feat google oauth

api/router.go

@@ -38,15 +38,20 @@ func SetupRouter(engine *gin.RouterGroup) {
 			ossRouter.POST("/file/upload", endpoint.UploadFile)
 		}
 
-		userRouter := v1.Group("/user", common.GetAuthMiddleware())
+		userEndpoint := user.NewUserEndpoint()
+
+		userRouter := v1.Group("/user")
 		{
-			userEndpoint := user.NewUserEndpoint()
-			{
-				userRouter.POST("/sms", userEndpoint.SendVerificationCode)
-				userRouter.POST("/register", userEndpoint.RegisterByEmail)
-				userRouter.POST("/login", userEndpoint.LoginByEmail)
-				userRouter.GET("/info", common.MustAuthMiddleware(), userEndpoint.GetUserInfo)
-			}
+			userRouter.POST("/sms", userEndpoint.SendVerificationCode)
+			userRouter.POST("/register", userEndpoint.RegisterByEmail)
+			userRouter.POST("/login", userEndpoint.LoginByEmail)
+			userRouter.GET("/oauth/google/url", userEndpoint.GetGoogleOAuthUrl)
+			userRouter.POST("/oauth/google/callback", userEndpoint.GoogleOAuthCallback)
+		}
+
+		userAuthRouter := v1.Group("/user", common.GetAuthMiddleware())
+		{
+			userAuthRouter.GET("/info", common.MustAuthMiddleware(), userEndpoint.GetUserInfo)
 		}
 
 		// 数据埋点路由

api/v1/user/handler.go

@@ -1,7 +1,9 @@
 package user
 
 import (
+	"fmt"
 	"net/http"
+	"net/url"
 
 	"gitea.com/texpixel/document_ai/config"
 	model "gitea.com/texpixel/document_ai/internal/model/user"
@@ -169,3 +171,69 @@ func (h *UserEndpoint) LoginByEmail(ctx *gin.Context) {
 		ExpiresAt: tokenResult.ExpiresAt,
 	}))
 }
+
+func (h *UserEndpoint) GetGoogleOAuthUrl(ctx *gin.Context) {
+	req := model.GoogleAuthUrlRequest{}
+	if err := ctx.ShouldBindQuery(&req); err != nil {
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeParamError, common.CodeParamErrorMsg))
+		return
+	}
+
+	googleConfig := config.GlobalConfig.Google
+	if googleConfig.ClientID == "" {
+		log.Error(ctx, "func", "GetGoogleOAuthUrl", "msg", "Google OAuth not configured")
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeSystemError, common.CodeSystemErrorMsg))
+		return
+	}
+
+	authURL := fmt.Sprintf(
+		"https://accounts.google.com/o/oauth2/v2/auth?client_id=%s&redirect_uri=%s&response_type=code&scope=openid%%20email%%20profile&state=%s",
+		url.QueryEscape(googleConfig.ClientID),
+		url.QueryEscape(req.RedirectURI),
+		url.QueryEscape(req.State),
+	)
+
+	ctx.JSON(http.StatusOK, common.SuccessResponse(ctx, model.GoogleAuthUrlResponse{
+		AuthURL: authURL,
+	}))
+}
+
+func (h *UserEndpoint) GoogleOAuthCallback(ctx *gin.Context) {
+	req := model.GoogleOAuthCallbackRequest{}
+	if err := ctx.ShouldBindJSON(&req); err != nil {
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeParamError, common.CodeParamErrorMsg))
+		return
+	}
+
+	googleConfig := config.GlobalConfig.Google
+	if googleConfig.ClientID == "" || googleConfig.ClientSecret == "" {
+		log.Error(ctx, "func", "GoogleOAuthCallback", "msg", "Google OAuth not configured")
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeSystemError, common.CodeSystemErrorMsg))
+		return
+	}
+
+	userInfo, err := h.userService.ExchangeGoogleCodeAndGetUserInfo(ctx, googleConfig.ClientID, googleConfig.ClientSecret, req.Code, req.RedirectURI)
+	if err != nil {
+		log.Error(ctx, "func", "GoogleOAuthCallback", "msg", "exchange code failed", "error", err)
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeSystemError, common.CodeSystemErrorMsg))
+		return
+	}
+
+	uid, err := h.userService.FindOrCreateGoogleUser(ctx, userInfo)
+	if err != nil {
+		log.Error(ctx, "func", "GoogleOAuthCallback", "msg", "find or create user failed", "error", err)
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeSystemError, common.CodeSystemErrorMsg))
+		return
+	}
+
+	tokenResult, err := jwt.CreateToken(jwt.User{UserId: uid})
+	if err != nil {
+		ctx.JSON(http.StatusOK, common.ErrorResponse(ctx, common.CodeUnauthorized, common.CodeUnauthorizedMsg))
+		return
+	}
+
+	ctx.JSON(http.StatusOK, common.SuccessResponse(ctx, model.GoogleOAuthCallbackResponse{
+		Token:     tokenResult.Token,
+		ExpiresAt: tokenResult.ExpiresAt,
+	}))
+}