afan
/
flutter_app_android
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 1 Pull Requests 0 Wydania 0 Wiki Aktywność
这是CaiYouHui前端,一个关于flutter的安卓app,前端使用flutter实现
12 Commity
3 Gałęzie
Drzewo: 31e7e4dc60
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '31e7e4dc60'
${ noResults }
flutter_app_android/lib/data/repositories/auth_repository.dart

auth_repository.dart 10KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379 
  1. import 'dart:convert';

  2. import 'package:shared_preferences/shared_preferences.dart';

  3. import '../../core/constants/api_constants.dart';

  4. import '../../core/utils/crypto_utils.dart';

  5. import '../datasources/remote/api_client.dart';

  6. import '../models/auth/secure_login_request.dart';

  7. import '../models/user.dart';

  8. import '../models/auth/login_request.dart';

  9. import '../models/auth/register_request.dart';

  10. import '../models/auth/token_response.dart';

  11. import '../models/api_response.dart';

  12. 

  13. class AuthRepository {

  14.   final ApiClient _apiClient;

  15.   final SharedPreferences _prefs;

  16.   

  17.   AuthRepository({

  18.     required ApiClient apiClient,

  19.     required SharedPreferences prefs,

  20.   }) : _apiClient = apiClient, _prefs = prefs;

  21.   

  22.   // 登录(需要使用安全登录替代)保存双token

  23.   Future<ApiResponse<User>> login(LoginRequest request) async {

  24.     try {

  25.       final response = await _apiClient.post(

  26.         ApiConstants.getLoginUrl(),

  27.         request.toJson(),

  28.         withAuth: false,  // 登录不需要认证头

  29.       );

  30.       

  31.       if (response.statusCode == 200) {

  32.         final tokenResponse = TokenResponse.fromJson(

  33.           json.decode(response.body)

  34.         );

  35.         

  36.         // 保存access_token和refresh_token

  37.         await _apiClient.saveTokens(

  38.           tokenResponse.accessToken,

  39.           tokenResponse.refreshToken,

  40.         );

  41.         

  42.         // 保存用户数据

  43.         await _prefs.setString(

  44.           'user_data',

  45.           json.encode(tokenResponse.user.toJson()),

  46.         );

  47.         

  48.         return ApiResponse<User>(

  49.           success: true,

  50.           message: '登录成功',

  51.           data: tokenResponse.user,

  52.         );

  53.       } else {

  54.         final error = json.decode(response.body);

  55.         return ApiResponse<User>(

  56.           success: false,

  57.           message: error['detail'] ?? '登录失败',

  58.         );

  59.       }

  60.     } catch (e) {

  61.       return ApiResponse<User>(

  62.         success: false,

  63.         message: '登录失败: $e',

  64.       );

  65.     }

  66.   }

  67.   

  68.   // 注册(需要使用安全注册替代)保存双token

  69.   Future<ApiResponse<User>> register(RegisterRequest request) async {

  70.     try {

  71.       final response = await _apiClient.post(

  72.         ApiConstants.getRegisterUrl(),

  73.         request.toJson(),

  74.         withAuth: false,

  75.       );

  76.       

  77.       if (response.statusCode == 201) {

  78.         final tokenResponse = TokenResponse.fromJson(

  79.           json.decode(response.body)

  80.         );

  81.         

  82.         // 保存双token

  83.         await _apiClient.saveTokens(

  84.           tokenResponse.accessToken,

  85.           tokenResponse.refreshToken,

  86.         );

  87.         

  88.         // 保存用户数据

  89.         await _prefs.setString(

  90.           'user_data',

  91.           json.encode(tokenResponse.user.toJson()),

  92.         );

  93.         

  94.         return ApiResponse<User>(

  95.           success: true,

  96.           message: '注册成功',

  97.           data: tokenResponse.user,

  98.         );

  99.       } else {

  100.         final error = json.decode(response.body);

  101.         return ApiResponse<User>(

  102.           success: false,

  103.           message: error['detail'] ?? '注册失败',

  104.         );

  105.       }

  106.     } catch (e) {

  107.       return ApiResponse<User>(

  108.         success: false,

  109.         message: '注册失败: $e',

  110.       );

  111.     }

  112.   }

  113.   

  114.   // 安全登录方法

  115.   Future<ApiResponse<User>> secureLogin(LoginRequest request) async {

  116.     try {

  117.       // 创建安全登录请求

  118.       final secureRequest = SecureLoginRequest.create(

  119.         username: request.username,

  120.         password: request.password,

  121.       );

  122.       

  123.       final response = await _apiClient.post(

  124.         ApiConstants.getLoginUrl(),

  125.         secureRequest.toJson(),

  126.         withAuth: false,

  127.       );

  128.       

  129.       // ... 处理响应

  130.       if (response.statusCode == 200) {

  131.         final tokenResponse = TokenResponse.fromJson(

  132.           json.decode(response.body)

  133.         );

  134.         

  135.         // 保存access_token和refresh_token

  136.         await _apiClient.saveTokens(

  137.           tokenResponse.accessToken,

  138.           tokenResponse.refreshToken,

  139.         );

  140.         

  141.         // 保存用户数据

  142.         await _prefs.setString(

  143.           'user_data',

  144.           json.encode(tokenResponse.user.toJson()),

  145.         );

  146.         

  147.         return ApiResponse<User>(

  148.           success: true,

  149.           message: '登录成功',

  150.           data: tokenResponse.user,

  151.         );

  152.       } else {

  153.         final error = json.decode(response.body);

  154.         return ApiResponse<User>(

  155.           success: false,

  156.           message: error['detail'] ?? '登录失败',

  157.         );

  158.       }

  159.     } catch (e) {

  160.       return ApiResponse<User>(

  161.         success: false,

  162.         message: '登录失败: $e',

  163.       );

  164.     }

  165.   }

  166.   

  167.   // 安全注册方法

  168.   Future<ApiResponse<User>> secureRegister(RegisterRequest request) async {

  169.     try {

  170.       // 创建安全注册数据

  171.       final salt = CryptoUtils.generateSalt();

  172.       final passwordHash = CryptoUtils.sha256Hash(request.password + salt);

  173.       

  174.       final registerData = {

  175.         'username': request.username,

  176.         'email': request.email,

  177.         'password_hash': passwordHash,

  178.         'salt': salt,

  179.         'full_name': request.fullName,

  180.         'password_confirm': request.passwordConfirm,

  181.       };

  182.       

  183.       final response = await _apiClient.post(

  184.         ApiConstants.getRegisterUrl(),

  185.         registerData,

  186.         withAuth: false,

  187.       );

  188.       

  189.       // ... 处理响应

  190.       if (response.statusCode == 201) {

  191.         final tokenResponse = TokenResponse.fromJson(

  192.           json.decode(response.body)

  193.         );

  194.         

  195.         // 保存双token

  196.         await _apiClient.saveTokens(

  197.           tokenResponse.accessToken,

  198.           tokenResponse.refreshToken,

  199.         );

  200.         

  201.         // 保存用户数据

  202.         await _prefs.setString(

  203.           'user_data',

  204.           json.encode(tokenResponse.user.toJson()),

  205.         );

  206.         

  207.         return ApiResponse<User>(

  208.           success: true,

  209.           message: '注册成功',

  210.           data: tokenResponse.user,

  211.         );

  212.       } else {

  213.         final error = json.decode(response.body);

  214.         return ApiResponse<User>(

  215.           success: false,

  216.           message: error['detail'] ?? '注册失败',

  217.         );

  218.       }

  219.     } catch (e) {

  220.       return ApiResponse<User>(

  221.         success: false,

  222.         message: '注册失败: $e',

  223.       );

  224.     }

  225.   }

  226. 

  227.   // 获取当前用户

  228.   Future<ApiResponse<User>> getCurrentUser() async {

  229.     try {

  230.       final response = await _apiClient.get(

  231.         ApiConstants.getCurrentUserUrl(),

  232.         withAuth: true,

  233.       );

  234.       

  235.       if (response.statusCode == 200) {

  236.         final userData = json.decode(response.body);

  237.         final user = User.fromJson(userData);

  238.         

  239.         // 更新本地用户数据

  240.         await _prefs.setString('user_data', json.encode(user.toJson()));

  241.         

  242.         return ApiResponse<User>(

  243.           success: true,

  244.           message: '获取成功',

  245.           data: user,

  246.         );

  247.       } else if (response.statusCode == 401) {

  248.         // Token过期,尝试刷新

  249.         final refreshResult = await _refreshToken();

  250.         if (refreshResult) {

  251.           // 刷新成功,重新获取用户信息

  252.           return await getCurrentUser();

  253.         } else {

  254.           return ApiResponse<User>(

  255.             success: false,

  256.             message: '登录已过期,请重新登录',

  257.           );

  258.         }

  259.       } else {

  260.         return ApiResponse<User>(

  261.           success: false,

  262.           message: '获取用户信息失败',

  263.         );

  264.       }

  265.     } catch (e) {

  266.       return ApiResponse<User>(

  267.         success: false,

  268.         message: '获取失败: $e',

  269.       );

  270.     }

  271.   }

  272. 

  273.   // 刷新Token

  274.   Future<bool> _refreshToken() async {

  275.     try {

  276.       final refreshToken = _apiClient.getRefreshToken();

  277.       

  278.       if (refreshToken == null || refreshToken.isEmpty) {

  279.         return false;

  280.       }

  281.       

  282.       final response = await _apiClient.post(

  283.         ApiConstants.getRefreshUrl(),  // 需要添加这个常量

  284.         {'refresh_token': refreshToken},

  285.         withAuth: false,

  286.       );

  287.       

  288.       if (response.statusCode == 200) {

  289.         final data = json.decode(response.body);

  290.         final newAccessToken = data['access_token'];

  291.         final newRefreshToken = data['refresh_token'];

  292.         

  293.         // 保存新的tokens

  294.         await _apiClient.saveTokens(newAccessToken, newRefreshToken);

  295.         return true;

  296.       }

  297.       

  298.       return false;

  299.     } catch (e) {

  300.       return false;

  301.     }

  302.   }

  303.   

  304.   // 登出

  305.   Future<ApiResponse<bool>> logout() async {

  306.     try {

  307.       // 获取refresh_token

  308.       final refreshToken = _apiClient.getRefreshToken();

  309.       

  310.       if (refreshToken == null || refreshToken.isEmpty) {

  311.         // 没有refresh_token,只清除本地数据

  312.         await _clearLocalData();

  313.         return ApiResponse<bool>(

  314.           success: true,

  315.           message: '已退出登录',

  316.           data: true,

  317.         );

  318.       }

  319.       

  320.       // 发送登出请求到服务器

  321.       final response = await _apiClient.post(

  322.         ApiConstants.getLogoutUrl(),

  323.         {'refresh_token': refreshToken},

  324.         withAuth: true,  // 需要access_token认证头

  325.       );

  326.       

  327.       // 无论服务器响应如何,都清除本地数据

  328.       await _clearLocalData();

  329.       

  330.       if (response.statusCode == 200) {

  331.         return ApiResponse<bool>(

  332.           success: true,

  333.           message: '已成功退出登录',

  334.           data: true,

  335.         );

  336.       } else {

  337.         // 服务器登出失败,但本地已清除

  338.         return ApiResponse<bool>(

  339.           success: true,

  340.           message: '已退出登录(服务器通信失败)',

  341.           data: true,

  342.         );

  343.       }

  344.     } catch (e) {

  345.       // 网络异常,仍然清除本地数据

  346.       await _clearLocalData();

  347.       return ApiResponse<bool>(

  348.         success: true,

  349.         message: '已退出登录(网络异常)',

  350.         data: true,

  351.       );

  352.     }

  353.   }

  354. 

  355.   // 清除本地数据

  356.   Future<void> _clearLocalData() async {

  357.     await _apiClient.clearTokens();

  358.     await _prefs.remove('user_data');

  359.   }

  360.   

  361.   // 检查登录状态

  362.   Future<bool> isLoggedIn() async {

  363.     // 检查是否有access_token

  364.     if (!_apiClient.isLoggedIn()) {

  365.       return false;

  366.     }

  367.     

  368.     // 可以进一步验证token是否有效

  369.     try {

  370.       final response = await _apiClient.get(

  371.         ApiConstants.getCurrentUserUrl(),

  372.         withAuth: true,

  373.       );

  374.       return response.statusCode == 200;

  375.     } catch (e) {

  376.       return false;

  377.     }

  378.   }

  379. }