C), nil
 }
 var (
 	InvalidToken = errors.New("invalid token")
 	ExpiredToken = errors.New("expired token")
 )
 func ParseToken(token string, key string, payload *PayLoad) (bool, error) {
 	var A, B, C string
 	if seqs := strings.Split(token, "."); len(seqs) == 3 {
 		A, B, C = seqs[0], seqs[1], seqs[2]
 	} else {
 		return false, InvalidToken
 	}
 	hmacCipher := hmac.New(sha256.New, []byte(key))
 	hmacCipher.Write([]byte(A + "." + B))
 	tempC := hmacCipher.Sum(nil)
 	if !hmac.Equal([]byte(C), []byte(base64.StdEncoding.EncodeToString(tempC))) {
 		return false, nil
 	}
 	tempPayload, err := base64.StdEncoding.DecodeString(B)
 	if err != nil {
 		return false, err
 	}
 	if err := json.Unmarshal(tempPayload, payload); err != nil {
 		return false, err
 	}
 	if time.Now().Unix() > payload.Exp {
 		return false, ExpiredToken
 	}
 	return true, nil
 }
 func (u *User) UpdateAuth(ps string) (err error) {
 	u.RealCode = utils.RandSeq(32)
 	u.CheckCode, err = utils.AesEncrypt(u.RealCode, []byte(ps))
 	return err
 }
 func (u *User) CheckLogin(ps string) (bool, error) {
 	temp, err := utils.AesDecrypt(u.CheckCode, []byte(ps))
 	return temp == u.RealCode, err
 }
--- a/oaf/.browserslistrc
+++ b/oaf/.browserslistrc
@ -1,3 +0,0 @@
 > 1%
 last 2 versions
 not dead
--- a/oaf/.editorconfig
+++ b/oaf/.editorconfig
@ -1,5 +0,0 @@
 [*.{js,jsx,ts,tsx,vue}]
 indent_style = space
 indent_size = 2
 trim_trailing_whitespace = true
 insert_final_newline = true
--- a/oaf/.eslintignore
+++ b/oaf/.eslintignore
@ -1 +0,0 @@
 src/libs/wwLogin.js
--- a/oaf/.eslintrc.js
+++ b/oaf/.eslintrc.js
@ -1,22 +0,0 @@
 module.exports = {
  root: true,
  env: {
    node: true
  },
  extends: [
    'plugin:vue/essential',
    '@vue/standard',
    '@vue/typescript/recommended'
  ],
  parserOptions: {
    ecmaVersion: 2020
  },
  rules: {
    'object-curly-spacing': 0,
    'space-before-function-paren': 0,
    '@typescript-eslint/camelcase': 0,
    '@typescript-eslint/no-empty-function': 0,
    'no-console': process.env.NODE_ENV === 'production' ? 'warn' : 'off',
    'no-debugger': process.env.NODE_ENV === 'production' ? 'warn' : 'off'
  }
 }
--- a/oaf/.gitignore
+++ b/oaf/.gitignore
@ -1,23 +0,0 @@
 .DS_Store
 node_modules
 /dist
 # local env files
 .env.local
 .env.*.local
 # Log files
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 pnpm-debug.log*
 # Editor directories and files
 .idea
 .vscode
 *.suo
 *.ntvs*
 *.njsproj
 *.sln
 *.sw?
--- a/oaf/README.md
+++ b/oaf/README.md
@ -1,24 +0,0 @@
 # oaf
 ## Project setup
 ```
 yarn install
 ```
 ### Compiles and hot-reloads for development
 ```
 yarn serve
 ```
 ### Compiles and minifies for production
 ```
 yarn build
 ```
 ### Lints and fixes files
 ```
 yarn lint
 ```
 ### Customize configuration
 See [Configuration Reference](https://cli.vuejs.org/config/).
--- a/oaf/babel.config.js
+++ b/oaf/babel.config.js
@ -1,5 +0,0 @@
 module.exports = {
  presets: [
    '@vue/cli-plugin-babel/preset'
  ]
 }
--- a/oaf/package.json
+++ b/oaf/package.json
@ -1,47 +0,0 @@
 {
  "name": "oaf",
  "version": "0.1.0",
  "private": true,
  "scripts": {
    "serve": "vue-cli-service serve",
    "build": "vue-cli-service build",
    "lint": "vue-cli-service lint"
  },
  "dependencies": {
    "axios": "^0.21.1",
    "core-js": "^3.6.5",
    "js-base64": "^3.6.0",
    "vue": "^2.6.11",
    "vue-class-component": "^7.2.3",
    "vue-property-decorator": "^9.1.2",
    "vue-router": "^3.2.0",
    "vuetify": "^2.4.0",
    "vuex": "^3.4.0"
  },
  "devDependencies": {
    "@typescript-eslint/eslint-plugin": "^2.33.0",
    "@typescript-eslint/parser": "^2.33.0",
    "@vue/cli-plugin-babel": "~4.5.0",
    "@vue/cli-plugin-eslint": "~4.5.0",
    "@vue/cli-plugin-router": "~4.5.0",
    "@vue/cli-plugin-typescript": "~4.5.0",
    "@vue/cli-plugin-vuex": "~4.5.0",
    "@vue/cli-service": "~4.5.0",
    "@vue/eslint-config-standard": "^5.1.2",
    "@vue/eslint-config-typescript": "^5.0.2",
    "eslint": "^6.7.2",
    "eslint-plugin-import": "^2.20.2",
    "eslint-plugin-node": "^11.1.0",
    "eslint-plugin-promise": "^4.2.1",
    "eslint-plugin-standard": "^4.0.0",
    "eslint-plugin-vue": "^6.2.2",
    "less": "^3.0.4",
    "less-loader": "^5.0.0",
    "sass": "^1.32.0",
    "sass-loader": "^10.0.0",
    "typescript": "~3.9.3",
    "vue-cli-plugin-vuetify": "^2.2.2",
    "vue-template-compiler": "^2.6.11",
    "vuetify-loader": "^1.7.0"
  }
 }
--- a/oaf/public/favicon.ico
+++ b/oaf/public/favicon.ico
--- a/oaf/public/index.html
+++ b/oaf/public/index.html
@ -1,19 +0,0 @@
 <!DOCTYPE html>
 <html lang="en">
  <head>
    <meta charset="utf-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width,initial-scale=1.0">
    <link rel="icon" href="<%= BASE_URL %>favicon.ico">
    <title><%= htmlWebpackPlugin.options.title %></title>
    <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900">
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css">
  </head>
  <body>
    <noscript>
      <strong>We're sorry but <%= htmlWebpackPlugin.options.title %> doesn't work properly without JavaScript enabled. Please enable it to continue.</strong>
    </noscript>
    <div id="app"></div>
    <!-- built files will be auto injected -->
  </body>
 </html>
--- a/oaf/src/App.vue
+++ b/oaf/src/App.vue
@ -1,38 +0,0 @@
 <template>
  <v-app>
    <v-app-bar
      app
      color="primary"
      dark
    >
      <div class="d-flex align-center">
      </div>
      <v-spacer></v-spacer>
      <v-btn text class="font-italic" style="font-size: 20px">
        统一认证
      </v-btn>
    </v-app-bar>
    <v-main>
      <router-view></router-view>
    </v-main>
  </v-app>
 </template>
 <script lang="ts">
 import Vue from 'vue'
 export default Vue.extend({
  name: 'App',
  components: {},
  data: () => ({
    //
  }),
  mounted() {
    document.title = '统一认证'
  }
 })
 </script>
--- a/oaf/src/api/ajax.ts
+++ b/oaf/src/api/ajax.ts
@ -1,65 +0,0 @@
 import axios from 'axios'
 import store from '@/store'
 function baseRequests(url: string, method: any = 'GET', query: any, data: any, success: any, fail?: Function) {
  return axios({
    url: url,
    params: query,
    data: data,
    method: method,
    headers: {
      auth_token: localStorage.auth_token
    }
  })
    .then((res: any) => {
      if ('auth_token' in res.headers) {
        localStorage.auth_token = res.headers.auth_token
      }
      if (method === 'HEAD') {
        success(res.headers)
      } else {
        success(res.data)
      }
    })
    .catch((e: any) => {
      if (e.response && e.response.status === 401) {
        console.log(e)
        store.dispatch('handleLogOut')
        return
      }
      console.log(e)
      if (e.response && e.response.status === 500) {
        return
      }
      if (typeof fail === 'function') {
        fail(e.response)
      } else if (e.response && e.response.status === 400) {
        console.log(400)
      } else {
        console.log(e.request)
      }
    })
 }
 const ajax = {
  get(url: '', data = {}, success = {}, fail?: Function) {
    return baseRequests(url, 'GET', data, {}, success, fail)
  },
  head(url: '', data = {}, success = {}, fail?: Function) {
    return baseRequests(url, 'HEAD', data, {}, success, fail)
  },
  delete(url: '', data = {}, success = {}, fail?: Function) {
    return baseRequests(url, 'DELETE', data, {}, success, fail)
  },
  post(url: '', data = {}, success = {}, fail?: Function) {
    return baseRequests(url, 'POST', {}, data, success, fail)
  },
  put(url: '', data = {}, success = {}, fail?: Function) {
    return baseRequests(url, 'PUT', {}, data, success, fail)
  },
  patch(url: '', data = {}, success = {}, fail?: Function) {
    return baseRequests(url, 'PATCH', {}, data, success, fail)
  }
 }
 export default ajax
--- a/oaf/src/api/index.ts
+++ b/oaf/src/api/index.ts
@ -1,200 +0,0 @@
 /*
 * Copyright (C) 2019 light <light@light-laptop>
 *
 * Distributed under terms of the MIT license.
 */
 import {Base64} from 'js-base64'
 import ajax from './ajax'
 import store from '@/store'
 const Code = {
  42011: '无操作权限',
  22031: '资源不存在 或 您无权操作该资源'
 }
 class Interface {
  private readonly method: Function
  private readonly api: string
  private readonly data: any
  constructor(method: Function, api: string, data?: any) {
    this.method = method
    this.api = api
    this.data = data
  }
  Start(success: Function, fail?: Function) {
    const newFail = function (data: any) {
      if (data && data.code === 40001) {
        // no login
        store.dispatch('handleLogOut')
        return
      }
      if (data && data.code > 0 && Code[data.code]) {
        // Message.warning({message: Code[data.code] || data.err, offset: 100})
      }
      if (fail) {
        fail(data)
      }
    }
    const newSuccess = function (data: any) {
      if (Number(data.status) === 1) {
        if (success) {
          success(data.content)
        }
      } else {
        newFail(data)
        if (data.code === 41001) {
          store.dispatch('handleLogOut')
          // bus.$emit('log_out')
        }
      }
    }
    this.method(this.api, this.data, newSuccess, newFail)
  }
 }
 const message = {
  count() {
    return new Interface(ajax.get, '/api/message/', {
      count: true,
      status: 'UnRead'
    })
  },
  get_content(id: number) {
    return new Interface(ajax.get, '/api/message/' + Number(id))
  },
  list(status: string) {
    return new Interface(ajax.get, '/api/message/', {status})
  },
  update(id: number, status: string) {
    return new Interface(ajax.patch, '/api/message/' + Number(id), {status})
  }
 }
 const role = {
  local: '/api/role/',
  get(id: number) {
    return new Interface(ajax.get, this.local + id)
  },
  list() {
    return new Interface(ajax.get, this.local)
  },
  update(id: number, props: any) {
    return new Interface(ajax.patch, this.local + id, props)
  },
  create(props: any) {
    return new Interface(ajax.post, this.local, props)
  },
  del(id: number) {
    return new Interface(ajax.delete, this.local + id)
  },
  bind(id: number, aid: number) {
    return new Interface(ajax.get, this.local + id + '/bind/' + aid)
  },
  unbind(id: number, aid: number) {
    return new Interface(ajax.get, this.local + id + '/unbind/' + aid)
  }
 }
 const app = {
  local: '/api/app/',
  get(id: string) {
    return new Interface(ajax.get, this.local + id)
  }
 }
 const api = {
  role: role,
  app: app,
  admin: {
    auths() {
      return new Interface(ajax.get, '/api/auth/')
    },
    user: {
      create(props: any) {
        const p = Object.assign({}, props)
        p.password = Base64.encode(props.password)
        return new Interface(ajax.post, '/api/user/', p)
      },
      update(user_id: number, props: any) {
        return new Interface(ajax.patch, '/api/user/' + user_id, props)
      },
      enable(user_id: number) {
        return new Interface(ajax.patch, '/api/user/' + user_id, {
          status: 'ok'
        })
      },
      disable(user_id: number) {
        return new Interface(ajax.patch, '/api/user/' + user_id, {
          status: 'disabled'
        })
      },
      attach_role(user_id: number, props: any) {
        return new Interface(ajax.post, '/api/user/' + user_id + '/role/', props)
      },
      detach_role(user_id: number, id: any) {
        return new Interface(ajax.delete, '/api/user/' + user_id + '/role/' + id)
      },
      reset_pass(user_id: number, password: string) {
        return new Interface(ajax.patch, '/api/user/' + user_id, {password})
      }
    }
  },
  auth: {
    event() {
      return {
        local: '/api/user/event/',
        list() {
          return new Interface(ajax.get, this.local)
        },
        create(title: string, tag: string, start_date: any, end_date: any) {
          return new Interface(ajax.post, this.local, {title, tag, start_date, end_date})
        },
        del(id: number) {
          return new Interface(ajax.delete, this.local + id)
        }
      }
    },
    favorite(name: string, tag: string, ok: boolean) {
      if (ok) {
        return new Interface(ajax.post, '/api/user/favorite', {name, tag})
      }
      return new Interface(ajax.delete, '/api/user/favorite', {name, tag})
    },
    get(id: number) {
      return new Interface(ajax.get, '/api/user/' + id)
    },
    search(username: string) {
      return new Interface(ajax.get, '/api/user/', {
        username
      })
    },
    login(username: string, password: string) {
      return new Interface(ajax.head, '/api/user/' + username, {
        password: Base64.encode(password)
      })
    },
    // @title 职位
    // @domain 部门
    register(username: string, password: string, domain?: string, title?: string) {
      return new Interface(ajax.post, '/api/user/', {
        username: username,
        password: Base64.encode(password),
        domain: domain,
        title: title
      })
    }
  },
  message: message
 }
 const Api = {
  install(Vue: any) {
    Vue.prototype.api = api
  }
 }
 export {Api}
 export default api
--- a/oaf/src/assets/logo.png
+++ b/oaf/src/assets/logo.png
--- a/oaf/src/assets/logo.svg
+++ b/oaf/src/assets/logo.svg
@ -1 +0,0 @@
 <svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 87.5 100"><defs><style>.cls-1{fill:#1697f6;}.cls-2{fill:#7bc6ff;}.cls-3{fill:#1867c0;}.cls-4{fill:#aeddff;}</style></defs><title>Artboard 46</title><polyline class="cls-1" points="43.75 0 23.31 0 43.75 48.32"/><polygon class="cls-2" points="43.75 62.5 43.75 100 0 14.58 22.92 14.58 43.75 62.5"/><polyline class="cls-3" points="43.75 0 64.19 0 43.75 48.32"/><polygon class="cls-4" points="64.58 14.58 87.5 14.58 43.75 100 43.75 62.5 64.58 14.58"/></svg>
--- a/oaf/src/components/WxLogin.vue
+++ b/oaf/src/components/WxLogin.vue
@ -1,42 +0,0 @@
 <template>
  <div id="wx_reg"></div>
 </template>
 <script lang='ts'>
 import {Component, Vue, Prop} from 'vue-property-decorator'
 import '@/libs/wwLogin.js'
@Component({
  components: {}
 })
 export default class WxLogin extends Vue {
  goto(id: string, app: string, url: string, state?: string, href?: string) {
    window.WwLogin({
      id: 'wx_reg',
      appid: id,
      agentid: app,
      redirect_uri: encodeURIComponent(url),
      state: state,
      href: href
    })
  }
  @Prop({default: ''})
  aid: ''
  @Prop({default: ''})
  app: ''
  @Prop({default: ''})
  url: ''
  mounted() {
    this.goto(this.aid, this.app, this.url, new Date().getTime())
  }
  created() {
  }
 }
 </script>
 <style scoped>
 </style>
--- a/oaf/src/components/demo.vue
+++ b/oaf/src/components/demo.vue
@ -1,20 +0,0 @@
 <template>
  <div></div>
 </template>
 <script lang='ts'>
 import {Component, Vue} from 'vue-property-decorator'
@Component({
  components: {}
 })
 export default class Demo extends Vue {
  mounted() {
  }
  created() {
  }
 }
 </script>
 <style scoped>
 </style>
--- a/oaf/src/libs/wwLogin.js
+++ b/oaf/src/libs/wwLogin.js
@ -1,2 +0,0 @@
 !function(a,b,c){function d(c){var d=b.createElement("iframe"),e="https://open.work.weixin.qq.com/wwopen/sso/qrConnect?appid="+c.appid+"&agentid="+c.agentid+"&redirect_uri="+c.redirect_uri+"&state="+c.state+"&login_type=jssdk";e+=c.style?"&style="+c.style:"",e+=c.href?"&href="+c.href:"",d.src=e,d.frameBorder="0",d.allowTransparency="true",d.scrolling="no",d.width="300px",d.height="400px";var f=b.getElementById(c.id);f.innerHTML="",f.appendChild(d),d.onload=function(){d.contentWindow.postMessage&&a.addEventListener&&(a.addEventListener("message",function(b){
 b.data&&b.origin.indexOf("work.weixin.qq.com")>-1&&(a.location.href=b.data)}),d.contentWindow.postMessage("ask_usePostMessage","*"))}}a.WwLogin=d}(window,document);
--- a/oaf/src/main.ts
+++ b/oaf/src/main.ts
@ -1,17 +0,0 @@
 import Vue from 'vue'
 import App from './App.vue'
 import router from './router'
 import store from './store'
 import vuetify from './plugins/vuetify'
 import {Api} from '@/api'
 Vue.use(Api)
 Vue.config.productionTip = false
 new Vue({
  router,
  store,
  vuetify,
  render: h => h(App)
 }).$mount('#app')
--- a/oaf/src/plugins/vuetify.ts
+++ b/oaf/src/plugins/vuetify.ts
@ -1,24 +0,0 @@
 import Vue from 'vue'
 import Vuetify from 'vuetify/lib/framework'
 Vue.use(Vuetify)
 const light = {
  primary: '#2196f3',
  secondary: '#00bcd4',
  accent: '#3f51b5',
  error: '#f44336',
  warning: '#ff5722',
  info: '#ff9800',
  success: '#4caf50',
  reset: '#684bff'
 }
 export default new Vuetify({
  theme: {
    dark: false,
    themes: {
      light: light
    }
  }
 })
--- a/oaf/src/router/index.ts
+++ b/oaf/src/router/index.ts
@ -1,32 +0,0 @@
 import Vue from 'vue'
 import VueRouter, {RouteConfig} from 'vue-router'
 import Home from '../views/Home.vue'
 Vue.use(VueRouter)
 const routes: Array<RouteConfig> = [
  {
    path: '/',
    name: 'Home',
    component: Home
  },
  {
    path: '/about',
    name: 'About',
    // route level code-splitting
    // this generates a separate chunk (about.[hash].js) for this route
    // which is lazy-loaded when the route is visited.
    component: () => import(/* webpackChunkName: "about" */ '../views/About.vue')
  },
  {
    path: '/wx',
    name: 'wx',
    component: () => import('../views/wx.vue')
  }
 ]
 const router = new VueRouter({
  routes
 })
 export default router
--- a/oaf/src/shims-tsx.d.ts
+++ b/oaf/src/shims-tsx.d.ts
@ -1,13 +0,0 @@
 import Vue, { VNode } from 'vue'
 declare global {
  namespace JSX {
    // tslint:disable no-empty-interface
    interface Element extends VNode {}
    // tslint:disable no-empty-interface
    interface ElementClass extends Vue {}
    interface IntrinsicElements {
      [elem: string]: any;
    }
  }
 }
--- a/oaf/src/shims-vue.d.ts
+++ b/oaf/src/shims-vue.d.ts
@ -1,4 +0,0 @@
 declare module '*.vue' {
  import Vue from 'vue'
  export default Vue
 }
--- a/oaf/src/shims-vuetify.d.ts
+++ b/oaf/src/shims-vuetify.d.ts
@ -1,4 +0,0 @@
 declare module 'vuetify/lib/framework' {
  import Vuetify from 'vuetify'
  export default Vuetify
 }
--- a/oaf/src/store/index.ts
+++ b/oaf/src/store/index.ts
@ -1,15 +0,0 @@
 import Vue from 'vue'
 import Vuex from 'vuex'
 Vue.use(Vuex)
 export default new Vuex.Store({
  state: {
  },
  mutations: {
  },
  actions: {
  },
  modules: {
  }
 })
--- a/oaf/src/views/About.vue
+++ b/oaf/src/views/About.vue
@ -1,5 +0,0 @@
 <template>
  <div class="about">
    <h1>This is an about page</h1>
  </div>
 </template>
--- a/oaf/src/views/Home.vue
+++ b/oaf/src/views/Home.vue
@ -1,25 +0,0 @@
 <style>
 .home {
  height: 100%;
  width: 100%;
 }
 </style>
 <template>
  <div class='home d-flex justify-center align-center'>
  </div>
 </template>
 <script lang='ts'>
 import {Component, Vue} from 'vue-property-decorator'
@Component({
  components: {}
 })
 export default class Home extends Vue {
  mounted() {
  }
  created() {
  }
 }
 </script>
--- a/oaf/src/views/wx.vue
+++ b/oaf/src/views/wx.vue
@ -1,66 +0,0 @@
 <template>
  <div class='home d-flex justify-center align-center'>
    <wx-login v-if="enable" :aid="aid" :app="agentID" :url="url"></wx-login>
    <v-overlay :value="!enable">
      <v-progress-circular
        indeterminate
        size="64"
      ></v-progress-circular>
    </v-overlay>
  </div>
 </template>
 <script lang='ts'>
 import {Component, Vue} from 'vue-property-decorator'
 import WxLogin from '@/components/WxLogin.vue'
@Component({
  components: {
    WxLogin
  }
 })
 export default class Wx extends Vue {
  aid = ''
  agentID = ''
  url = ''
  get enable() {
    return this.uuid && this.aid && this.agentID && this.url
  }
  get uuid() {
    return this.$route.query.uuid
  }
  get code() {
    return this.$route.query.code
  }
  get state() {
    return this.$route.query.state
  }
  get msg() {
    return this.$route.query.msg
  }
  mounted() {
    if (this.msg) {
      console.log(this.msg)
      alert(this.msg)
    }
  }
  created() {
    if (this.uuid) {
      this.api.app.get(this.uuid).Start(e => {
        this.url = e.wx.url + '/api/wx/login/' + this.uuid
        this.aid = e.wx.corp_id
        this.agentID = e.wx.agent_id
      })
    }
  }
 }
 </script>
 <style scoped>
 </style>
--- a/oaf/tsconfig.json
+++ b/oaf/tsconfig.json
@ -1,40 +0,0 @@
 {
  "compilerOptions": {
    "target": "esnext",
    "module": "esnext",
    "strict": true,
    "jsx": "preserve",
    "importHelpers": true,
    "moduleResolution": "node",
    "experimentalDecorators": true,
    "skipLibCheck": true,
    "esModuleInterop": true,
    "allowSyntheticDefaultImports": true,
    "sourceMap": true,
    "baseUrl": ".",
    "types": [
      "webpack-env"
    ],
    "paths": {
      "@/*": [
        "src/*"
      ]
    },
    "lib": [
      "esnext",
      "dom",
      "dom.iterable",
      "scripthost"
    ]
  },
  "include": [
    "src/**/*.ts",
    "src/**/*.tsx",
    "src/**/*.vue",
    "tests/**/*.ts",
    "tests/**/*.tsx"
  ],
  "exclude": [
    "node_modules"
  ]
 }
--- a/oaf/vue.config.js
+++ b/oaf/vue.config.js
@ -1,28 +0,0 @@
 module.exports = {
  transpileDependencies: [
    'vuetify'
  ],
  configureWebpack: {
    output: {
      filename: '[name].[hash].js'
    }
  },
  outputDir: '../sub/static',
  devServer: {
    host: '0.0.0.0',
    port: 19528,
    disableHostCheck: true,
    proxy: {
      '^/api': {
        target: 'http://127.0.0.1:4001',
        ws: true,
        changeOrigin: true
      },
      '^/media': {
        target: 'http://127.0.0.1:4001',
        ws: true,
        changeOrigin: true
      }
    }
  }
 }
--- a/oaf/yarn.lock
+++ b/oaf/yarn.lock
--- a/sub/static/index.html
+++ b/sub/static/index.html
@ -1 +0,0 @@
 <!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/favicon.ico"><title>oaf</title><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css"><link href="/css/chunk-6cfd0404.487f8d50.css" rel="prefetch"><link href="/js/about.a3055c06.js" rel="prefetch"><link href="/js/chunk-6cfd0404.65d5baaf.js" rel="prefetch"><link href="/app.b131f8d0f62acd99ab8e.js" rel="preload" as="script"><link href="/css/app.dafd5329.css" rel="preload" as="style"><link href="/css/chunk-vendors.dfe6062e.css" rel="preload" as="style"><link href="/js/chunk-vendors.83bac771.js" rel="preload" as="script"><link href="/css/chunk-vendors.dfe6062e.css" rel="stylesheet"><link href="/css/app.dafd5329.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but oaf doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div><script src="/js/chunk-vendors.83bac771.js"></script><script src="/app.b131f8d0f62acd99ab8e.js"></script></body></html>
--- a/sub/web.go
+++ b/sub/web.go
@ -1,86 +0,0 @@
 package sub
 import (
 	"OneAuth/api"
 	"OneAuth/cfg"
 	"OneAuth/models"
 	"embed"
 	"github.com/urfave/cli/v2"
 	"github.com/veypi/OneBD"
 	"github.com/veypi/OneBD/core"
 	"github.com/veypi/OneBD/rfc"
 	"github.com/veypi/utils/log"
 	"net/http"
 	"os"
 )
 //go:embed static
 var staticFiles embed.FS
 //go:embed static/index.html
 var indexFile []byte
 var Web = cli.Command{
 	Name:        "web",
 	Usage:       "",
 	Description: "oa 核心http服务",
 	Action:      RunWeb,
 	Flags:       []cli.Flag{},
 }
 func RunWeb(c *cli.Context) error {
 	_ = runSyncDB(c)
 	ll := log.InfoLevel
 	if l, err := log.ParseLevel(cfg.CFG.LoggerLevel); err == nil {
 		ll = l
 	}
 	app := OneBD.New(&OneBD.Config{
 		Host:        cfg.CFG.Host,
 		LoggerPath:  cfg.CFG.LoggerPath,
 		LoggerLevel: ll,
 	})
 	app.Router().EmbedFile("/", indexFile)
 	app.Router().EmbedDir("/", staticFiles, "static/")
 	// TODO media 文件需要检验权限
 	//app.Router().SubRouter("/media/").Static("/", cfg.CFG.EXEDir+"/media")
 	app.Router().SetNotFoundFunc(func(m core.Meta) {
 		f, err := os.Open(cfg.CFG.EXEDir + "/static/index.html")
 		if err != nil {
 			m.WriteHeader(rfc.StatusNotFound)
 			return
 		}
 		defer f.Close()
 		info, err := f.Stat()
 		if err != nil {
 			m.WriteHeader(rfc.StatusNotFound)
 			return
 		}
 		if info.IsDir() {
 			// TODO:: dir list
 			m.WriteHeader(rfc.StatusNotFound)
 			return
 		}
 		http.ServeContent(m, m.Request(), info.Name(), info.ModTime(), f)
 	})
 	api.Router(app.Router().SubRouter("api"))
 	log.Info().Msg("\nRouting Table\n" + app.Router().String())
 	return app.Run()
 }
 func runSyncDB(*cli.Context) error {
 	db := cfg.DB()
 	log.HandlerErrs(
 		db.SetupJoinTable(&models.User{}, "Roles", &models.UserRole{}),
 		db.SetupJoinTable(&models.Role{}, "Users", &models.UserRole{}),
 		db.SetupJoinTable(&models.Role{}, "Auths", &models.RoleAuth{}),
 		db.AutoMigrate(&models.User{}, &models.Role{}, &models.Auth{}),
 	)
 	log.HandlerErrs(
 		db.AutoMigrate(&models.App{}, &models.Wechat{}),
 	)
 	return nil
 }
		`@ -1 +0,0 @@`
			<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 87.5 100"><defs><style>.cls-1{fill:#1697f6;}.cls-2{fill:#7bc6ff;}.cls-3{fill:#1867c0;}.cls-4{fill:#aeddff;}</style></defs><title>Artboard 46</title><polyline class="cls-1" points="43.75 0 23.31 0 43.75 48.32"/><polygon class="cls-2" points="43.75 62.5 43.75 100 0 14.58 22.92 14.58 43.75 62.5"/><polyline class="cls-3" points="43.75 0 64.19 0 43.75 48.32"/><polygon class="cls-4" points="64.58 14.58 87.5 14.58 43.75 100 43.75 62.5 64.58 14.58"/></svg>
		`@ -1,2 +0,0 @@`
			!function(a,b,c){function d(c){var d=b.createElement("iframe"),e="https://open.work.weixin.qq.com/wwopen/sso/qrConnect?appid="+c.appid+"&agentid="+c.agentid+"&redirect_uri="+c.redirect_uri+"&state="+c.state+"&login_type=jssdk";e+=c.style?"&style="+c.style:"",e+=c.href?"&href="+c.href:"",d.src=e,d.frameBorder="0",d.allowTransparency="true",d.scrolling="no",d.width="300px",d.height="400px";var f=b.getElementById(c.id);f.innerHTML="",f.appendChild(d),d.onload=function(){d.contentWindow.postMessage&&a.addEventListener&&(a.addEventListener("message",function(b){
			`b.data&&b.origin.indexOf("work.weixin.qq.com")>-1&&(a.location.href=b.data)}),d.contentWindow.postMessage("ask_usePostMessage","*"))}}a.WwLogin=d}(window,document);`
		`@ -1 +0,0 @@`
			<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width,initial-scale=1"><link rel="icon" href="/favicon.ico"><title>oaf</title><link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900"><link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css"><link href="/css/chunk-6cfd0404.487f8d50.css" rel="prefetch"><link href="/js/about.a3055c06.js" rel="prefetch"><link href="/js/chunk-6cfd0404.65d5baaf.js" rel="prefetch"><link href="/app.b131f8d0f62acd99ab8e.js" rel="preload" as="script"><link href="/css/app.dafd5329.css" rel="preload" as="style"><link href="/css/chunk-vendors.dfe6062e.css" rel="preload" as="style"><link href="/js/chunk-vendors.83bac771.js" rel="preload" as="script"><link href="/css/chunk-vendors.dfe6062e.css" rel="stylesheet"><link href="/css/app.dafd5329.css" rel="stylesheet"></head><body><noscript><strong>We're sorry but oaf doesn't work properly without JavaScript enabled. Please enable it to continue.</strong></noscript><div id="app"></div><script src="/js/chunk-vendors.83bac771.js"></script><script src="/app.b131f8d0f62acd99ab8e.js"></script></body></html>