🐛 fix session bug

2024-11-17 20:02:59 +08:00
parent 34c4690f80
commit 78a162a19a
72 changed files with 1304 additions and 453 deletions
--- a/app/core/api/internal/logic/client/generate_client_id_logic.go
+++ b/app/core/api/internal/logic/client/generate_client_id_logic.go
@@ -36,7 +36,6 @@ func (l *GenerateClientIdLogic) GenerateClientId(clientIP string) (resp *types.R
 	}
 	simpleUuid := kgo.SimpleUuid()
 	if err = l.svcCtx.RedisClient.SetEx(l.ctx, constant.UserClientPrefix+clientIP, simpleUuid, time.Hour*24*7).Err(); err != nil {
-		l.Error(err)
 		return response.Error(), err
 	}
 	return response.SuccessWithData(simpleUuid), nil
--- a/app/core/api/internal/logic/comment/dislike_comment_logic.go
+++ b/app/core/api/internal/logic/comment/dislike_comment_logic.go
@@ -0,0 +1,30 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type DislikeCommentLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewDislikeCommentLogic(ctx context.Context, svcCtx *svc.ServiceContext) *DislikeCommentLogic {
+	return &DislikeCommentLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *DislikeCommentLogic) DislikeComment(req *types.CommentDisLikeRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}
--- a/app/core/api/internal/logic/comment/get_comment_list_logic.go
+++ b/app/core/api/internal/logic/comment/get_comment_list_logic.go
@@ -0,0 +1,31 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/common/response"
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type GetCommentListLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewGetCommentListLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetCommentListLogic {
+	return &GetCommentListLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *GetCommentListLogic) GetCommentList(req *types.CommentListRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return response.Success(), nil
+}
--- a/app/core/api/internal/logic/comment/get_reply_list_logic.go
+++ b/app/core/api/internal/logic/comment/get_reply_list_logic.go
@@ -0,0 +1,30 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type GetReplyListLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewGetReplyListLogic(ctx context.Context, svcCtx *svc.ServiceContext) *GetReplyListLogic {
+	return &GetReplyListLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *GetReplyListLogic) GetReplyList(req *types.ReplyListRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}
--- a/app/core/api/internal/logic/comment/like_comment_logic.go
+++ b/app/core/api/internal/logic/comment/like_comment_logic.go
@@ -0,0 +1,30 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type LikeCommentLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewLikeCommentLogic(ctx context.Context, svcCtx *svc.ServiceContext) *LikeCommentLogic {
+	return &LikeCommentLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *LikeCommentLogic) LikeComment(req *types.CommentLikeRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}
--- a/app/core/api/internal/logic/comment/submit_comment_logic.go
+++ b/app/core/api/internal/logic/comment/submit_comment_logic.go
@@ -0,0 +1,30 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type SubmitCommentLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewSubmitCommentLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SubmitCommentLogic {
+	return &SubmitCommentLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *SubmitCommentLogic) SubmitComment(req *types.CommentRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}
--- a/app/core/api/internal/logic/comment/submit_reply_comment_logic.go
+++ b/app/core/api/internal/logic/comment/submit_reply_comment_logic.go
@@ -0,0 +1,30 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type SubmitReplyCommentLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewSubmitReplyCommentLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SubmitReplyCommentLogic {
+	return &SubmitReplyCommentLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *SubmitReplyCommentLogic) SubmitReplyComment(req *types.ReplyCommentRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}
--- a/app/core/api/internal/logic/comment/submit_reply_reply_logic.go
+++ b/app/core/api/internal/logic/comment/submit_reply_reply_logic.go
@@ -0,0 +1,30 @@
+package comment
+
+import (
+	"context"
+
+	"schisandra-album-cloud-microservices/app/core/api/internal/svc"
+	"schisandra-album-cloud-microservices/app/core/api/internal/types"
+
+	"github.com/zeromicro/go-zero/core/logx"
+)
+
+type SubmitReplyReplyLogic struct {
+	logx.Logger
+	ctx    context.Context
+	svcCtx *svc.ServiceContext
+}
+
+func NewSubmitReplyReplyLogic(ctx context.Context, svcCtx *svc.ServiceContext) *SubmitReplyReplyLogic {
+	return &SubmitReplyReplyLogic{
+		Logger: logx.WithContext(ctx),
+		ctx:    ctx,
+		svcCtx: svcCtx,
+	}
+}
+
+func (l *SubmitReplyReplyLogic) SubmitReplyReply(req *types.ReplyReplyRequest) (resp *types.Response, err error) {
+	// todo: add your logic here and delete this line
+
+	return
+}
--- a/app/core/api/internal/logic/oauth/github_callback_logic.go
+++ b/app/core/api/internal/logic/oauth/github_callback_logic.go
@@ -3,7 +3,6 @@ package oauth
 import (
 	"context"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"net/http"
 	"strconv"
@@ -79,7 +78,7 @@ func (l *GithubCallbackLogic) GithubCallback(w http.ResponseWriter, r *http.Requ
 	}
 	if token == nil {

-		return errors.New("failed to get token")
+		return nil
 	}

 	// 获取用户信息
@@ -90,7 +89,7 @@ func (l *GithubCallbackLogic) GithubCallback(w http.ResponseWriter, r *http.Requ
 	}

 	if userInfo == nil {
-		return errors.New("failed to get user info")
+		return nil
 	}

 	// 处理用户信息
--- a/app/core/api/internal/logic/oauth/qq_callback_logic.go
+++ b/app/core/api/internal/logic/oauth/qq_callback_logic.go
@@ -3,7 +3,6 @@ package oauth
 import (
 	"context"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"net/http"
 	"strconv"
@@ -75,7 +74,7 @@ func (l *QqCallbackLogic) QqCallback(w http.ResponseWriter, r *http.Request, req
 		return err
 	}
 	if token == nil {
-		return errors.New("get qq token failed")
+		return nil
 	}

 	// 通过 token 获取 openid
--- a/app/core/api/internal/logic/oauth/wechat_callback_logic.go
+++ b/app/core/api/internal/logic/oauth/wechat_callback_logic.go
@@ -61,9 +61,9 @@ func (l *WechatCallbackLogic) WechatCallback(w http.ResponseWriter, r *http.Requ
 				key := strings.TrimPrefix(msg.EventKey, "qrscene_")
 				err = l.HandlerWechatLogin(msg.FromUserName, key, w, r)
 				if err != nil {
-					return messages.NewText(i18n.FormatText(l.ctx, "login.loginFailed", "登录失败"))
+					return messages.NewText(i18n.FormatText(l.ctx, "login.loginFailed"))
 				}
-				return messages.NewText(i18n.FormatText(l.ctx, "login.loginSuccess", "登录成功"))
+				return messages.NewText(i18n.FormatText(l.ctx, "login.loginSuccess"))

 			case models.CALLBACK_EVENT_UNSUBSCRIBE:
 				msg := models.EventUnSubscribe{}
@@ -83,9 +83,9 @@ func (l *WechatCallbackLogic) WechatCallback(w http.ResponseWriter, r *http.Requ
 				}
 				err = l.HandlerWechatLogin(msg.FromUserName, msg.EventKey, w, r)
 				if err != nil {
-					return messages.NewText(i18n.FormatText(l.ctx, "login.loginFailed", "登录失败"))
+					return messages.NewText(i18n.FormatText(l.ctx, "login.loginFailed"))
 				}
-				return messages.NewText(i18n.FormatText(l.ctx, "login.loginSuccess", "登录成功"))
+				return messages.NewText(i18n.FormatText(l.ctx, "login.loginSuccess"))

 			}

@@ -101,11 +101,11 @@ func (l *WechatCallbackLogic) WechatCallback(w http.ResponseWriter, r *http.Requ

 	})
 	if err != nil {
-		panic(err)
+		return err
 	}
 	err = helper.HttpResponseSend(rs, w)
 	if err != nil {
-		panic(err)
+		return err
 	}
 	return nil
 }
--- a/app/core/api/internal/logic/sms/send_sms_by_aliyun_logic.go
+++ b/app/core/api/internal/logic/sms/send_sms_by_aliyun_logic.go
@@ -36,15 +36,15 @@ func (l *SendSmsByAliyunLogic) SendSmsByAliyun(req *types.SmsSendRequest) (resp

 	checkRotateData := verify.VerifyRotateCaptcha(l.ctx, l.svcCtx.RedisClient, req.Angle, req.Key)
 	if !checkRotateData {
-		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure", "验证码错误"), nil
+		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure"), nil
 	}
 	isPhone := utils.IsPhone(req.Phone)
 	if !isPhone {
-		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError", "手机号格式错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError"), nil
 	}
 	val := l.svcCtx.RedisClient.Get(l.ctx, constant.UserSmsRedisPrefix+req.Phone).Val()
 	if val != "" {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendTooFrequently", "验证码发送过于频繁，请稍后再试"), nil
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendTooFrequently"), nil
 	}
 	sms := gosms.NewParser(gateways.Gateways{
 		ALiYun: aliyun.ALiYun{
@@ -56,7 +56,7 @@ func (l *SendSmsByAliyunLogic) SendSmsByAliyun(req *types.SmsSendRequest) (resp
 	code := utils.GenValidateCode(6)
 	wrong := l.svcCtx.RedisClient.Set(l.ctx, constant.UserSmsRedisPrefix+req.Phone, code, time.Minute).Err()
 	if wrong != nil {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed", "验证码发送失败"), wrong
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed"), wrong
 	}
 	_, err = sms.Send(req.Phone, gosms.MapStringAny{
 		"content":  "您的验证码是：****。请不要把验证码泄露给其他人。",
@@ -67,7 +67,7 @@ func (l *SendSmsByAliyunLogic) SendSmsByAliyun(req *types.SmsSendRequest) (resp
 		},
 	}, nil)
 	if err != nil {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed", "验证码发送失败"), err
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed"), err
 	}
 	return response.Success(), nil
 }
--- a/app/core/api/internal/logic/sms/send_sms_by_smsbao_logic.go
+++ b/app/core/api/internal/logic/sms/send_sms_by_smsbao_logic.go
@@ -35,15 +35,15 @@ func NewSendSmsBySmsbaoLogic(ctx context.Context, svcCtx *svc.ServiceContext) *S
 func (l *SendSmsBySmsbaoLogic) SendSmsBySmsbao(req *types.SmsSendRequest) (resp *types.Response, err error) {
 	checkRotateData := verify.VerifyRotateCaptcha(l.ctx, l.svcCtx.RedisClient, req.Angle, req.Key)
 	if !checkRotateData {
-		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure", "验证码错误"), nil
+		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure"), nil
 	}
 	isPhone := utils.IsPhone(req.Phone)
 	if !isPhone {
-		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError", "手机号格式错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError"), nil
 	}
 	val := l.svcCtx.RedisClient.Get(l.ctx, constant.UserSmsRedisPrefix+req.Phone).Val()
 	if val != "" {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendTooFrequently", "验证码发送过于频繁，请稍后再试"), nil
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendTooFrequently"), nil
 	}
 	sms := gosms.NewParser(gateways.Gateways{
 		SmsBao: smsbao.SmsBao{
@@ -54,13 +54,13 @@ func (l *SendSmsBySmsbaoLogic) SendSmsBySmsbao(req *types.SmsSendRequest) (resp
 	code := utils.GenValidateCode(6)
 	wrong := l.svcCtx.RedisClient.Set(l.ctx, constant.UserSmsRedisPrefix+req.Phone, code, time.Minute).Err()
 	if wrong != nil {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed", "验证码发送失败"), wrong
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed"), wrong
 	}
 	_, err = sms.Send(req.Phone, gosms.MapStringAny{
 		"content": "您的验证码是：" + code + "。请不要把验证码泄露给其他人。",
 	}, nil)
 	if err != nil {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed", "验证码发送失败"), err
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed"), err
 	}
 	return response.Success(), nil
 }
--- a/app/core/api/internal/logic/sms/send_sms_by_test_logic.go
+++ b/app/core/api/internal/logic/sms/send_sms_by_test_logic.go
@@ -31,20 +31,20 @@ func NewSendSmsByTestLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Sen
 func (l *SendSmsByTestLogic) SendSmsByTest(req *types.SmsSendRequest) (resp *types.Response, err error) {
 	checkRotateData := verify.VerifyRotateCaptcha(l.ctx, l.svcCtx.RedisClient, req.Angle, req.Key)
 	if !checkRotateData {
-		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure", "验证码错误"), nil
+		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure"), nil
 	}
 	isPhone := utils.IsPhone(req.Phone)
 	if !isPhone {
-		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError", "手机号格式错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError"), nil
 	}
 	val := l.svcCtx.RedisClient.Get(l.ctx, constant.UserSmsRedisPrefix+req.Phone).Val()
 	if val != "" {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendTooFrequently", "验证码发送过于频繁，请稍后再试"), nil
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendTooFrequently"), nil
 	}
 	code := utils.GenValidateCode(6)
 	wrong := l.svcCtx.RedisClient.Set(l.ctx, constant.UserSmsRedisPrefix+req.Phone, code, time.Minute).Err()
 	if wrong != nil {
-		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed", "验证码发送失败"), wrong
+		return response.ErrorWithI18n(l.ctx, "sms.smsSendFailed"), wrong
 	}
 	return response.Success(), nil
 }
--- a/app/core/api/internal/logic/user/account_login_logic.go
+++ b/app/core/api/internal/logic/user/account_login_logic.go
@@ -36,7 +36,7 @@ func NewAccountLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Acco
 func (l *AccountLoginLogic) AccountLogin(w http.ResponseWriter, r *http.Request, req *types.AccountLoginRequest) (resp *types.Response, err error) {
 	verifyResult := verify.VerifyRotateCaptcha(l.ctx, l.svcCtx.RedisClient, req.Angle, req.Key)
 	if !verifyResult {
-		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure", "验证失败！"), nil
+		return response.ErrorWithI18n(l.ctx, "captcha.verificationFailure"), nil
 	}
 	var user *ent.ScaAuthUser
 	var query *ent.ScaAuthUserQuery
@@ -49,23 +49,27 @@ func (l *AccountLoginLogic) AccountLogin(w http.ResponseWriter, r *http.Request,
 	case utils.IsUsername(req.Account):
 		query = l.svcCtx.MySQLClient.ScaAuthUser.Query().Where(scaauthuser.UsernameEQ(req.Account), scaauthuser.DeletedEQ(0))
 	default:
-		return response.ErrorWithI18n(l.ctx, "login.invalidAccount", "无效账号！"), nil
+		return response.ErrorWithI18n(l.ctx, "login.invalidAccount"), nil
 	}

 	user, err = query.First(l.ctx)
 	if err != nil {
 		if ent.IsNotFound(err) {
-			return response.ErrorWithI18n(l.ctx, "login.userNotRegistered", "用户未注册！"), nil
+			return response.ErrorWithI18n(l.ctx, "login.userNotRegistered"), nil
 		}
 		return nil, err
 	}

 	if !utils.Verify(user.Password, req.Password) {
-		return response.ErrorWithI18n(l.ctx, "login.invalidPassword", "密码错误！"), nil
+		return response.ErrorWithI18n(l.ctx, "login.invalidPassword"), nil
 	}
 	data, result := HandleUserLogin(user, l.svcCtx, req.AutoLogin, r, w, l.ctx)
 	if !result {
-		return response.ErrorWithI18n(l.ctx, "login.loginFailed", "登录失败！"), nil
+		return response.ErrorWithI18n(l.ctx, "login.loginFailed"), nil
+	}
+	// 记录用户登录设备
+	if !GetUserLoginDevice(user.UID, r, l.svcCtx.Ip2Region, l.svcCtx.MySQLClient, l.ctx) {
+		return response.ErrorWithI18n(l.ctx, "login.loginFailed"), nil
 	}
 	return response.SuccessWithData(data), nil
 }
@@ -95,32 +99,26 @@ func HandleUserLogin(user *ent.ScaAuthUser, svcCtx *svc.ServiceContext, autoLogi
 	}

 	redisToken := types.RedisToken{
-		AccessToken: accessToken,
-		UID:         user.UID,
+		AccessToken:  accessToken,
+		RefreshToken: refreshToken,
+		UID:          user.UID,
 	}
 	err := svcCtx.RedisClient.Set(ctx, constant.UserTokenPrefix+user.UID, redisToken, days).Err()
 	if err != nil {
 		logc.Error(ctx, err)
 		return nil, false
 	}
-	sessionData := types.SessionData{
-		RefreshToken: refreshToken,
-		UID:          user.UID,
-	}
 	session, err := svcCtx.Session.Get(r, constant.SESSION_KEY)
 	if err != nil {
 		logc.Error(ctx, err)
 		return nil, false
 	}
-	session.Values[constant.SESSION_KEY] = sessionData
+	session.Values["refresh_token"] = refreshToken
+	session.Values["uid"] = user.UID
 	err = session.Save(r, w)
 	if err != nil {
 		return nil, false
 	}
-	// 记录用户登录设备
-	if !GetUserLoginDevice(user.UID, r, svcCtx.Ip2Region, svcCtx.MySQLClient, ctx) {
-		return nil, false
-	}
 	return &data, true

 }
--- a/app/core/api/internal/logic/user/get_user_device_logic.go
+++ b/app/core/api/internal/logic/user/get_user_device_logic.go
@@ -39,7 +39,7 @@ func (l *GetUserDeviceLogic) GetUserDevice(r *http.Request) error {
 	}
 	sessionData, ok := session.Values[constant.SESSION_KEY]
 	if !ok {
-		return errors.New("User not found or device not found")
+		return errors.New("user session not found")
 	}
 	var data types.SessionData
 	err = json.Unmarshal(sessionData.([]byte), &data)
@@ -49,7 +49,7 @@ func (l *GetUserDeviceLogic) GetUserDevice(r *http.Request) error {

 	res := GetUserLoginDevice(data.UID, r, l.svcCtx.Ip2Region, l.svcCtx.MySQLClient, l.ctx)
 	if !res {
-		return errors.New("User not found or device not found")
+		return errors.New("user device not found")
 	}
 	return nil
 }
--- a/app/core/api/internal/logic/user/phone_login_logic.go
+++ b/app/core/api/internal/logic/user/phone_login_logic.go
@@ -34,19 +34,19 @@ func NewPhoneLoginLogic(ctx context.Context, svcCtx *svc.ServiceContext) *PhoneL

 func (l *PhoneLoginLogic) PhoneLogin(r *http.Request, w http.ResponseWriter, req *types.PhoneLoginRequest) (resp *types.Response, err error) {
 	if !utils.IsPhone(req.Phone) {
-		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError", "手机号格式错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError"), nil
 	}
 	code := l.svcCtx.RedisClient.Get(l.ctx, constant.UserSmsRedisPrefix+req.Phone).Val()
 	if code == "" {
-		return response.ErrorWithI18n(l.ctx, "login.captchaExpired", "验证码已过期"), nil
+		return response.ErrorWithI18n(l.ctx, "login.captchaExpired"), nil
 	}
 	if req.Captcha != code {
-		return response.ErrorWithI18n(l.ctx, "login.captchaError", "验证码错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.captchaError"), nil
 	}
 	user, err := l.svcCtx.MySQLClient.ScaAuthUser.Query().Where(scaauthuser.Phone(req.Phone), scaauthuser.Deleted(0)).First(l.ctx)
 	tx, wrong := l.svcCtx.MySQLClient.Tx(l.ctx)
 	if wrong != nil {
-		return response.ErrorWithI18n(l.ctx, "login.loginFailed", "登录失败"), err
+		return response.ErrorWithI18n(l.ctx, "login.loginFailed"), err
 	}
 	if ent.IsNotFound(err) {
 		uid := idgen.NextId()
@@ -64,17 +64,21 @@ func (l *PhoneLoginLogic) PhoneLogin(r *http.Request, w http.ResponseWriter, req
 			Save(l.ctx)
 		if fault != nil {
 			err = tx.Rollback()
-			return response.ErrorWithI18n(l.ctx, "login.registerError", "注册失败"), err
+			return response.ErrorWithI18n(l.ctx, "login.registerError"), err
 		}
 		_, err = l.svcCtx.CasbinEnforcer.AddRoleForUser(uidStr, constant.User)
 		if err != nil {
 			err = tx.Rollback()
-			return response.ErrorWithI18n(l.ctx, "login.registerError", "注册失败"), err
+			return response.ErrorWithI18n(l.ctx, "login.registerError"), err
 		}
 		data, result := HandleUserLogin(addUser, l.svcCtx, req.AutoLogin, r, w, l.ctx)
 		if !result {
 			err = tx.Rollback()
-			return response.ErrorWithI18n(l.ctx, "login.registerError", "注册失败"), err
+			return response.ErrorWithI18n(l.ctx, "login.registerError"), err
+		}
+		// 记录用户登录设备
+		if !GetUserLoginDevice(addUser.UID, r, l.svcCtx.Ip2Region, l.svcCtx.MySQLClient, l.ctx) {
+			return response.ErrorWithI18n(l.ctx, "login.registerError"), nil
 		}
 		err = tx.Commit()
 		if err != nil {
@@ -85,7 +89,11 @@ func (l *PhoneLoginLogic) PhoneLogin(r *http.Request, w http.ResponseWriter, req
 		data, result := HandleUserLogin(user, l.svcCtx, req.AutoLogin, r, w, l.ctx)
 		if !result {
 			err = tx.Rollback()
-			return response.ErrorWithI18n(l.ctx, "login.loginFailed", "登录失败"), err
+			return response.ErrorWithI18n(l.ctx, "login.loginFailed"), err
+		}
+		// 记录用户登录设备
+		if !GetUserLoginDevice(user.UID, r, l.svcCtx.Ip2Region, l.svcCtx.MySQLClient, l.ctx) {
+			return response.ErrorWithI18n(l.ctx, "login.loginFailed"), nil
 		}
 		err = tx.Commit()
 		if err != nil {
@@ -93,6 +101,6 @@ func (l *PhoneLoginLogic) PhoneLogin(r *http.Request, w http.ResponseWriter, req
 		}
 		return response.SuccessWithData(data), nil
 	} else {
-		return response.ErrorWithI18n(l.ctx, "login.loginFailed", "登录失败"), nil
+		return response.ErrorWithI18n(l.ctx, "login.loginFailed"), nil
 	}
 }
--- a/app/core/api/internal/logic/user/refresh_token_logic.go
+++ b/app/core/api/internal/logic/user/refresh_token_logic.go
@@ -34,28 +34,41 @@ func (l *RefreshTokenLogic) RefreshToken(r *http.Request) (resp *types.Response,
 	if err != nil {
 		return response.ErrorWithCode(403), err
 	}
-	sessionData, ok := session.Values[constant.SESSION_KEY]
+	refreshSessionToken, ok := session.Values["refresh_token"].(string)
 	if !ok {
-		return response.ErrorWithCode(403), err
+		return response.ErrorWithCode(403), nil
 	}
-	data := types.SessionData{}
-	err = json.Unmarshal(sessionData.([]byte), &data)
+	userId, ok := session.Values["uid"].(string)
+	if !ok {
+		return response.ErrorWithCode(403), nil
+	}
+	tokenData := l.svcCtx.RedisClient.Get(l.ctx, constant.UserTokenPrefix+userId).Val()
+	if tokenData == "" {
+		return response.ErrorWithCode(403), nil
+	}
+	redisTokenData := types.RedisToken{}
+	err = json.Unmarshal([]byte(tokenData), &redisTokenData)
 	if err != nil {
 		return response.ErrorWithCode(403), err
 	}
-	refreshToken, result := jwt.ParseRefreshToken(l.svcCtx.Config.Auth.AccessSecret, data.RefreshToken)
+	if redisTokenData.RefreshToken != refreshSessionToken {
+		return response.ErrorWithCode(403), nil
+	}
+
+	refreshToken, result := jwt.ParseRefreshToken(l.svcCtx.Config.Auth.AccessSecret, refreshSessionToken)
 	if !result {
-		return response.ErrorWithCode(403), err
+		return response.ErrorWithCode(403), nil
 	}
 	accessToken := jwt.GenerateAccessToken(l.svcCtx.Config.Auth.AccessSecret, jwt.AccessJWTPayload{
 		UserID: refreshToken.UserID,
 	})
 	if accessToken == "" {
-		return response.ErrorWithCode(403), err
+		return response.ErrorWithCode(403), nil
 	}
 	redisToken := types.RedisToken{
-		AccessToken: accessToken,
-		UID:         refreshToken.UserID,
+		AccessToken:  accessToken,
+		RefreshToken: refreshSessionToken,
+		UID:          refreshToken.UserID,
 	}
 	err = l.svcCtx.RedisClient.Set(l.ctx, constant.UserTokenPrefix+refreshToken.UserID, redisToken, time.Hour*24*7).Err()
 	if err != nil {
--- a/app/core/api/internal/logic/user/reset_password_logic.go
+++ b/app/core/api/internal/logic/user/reset_password_logic.go
@@ -30,36 +30,36 @@ func NewResetPasswordLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Res

 func (l *ResetPasswordLogic) ResetPassword(req *types.ResetPasswordRequest) (resp *types.Response, err error) {
 	if !utils.IsPhone(req.Phone) {
-		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError", "手机号格式错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.phoneFormatError"), nil
 	}
 	if req.Password != req.Repassword {
-		return response.ErrorWithI18n(l.ctx, "login.passwordNotMatch", "两次密码输入不一致"), nil
+		return response.ErrorWithI18n(l.ctx, "login.passwordNotMatch"), nil
 	}
 	if !utils.IsPassword(req.Password) {
-		return response.ErrorWithI18n(l.ctx, "login.passwordFormatError", "密码格式错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.passwordFormatError"), nil
 	}
 	code := l.svcCtx.RedisClient.Get(l.ctx, constant.UserSmsRedisPrefix+req.Phone).Val()
 	if code == "" {
-		return response.ErrorWithI18n(l.ctx, "login.captchaExpired", "验证码已过期"), nil
+		return response.ErrorWithI18n(l.ctx, "login.captchaExpired"), nil
 	}
 	if req.Captcha != code {
-		return response.ErrorWithI18n(l.ctx, "login.captchaError", "验证码错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.captchaError"), nil
 	}
 	// 验证码检查通过后立即删除或标记为已使用
 	if err = l.svcCtx.RedisClient.Del(l.ctx, constant.UserSmsRedisPrefix+req.Phone).Err(); err != nil {
-		return response.ErrorWithI18n(l.ctx, "login.captchaError", "验证码错误"), nil
+		return response.ErrorWithI18n(l.ctx, "login.captchaError"), err
 	}
 	user, err := l.svcCtx.MySQLClient.ScaAuthUser.Query().Where(scaauthuser.Phone(req.Phone), scaauthuser.Deleted(constant.NotDeleted)).First(l.ctx)
 	if err != nil && ent.IsNotFound(err) {
-		return response.ErrorWithI18n(l.ctx, "login.userNotRegistered", "用户未注册"), nil
+		return response.ErrorWithI18n(l.ctx, "login.userNotRegistered"), err
 	}
 	encrypt, err := utils.Encrypt(req.Password)
 	if err != nil {
-		return response.ErrorWithI18n(l.ctx, "login.resetPasswordError", "重置密码失败"), nil
+		return response.ErrorWithI18n(l.ctx, "login.resetPasswordError"), err
 	}
 	err = user.Update().SetPassword(encrypt).Exec(l.ctx)
 	if err != nil {
-		return response.ErrorWithI18n(l.ctx, "login.resetPasswordError", "重置密码失败"), err
+		return response.ErrorWithI18n(l.ctx, "login.resetPasswordError"), err
 	}
 	return response.Success(), nil
 }
--- a/app/core/api/internal/logic/websocket/message_websocket_logic.go
+++ b/app/core/api/internal/logic/websocket/message_websocket_logic.go
@@ -42,7 +42,7 @@ var MessageWebSocketHandler *MessageWebSocket
 func InitializeWebSocketHandler(svcCtx *svc.ServiceContext) {
 	MessageWebSocketHandler = NewMessageWebSocket(svcCtx)
 }
-func (l *MessageWebsocketLogic) MessageWebsocket(w http.ResponseWriter, r *http.Request) error {
+func (l *MessageWebsocketLogic) MessageWebsocket(w http.ResponseWriter, r *http.Request) {
 	upgrader := gws.NewUpgrader(MessageWebSocketHandler, &gws.ServerOption{
 		HandshakeTimeout: 5 * time.Second, // 握手超时时间
 		ReadBufferSize:   1024,            // 读缓冲区大小
@@ -71,12 +71,11 @@ func (l *MessageWebsocketLogic) MessageWebsocket(w http.ResponseWriter, r *http.
 	})
 	socket, err := upgrader.Upgrade(w, r)
 	if err != nil {
-		return err
+		panic(err)
 	}
 	go func() {
 		socket.ReadLoop() // 此处阻塞会使请求上下文不能顺利被GC
 	}()
-	return nil
 }

 // NewMessageWebSocket 创建WebSocket实例
--- a/app/core/api/internal/logic/websocket/qrcode_websocket_logic.go
+++ b/app/core/api/internal/logic/websocket/qrcode_websocket_logic.go
@@ -40,7 +40,7 @@ type QrcodeWebSocket struct {

 var QrcodeWebSocketHandler = NewWebSocket()

-func (l *QrcodeWebsocketLogic) QrcodeWebsocket(w http.ResponseWriter, r *http.Request) error {
+func (l *QrcodeWebsocketLogic) QrcodeWebsocket(w http.ResponseWriter, r *http.Request) {
 	upgrader := gws.NewUpgrader(QrcodeWebSocketHandler, &gws.ServerOption{
 		HandshakeTimeout: 5 * time.Second, // 握手超时时间
 		ReadBufferSize:   1024,            // 读缓冲区大小
@@ -66,12 +66,11 @@ func (l *QrcodeWebsocketLogic) QrcodeWebsocket(w http.ResponseWriter, r *http.Re
 	})
 	socket, err := upgrader.Upgrade(w, r)
 	if err != nil {
-		return err
+		panic(err)
 	}
 	go func() {
 		socket.ReadLoop() // 此处阻塞会使请求上下文不能顺利被GC
 	}()
-	return nil
 }

 // MustLoad 从session中加载数据