package user import ( "crypto/hmac" "fmt" "github.com/gin-gonic/gin" "github.com/golang-jwt/jwt/v5" "net/http" "product/backend/handlers/base" "product/backend/models" "product/backend/moo/db" "product/backend/moo/log" "time" ) // Post 添加 func Post(ctx *gin.Context) { // bind request data req := &PostReq{} if err := ctx.ShouldBind(&req); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": base.Translate(err), }) return } if req.PasswordAgain != req.Password { log.Error("password not equal") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "密码不同", }) return } if req.Password == "" { req.Password = models.UserDefaultPassword } // insert model := req.User model.PasswordSalt = models.UserPasswordSalt model.Password = models.UserGeneratePassword(model.Password, model.PasswordSalt) if model.RoleID == 0 { model.RoleID = 2 } if err := models.UserRowInsert(&model); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据添加错误", }) return } // build response row, err := models.UserRow(model.ID) if err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据添加错误", }) return } ctx.JSON(http.StatusOK, gin.H{ "code": 0, "data": row, }) } // Put 更新全部 func Put(ctx *gin.Context) { // bind request data req := &PutReq{} if err := ctx.ShouldBind(&req); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": base.Translate(err), }) return } // update model := req.User model.ID = req.ID if err := models.UserRowUpdate(&model); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据更新错误", }) return } // build response row, err := models.UserRow(model.ID) if err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据更新错误", }) return } ctx.JSON(http.StatusOK, gin.H{ "code": 0, "data": row, }) } // Delete 删除 func Delete(ctx *gin.Context) { req := &DelReq{} if err := req.BindAndInit(ctx); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": base.Translate(err), }) return } // 不能删除管理员 if req.ID == 1 { log.Error("delete admin") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "管理员不能删除", }) return } if err := models.UserRowDel(req.ID); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据删除错误", }) return } // response ctx.JSON(http.StatusOK, gin.H{ "code": 0, }) } // Get 获取 func Get(ctx *gin.Context) { // get request param req := &GetReq{} if err := req.BindAndInit(ctx); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": base.Translate(err), }) return } if req.ID == 0 { // list // fetch rows list, total, err := models.UserRows(req.Pager, true, req.Keyword) if err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据未找到", }) return } // response ctx.JSON(http.StatusOK, gin.H{ "code": 0, "data": gin.H{ "list": list, "total": total, "keyword": req.Keyword, "pageIndex": req.PageIndex, "pageSize": req.PageSize, "sortField": req.SortField, "sortOrder": req.SortOrder, }, }) } else { // fetch row row, err := models.UserRow(req.ID) if err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "数据未找到", }) return } // response ctx.JSON(http.StatusOK, gin.H{ "code": 0, "data": row, }) } } func Info(ctx *gin.Context) { userValue, exists := ctx.Get("user") if !exists { log.Error("no auth") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "用户错误", }) return } user := userValue.(models.User) // response ctx.JSON(http.StatusOK, gin.H{ "code": 0, "data": user, }) } func Login(ctx *gin.Context) { loginReq := LoginReq{} if err := ctx.ShouldBind(&loginReq); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "认证信息错误", }) return } user, err := models.UserGetByName(loginReq.Name) if err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "认证信息错误", }) return } if !hmac.Equal([]byte(models.UserGeneratePassword(loginReq.Password, user.PasswordSalt)), []byte(user.Password)) { log.Error("user password not equal") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "认证信息错误", }) return } // Create the Claims claims := &jwt.RegisteredClaims{ ExpiresAt: jwt.NewNumericDate(time.Now().Add(30 * 24 * 3600 * time.Second)), Issuer: "Backend", ID: fmt.Sprintf("%d", user.ID), } token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims) ss, err := token.SignedString(models.UserSigningKey) if err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "认证信息错误", }) return } //user.AuthToken = ss //db.DB.Save(&user) ctx.JSON(http.StatusOK, gin.H{ "code": 0, "data": ss, }) } func Logout(ctx *gin.Context) { userValue, exists := ctx.Get("user") if !exists { log.Error("no auth") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "用户错误", }) return } user := userValue.(models.User) user.AuthToken = "" db.DB.Save(&user) ctx.JSON(http.StatusOK, gin.H{ "code": 0, }) } func ChangePassword(ctx *gin.Context) { req := ChangePasswordReq{} if err := ctx.ShouldBind(&req); err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "信息错误", }) return } if req.NewPassword != "" && req.NewPassword != req.NewPasswordAgain { log.Error("new password not equal") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "密码确认错误", }) return } user := models.User{} // 修改自己密码 if req.UserID == 0 { userValue, exists := ctx.Get("user") if !exists { log.Error("no auth") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "用户错误", }) return } user = userValue.(models.User) } else { // 修改其他用户密码 if err := db.DB.First(&user, req.UserID).Error; err != nil { log.Error(err) ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "用户不存在", }) return } } if user.Password != models.UserGeneratePassword(req.OldPassword, user.PasswordSalt) { log.Error("password error") ctx.JSON(http.StatusOK, gin.H{ "code": 1, "message": "密码错误", }) return } user.Password = models.UserGeneratePassword(req.OldPassword, user.PasswordSalt) user.AuthToken = "" db.DB.Save(user) ctx.JSON(http.StatusOK, gin.H{ "code": 0, }) }