add sso

base/aaa/sess.go

@@ -13,6 +13,7 @@ func _sess_list(m *ice.Message) {
 }
 func _sess_auth(m *ice.Message, sessid string, username string, userrole string) {
 	m.Richs(SESS, nil, sessid, func(value map[string]interface{}) {
+		m.Debug("fuck %v", m.Option(ice.MSG_USERROLE))
 		if m.Option(ice.MSG_USERROLE) == ROOT {
 			value[USERROLE] = userrole
 		} else if m.Option(ice.MSG_USERROLE) == TECH && userrole != ROOT {
@@ -26,9 +27,13 @@ func _sess_auth(m *ice.Message, sessid string, username string, userrole string)
 }
 func _sess_check(m *ice.Message, sessid string) {
 	m.Richs(SESS, nil, sessid, func(value map[string]interface{}) {
+		m.Richs(USER, nil, value[USERNAME], func(value map[string]interface{}) {
+			m.Option(ice.MSG_USERNICK, value[USERNICK])
+		})
 		m.Log_AUTH(
 			USERNAME, m.Option(ice.MSG_USERNAME, value[USERNAME]),
 			USERROLE, m.Option(ice.MSG_USERROLE, value[USERROLE]),
+			USERNICK, m.Option(ice.MSG_USERROLE),
 		)
 	})
 }

base/aaa/user.go

@@ -26,6 +26,18 @@ func _user_login(m *ice.Message, name, word string) (ok bool) {
 	})
 	return ok
 }
+func _user_modify(m *ice.Message, name string, arg ...string) {
+	if m.Richs(USER, nil, name, nil) == nil {
+		m.Rich(USER, nil, kit.Dict(USERNAME, name))
+	}
+
+	m.Richs(USER, nil, name, func(key string, value map[string]interface{}) {
+		for i := 0; i < len(arg)-1; i += 2 {
+			m.Log_MODIFY(USERNAME, name, arg[i], arg[i+1])
+			kit.Value(value, arg[i], arg[i+1])
+		}
+	})
+}
 func _user_create(m *ice.Message, name, word string) {
 	m.Rich(USER, nil, kit.Dict(
 		USERNAME, name, PASSWORD, word,
@@ -87,6 +99,9 @@ func init() {
 				mdb.CREATE: {Name: "create username [password]", Help: "创建", Hand: func(m *ice.Message, arg ...string) {
 					_user_create(m, arg[0], kit.Select("", arg, 1))
 				}},
+				mdb.MODIFY: {Name: "create username [key value]...", Help: "创建", Hand: func(m *ice.Message, arg ...string) {
+					_user_modify(m, arg[0], arg[1:]...)
+				}},
 				mdb.SEARCH: {Name: "search type name text arg...", Help: "搜索", Hand: func(m *ice.Message, arg ...string) {
 					_user_search(m, arg[0], arg[1], kit.Select("", arg, 2))
 				}},

base/web/serve.go

@@ -184,6 +184,12 @@ func _serve_main(m *ice.Message, w http.ResponseWriter, r *http.Request) bool {
 		Render(m, "refresh", m.Conf(SERVE, "meta.volcanos.refresh"))
 		m.Event(gdb.SYSTEM_INIT)
 		m.W = nil
+	} else if r.URL.Path == "/" && m.Conf(SERVE, "meta.sso") != "" {
+		if c, e := r.Cookie(ice.MSG_SESSID); e != nil || c.Value == "" {
+			http.Redirect(w, r, m.Conf(SERVE, "meta.sso"), http.StatusTemporaryRedirect)
+			return false
+		}
+		return true
 	} else if r.URL.Path == "/share" && r.Method == "GET" {
 		http.ServeFile(w, r, m.Conf(SERVE, "meta.page.share"))
 	} else {

misc/lark/lark.go

@@ -10,6 +10,7 @@ import (
 	"github.com/shylinux/toolkits"
 
 	"encoding/json"
+	"math/rand"
 	"net/http"
 	"strings"
 	"time"
@@ -69,6 +70,8 @@ const (
 	DUTY  = "duty"
 	TALK  = "talk"
 
+	RAND = "rand"
+
 	LARK = "lark"
 )
 
@@ -224,6 +227,11 @@ var Index = &ice.Context{Name: "lark", Help: "机器人",
 			}
 			m.Cmdy(m.Prefix(SEND), "chat_id", arg[0], arg[2:])
 		}},
+		RAND: {Name: "rand", Help: "随机", Hand: func(m *ice.Message, c *ice.Context, key string, arg ...string) {
+			msg := m.Cmd(GROUP, "user", m.Option(OPEN_CHAT_ID))
+			list := msg.Appendv("name")
+			m.Echo(list[rand.Intn(len(list))])
+		}},
 		SEND: {Name: "send [chat_id|open_id|user_id|email] user [title] text", Help: "消息", Hand: func(m *ice.Message, c *ice.Context, key string, arg ...string) {
 			var form = kit.Dict("content", kit.Dict())
 
@@ -239,6 +247,9 @@ var Index = &ice.Context{Name: "lark", Help: "机器人",
 			case 1:
 				kit.Value(form, "msg_type", "text")
 				kit.Value(form, "content.text", arg[0])
+				if arg[0] == "" {
+					return
+				}
 			default:
 				content := []interface{}{}
 				line := []interface{}{}
@@ -464,23 +475,30 @@ var Index = &ice.Context{Name: "lark", Help: "机器人",
 
 		"/sso": {Name: "/sso", Help: "消息", Hand: func(m *ice.Message, c *ice.Context, key string, arg ...string) {
 			if m.Options("code") {
-				m.Option("username", m.Cmd(".user", "code", m.Option("code")).Append("open_id"))
+				m.Richs(APP, nil, "bot", func(key string, value map[string]interface{}) {
-				m.Option("sessid", m.Cmdx("aaa.user", "session", "select"))
+					data := kit.UnMarshal(m.Cmdx(web.SPIDE, LARK, "raw", "/open-apis/authen/v1/access_token",
-				m.Cmd("ssh._check", "work", "create", m.Option("username"))
+						"code", m.Option("code"), "grant_type", "authorization_code",
+						"app_access_token", m.Cmdx(APP, "token", "bot"),
+					))
 
-				// web.Cookie(m)
+					m.Option(ice.MSG_USERROLE, aaa.ROOT)
-				// m.Append("redirect", m.Cmdx("web.spide", "serve", "merge", m.Option("index_path")), "code", "")
+					user := kit.Format(kit.Value(data, "data.open_id"))
+					web.RenderCookie(m, aaa.SessCreate(m, user, aaa.UserRole(m, user)))
+					m.Render("redirect", m.Conf(web.SHARE, "meta.domain"))
+
+					m.Debug("data %v", kit.Format(data))
+					m.Cmd(aaa.USER, mdb.MODIFY, user,
+						aaa.USERNICK, kit.Value(data, "data.name"),
+					)
+				})
 				return
 			}
 
-			if !m.Options("sessid") || !m.Options("username") {
+			m.Richs(APP, nil, "bot", func(key string, value map[string]interface{}) {
-				m.Append("redirect", m.Cmdx("web.spide", "feishu", "merge", "/connect/qrconnect/page/sso/",
+				m.Render("redirect", kit.MergeURL2(m.Conf(APP, "meta.lark"), "/open-apis/authen/v1/index"),
-					"redirect_uri", m.Cmdx("web.spide", "serve", "merge", m.Option("index_path")),
+					"app_id", value["id"], "redirect_uri", kit.MergeURL2(m.Conf(web.SHARE, "meta.domain"), "/chat/lark/sso"),
-					"app_id", m.Conf("app", "bot.id"), "state", "ok"))
+				)
-				return
+			})
-			}
-			m.Cmd("/render")
-			return
 		}},
 	},
 }