2024-10-22 21:19:30 +08:00
|
|
|
package controller
|
|
|
|
|
|
|
|
import (
|
2024-11-25 22:24:33 +08:00
|
|
|
"slices"
|
|
|
|
|
2024-10-22 21:19:30 +08:00
|
|
|
"github.com/gin-gonic/gin"
|
2024-11-23 16:22:22 +08:00
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
|
2024-11-28 19:38:54 +08:00
|
|
|
"github.com/nezhahq/nezha/model"
|
|
|
|
"github.com/nezhahq/nezha/service/singleton"
|
2024-10-22 21:19:30 +08:00
|
|
|
)
|
|
|
|
|
2024-11-03 23:28:10 +08:00
|
|
|
// Get profile
|
|
|
|
// @Summary Get profile
|
|
|
|
// @Security BearerAuth
|
|
|
|
// @Schemes
|
|
|
|
// @Description Get profile
|
|
|
|
// @Tags auth required
|
|
|
|
// @Produce json
|
2024-11-23 16:22:22 +08:00
|
|
|
// @Success 200 {object} model.CommonResponse[model.Profile]
|
2024-11-03 23:28:10 +08:00
|
|
|
// @Router /profile [get]
|
2024-11-23 16:22:22 +08:00
|
|
|
func getProfile(c *gin.Context) (*model.Profile, error) {
|
2024-11-03 23:28:10 +08:00
|
|
|
auth, ok := c.Get(model.CtxKeyAuthorizedUser)
|
|
|
|
if !ok {
|
|
|
|
return nil, singleton.Localizer.ErrorT("unauthorized")
|
|
|
|
}
|
2024-11-23 16:22:22 +08:00
|
|
|
return &model.Profile{
|
|
|
|
User: *auth.(*model.User),
|
|
|
|
LoginIP: c.GetString(model.CtxKeyRealIPStr),
|
|
|
|
}, nil
|
2024-11-03 23:28:10 +08:00
|
|
|
}
|
|
|
|
|
2024-11-26 21:30:56 +08:00
|
|
|
// Update password for current user
|
|
|
|
// @Summary Update password for current user
|
|
|
|
// @Security BearerAuth
|
|
|
|
// @Schemes
|
|
|
|
// @Description Update password for current user
|
|
|
|
// @Tags auth required
|
|
|
|
// @Accept json
|
|
|
|
// @param request body model.ProfileForm true "password"
|
|
|
|
// @Produce json
|
|
|
|
// @Success 200 {object} model.CommonResponse[any]
|
|
|
|
// @Router /profile [post]
|
|
|
|
func updateProfile(c *gin.Context) (any, error) {
|
|
|
|
var pf model.ProfileForm
|
|
|
|
if err := c.ShouldBindJSON(&pf); err != nil {
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
auth, ok := c.Get(model.CtxKeyAuthorizedUser)
|
|
|
|
if !ok {
|
|
|
|
return nil, singleton.Localizer.ErrorT("unauthorized")
|
|
|
|
}
|
|
|
|
|
|
|
|
user := *auth.(*model.User)
|
|
|
|
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(pf.OriginalPassword)); err != nil {
|
|
|
|
return nil, singleton.Localizer.ErrorT("incorrect password")
|
|
|
|
}
|
|
|
|
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(pf.NewPassword), bcrypt.DefaultCost)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2024-11-30 15:05:46 +08:00
|
|
|
user.Username = pf.NewUsername
|
2024-11-26 21:30:56 +08:00
|
|
|
user.Password = string(hash)
|
|
|
|
if err := singleton.DB.Save(&user).Error; err != nil {
|
|
|
|
return nil, newGormError("%v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
2024-10-22 21:19:30 +08:00
|
|
|
// List user
|
|
|
|
// @Summary List user
|
|
|
|
// @Security BearerAuth
|
|
|
|
// @Schemes
|
|
|
|
// @Description List user
|
|
|
|
// @Tags auth required
|
|
|
|
// @Produce json
|
|
|
|
// @Success 200 {object} model.CommonResponse[[]model.User]
|
|
|
|
// @Router /user [get]
|
2024-10-23 17:56:51 +08:00
|
|
|
func listUser(c *gin.Context) ([]model.User, error) {
|
2024-10-22 21:19:30 +08:00
|
|
|
var users []model.User
|
2024-12-06 23:19:28 +08:00
|
|
|
if err := singleton.DB.Omit("password").Find(&users).Error; err != nil {
|
2024-10-23 17:56:51 +08:00
|
|
|
return nil, err
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
2024-10-23 17:56:51 +08:00
|
|
|
return users, nil
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// Create user
|
|
|
|
// @Summary Create user
|
|
|
|
// @Security BearerAuth
|
|
|
|
// @Schemes
|
|
|
|
// @Description Create user
|
|
|
|
// @Tags auth required
|
|
|
|
// @Accept json
|
|
|
|
// @param request body model.UserForm true "User Request"
|
|
|
|
// @Produce json
|
2024-10-23 17:56:51 +08:00
|
|
|
// @Success 200 {object} model.CommonResponse[uint64]
|
2024-10-22 21:19:30 +08:00
|
|
|
// @Router /user [post]
|
2024-10-23 17:56:51 +08:00
|
|
|
func createUser(c *gin.Context) (uint64, error) {
|
2024-10-22 21:19:30 +08:00
|
|
|
var uf model.UserForm
|
|
|
|
if err := c.ShouldBindJSON(&uf); err != nil {
|
2024-10-23 17:56:51 +08:00
|
|
|
return 0, err
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
if len(uf.Password) < 6 {
|
2024-11-01 05:07:04 +08:00
|
|
|
return 0, singleton.Localizer.ErrorT("password length must be greater than 6")
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
|
|
|
if uf.Username == "" {
|
2024-11-01 05:07:04 +08:00
|
|
|
return 0, singleton.Localizer.ErrorT("username can't be empty")
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
var u model.User
|
|
|
|
u.Username = uf.Username
|
|
|
|
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(uf.Password), bcrypt.DefaultCost)
|
|
|
|
if err != nil {
|
2024-10-23 17:56:51 +08:00
|
|
|
return 0, err
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
|
|
|
u.Password = string(hash)
|
|
|
|
|
2024-10-23 17:56:51 +08:00
|
|
|
if err := singleton.DB.Create(&u).Error; err != nil {
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
|
|
|
|
return u.ID, nil
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
// Batch delete users
|
|
|
|
// @Summary Batch delete users
|
|
|
|
// @Security BearerAuth
|
|
|
|
// @Schemes
|
|
|
|
// @Description Batch delete users
|
|
|
|
// @Tags auth required
|
|
|
|
// @Accept json
|
|
|
|
// @param request body []uint true "id list"
|
|
|
|
// @Produce json
|
|
|
|
// @Success 200 {object} model.CommonResponse[any]
|
|
|
|
// @Router /batch-delete/user [post]
|
2024-10-23 17:56:51 +08:00
|
|
|
func batchDeleteUser(c *gin.Context) (any, error) {
|
2024-11-25 22:24:33 +08:00
|
|
|
var ids []uint64
|
2024-10-22 21:19:30 +08:00
|
|
|
if err := c.ShouldBindJSON(&ids); err != nil {
|
2024-10-23 17:56:51 +08:00
|
|
|
return nil, err
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|
2024-11-25 22:24:33 +08:00
|
|
|
auth := c.MustGet(model.CtxKeyAuthorizedUser).(*model.User)
|
|
|
|
if slices.Contains(ids, auth.ID) {
|
|
|
|
return nil, singleton.Localizer.ErrorT("can't delete yourself")
|
|
|
|
}
|
|
|
|
|
2024-10-23 17:56:51 +08:00
|
|
|
return nil, singleton.DB.Where("id IN (?)", ids).Delete(&model.User{}).Error
|
2024-10-22 21:19:30 +08:00
|
|
|
}
|