b2cae2471d
- 新增AdminUser类型定义及用户管理API接口 - 实现用户列表查询、保存和删除功能 - 添加Linux.do第三方登录支持 - 集成Linux.do OAuth认证流程 - 在系统设置中添加Linux.do登录配置选项 - 实现算力点余额调整记录功能 - 优化搜索组件关键词状态管理 - 更新数据库迁移添加credit_logs表 - 完善用户状态和信用等级验证逻辑
148 lines
3.6 KiB
Go
148 lines
3.6 KiB
Go
package handler
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/url"
|
|
"strings"
|
|
|
|
"github.com/basketikun/infinite-canvas/model"
|
|
"github.com/basketikun/infinite-canvas/service"
|
|
)
|
|
|
|
type loginRequest struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
type registerRequest struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
type saveUserRequest struct {
|
|
ID string `json:"id"`
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
Email string `json:"email"`
|
|
DisplayName string `json:"displayName"`
|
|
AvatarURL string `json:"avatarUrl"`
|
|
Role model.UserRole `json:"role"`
|
|
Credits int `json:"credits"`
|
|
Status model.UserStatus `json:"status"`
|
|
}
|
|
|
|
func Register(w http.ResponseWriter, r *http.Request) {
|
|
var request registerRequest
|
|
_ = json.NewDecoder(r.Body).Decode(&request)
|
|
session, err := service.Register(request.Username, request.Password)
|
|
if err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
OK(w, session)
|
|
}
|
|
|
|
func Login(w http.ResponseWriter, r *http.Request) {
|
|
var request loginRequest
|
|
_ = json.NewDecoder(r.Body).Decode(&request)
|
|
session, err := service.Login(request.Username, request.Password)
|
|
if err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
OK(w, session)
|
|
}
|
|
|
|
func LinuxDoAuthorize(w http.ResponseWriter, r *http.Request) {
|
|
authURL, err := service.LinuxDoAuthorizeURL(r.URL.Query().Get("redirect"))
|
|
if err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
http.Redirect(w, r, authURL, http.StatusFound)
|
|
}
|
|
|
|
func LinuxDoCallback(w http.ResponseWriter, r *http.Request) {
|
|
session, redirect, err := service.LoginWithLinuxDo(r.URL.Query().Get("code"), r.URL.Query().Get("state"))
|
|
if err != nil {
|
|
http.Redirect(w, r, loginRedirect(redirect, "", err.Error()), http.StatusFound)
|
|
return
|
|
}
|
|
http.Redirect(w, r, loginRedirect(redirect, session.Token, ""), http.StatusFound)
|
|
}
|
|
|
|
func AdminLogin(w http.ResponseWriter, r *http.Request) {
|
|
var request loginRequest
|
|
_ = json.NewDecoder(r.Body).Decode(&request)
|
|
session, err := service.Login(request.Username, request.Password)
|
|
if err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
if session.User.Role != model.UserRoleAdmin {
|
|
Fail(w, "需要管理员权限")
|
|
return
|
|
}
|
|
OK(w, session)
|
|
}
|
|
|
|
func CurrentUser(w http.ResponseWriter, r *http.Request) {
|
|
if user, ok := service.UserFromContext(r.Context()); ok {
|
|
OK(w, user)
|
|
return
|
|
}
|
|
OK(w, service.GuestUser())
|
|
}
|
|
|
|
func AdminUsers(w http.ResponseWriter, r *http.Request) {
|
|
users, err := service.ListUsers(parseQuery(r))
|
|
if err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
OK(w, users)
|
|
}
|
|
|
|
func AdminSaveUser(w http.ResponseWriter, r *http.Request) {
|
|
var request saveUserRequest
|
|
_ = json.NewDecoder(r.Body).Decode(&request)
|
|
user, err := service.SaveUser(model.User{
|
|
ID: request.ID,
|
|
Username: request.Username,
|
|
Email: request.Email,
|
|
DisplayName: request.DisplayName,
|
|
AvatarURL: request.AvatarURL,
|
|
Role: request.Role,
|
|
Credits: request.Credits,
|
|
Status: request.Status,
|
|
}, request.Password)
|
|
if err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
OK(w, user)
|
|
}
|
|
|
|
func loginRedirect(redirect string, token string, message string) string {
|
|
values := url.Values{}
|
|
if strings.TrimSpace(token) != "" {
|
|
values.Set("token", token)
|
|
}
|
|
if strings.TrimSpace(message) != "" {
|
|
values.Set("error", message)
|
|
}
|
|
if strings.TrimSpace(redirect) != "" {
|
|
values.Set("redirect", redirect)
|
|
}
|
|
return "/login?" + values.Encode()
|
|
}
|
|
|
|
func AdminDeleteUser(w http.ResponseWriter, r *http.Request, id string) {
|
|
if err := service.DeleteUser(id); err != nil {
|
|
FailError(w, err)
|
|
return
|
|
}
|
|
OK(w, true)
|
|
}
|