mirror of
https://github.com/ctwj/urldb.git
synced 2025-11-25 03:15:04 +08:00
355 lines
12 KiB
Go
355 lines
12 KiB
Go
package handlers
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/ctwj/urldb/db/converter"
|
|
"github.com/ctwj/urldb/db/dto"
|
|
"github.com/ctwj/urldb/db/entity"
|
|
"github.com/ctwj/urldb/middleware"
|
|
"github.com/ctwj/urldb/utils"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// Login 用户登录
|
|
func Login(c *gin.Context) {
|
|
var req dto.LoginRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
ErrorResponse(c, err.Error(), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("Login - 尝试登录 - 用户名: %s, IP: %s", req.Username, clientIP)
|
|
|
|
user, err := repoManager.UserRepository.FindByUsername(req.Username)
|
|
if err != nil {
|
|
utils.Warn("Login - 用户不存在或密码错误 - 用户名: %s, IP: %s", req.Username, clientIP)
|
|
ErrorResponse(c, "用户名或密码错误", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
if !user.IsActive {
|
|
utils.Warn("Login - 账户已被禁用 - 用户名: %s, IP: %s", req.Username, clientIP)
|
|
ErrorResponse(c, "账户已被禁用", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
if !middleware.CheckPassword(req.Password, user.Password) {
|
|
utils.Warn("Login - 密码错误 - 用户名: %s, IP: %s", req.Username, clientIP)
|
|
ErrorResponse(c, "用户名或密码错误", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// 更新最后登录时间
|
|
repoManager.UserRepository.UpdateLastLogin(user.ID)
|
|
|
|
// 生成JWT令牌
|
|
token, err := middleware.GenerateToken(user)
|
|
if err != nil {
|
|
utils.Error("Login - 生成令牌失败 - 用户名: %s, IP: %s, Error: %v", req.Username, clientIP, err)
|
|
ErrorResponse(c, "生成令牌失败", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
utils.Info("Login - 登录成功 - 用户名: %s(ID:%d), IP: %s", req.Username, user.ID, clientIP)
|
|
|
|
response := dto.LoginResponse{
|
|
Token: token,
|
|
User: converter.ToUserResponse(user),
|
|
}
|
|
|
|
SuccessResponse(c, response)
|
|
}
|
|
|
|
// Register 用户注册
|
|
func Register(c *gin.Context) {
|
|
var req dto.RegisterRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
ErrorResponse(c, err.Error(), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("Register - 尝试注册 - 用户名: %s, 邮箱: %s, IP: %s", req.Username, req.Email, clientIP)
|
|
|
|
// 检查用户名是否已存在
|
|
existingUser, _ := repoManager.UserRepository.FindByUsername(req.Username)
|
|
if existingUser != nil {
|
|
utils.Warn("Register - 用户名已存在 - 用户名: %s, IP: %s", req.Username, clientIP)
|
|
ErrorResponse(c, "用户名已存在", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
// 检查邮箱是否已存在
|
|
existingEmail, _ := repoManager.UserRepository.FindByEmail(req.Email)
|
|
if existingEmail != nil {
|
|
utils.Warn("Register - 邮箱已存在 - 邮箱: %s, IP: %s", req.Email, clientIP)
|
|
ErrorResponse(c, "邮箱已存在", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
// 哈希密码
|
|
hashedPassword, err := middleware.HashPassword(req.Password)
|
|
if err != nil {
|
|
utils.Error("Register - 密码加密失败 - 用户名: %s, IP: %s, Error: %v", req.Username, clientIP, err)
|
|
ErrorResponse(c, "密码加密失败", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
user := &entity.User{
|
|
Username: req.Username,
|
|
Password: hashedPassword,
|
|
Email: req.Email,
|
|
Role: "user",
|
|
IsActive: true,
|
|
}
|
|
|
|
err = repoManager.UserRepository.Create(user)
|
|
if err != nil {
|
|
utils.Error("Register - 创建用户失败 - 用户名: %s, IP: %s, Error: %v", req.Username, clientIP, err)
|
|
ErrorResponse(c, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
utils.Info("Register - 注册成功 - 用户名: %s(ID:%d), 邮箱: %s, IP: %s", req.Username, user.ID, req.Email, clientIP)
|
|
|
|
SuccessResponse(c, gin.H{
|
|
"message": "注册成功",
|
|
"user": converter.ToUserResponse(user),
|
|
})
|
|
}
|
|
|
|
// GetUsers 获取用户列表(管理员)
|
|
func GetUsers(c *gin.Context) {
|
|
users, err := repoManager.UserRepository.FindAll()
|
|
if err != nil {
|
|
ErrorResponse(c, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
responses := converter.ToUserResponseList(users)
|
|
SuccessResponse(c, responses)
|
|
}
|
|
|
|
// CreateUser 创建用户(管理员)
|
|
func CreateUser(c *gin.Context) {
|
|
var req dto.CreateUserRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
ErrorResponse(c, err.Error(), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
adminUsername, _ := c.Get("username")
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("CreateUser - 管理员创建用户 - 管理员: %s, 新用户名: %s, IP: %s", adminUsername, req.Username, clientIP)
|
|
|
|
// 检查用户名是否已存在
|
|
existingUser, _ := repoManager.UserRepository.FindByUsername(req.Username)
|
|
if existingUser != nil {
|
|
utils.Warn("CreateUser - 用户名已存在 - 管理员: %s, 用户名: %s, IP: %s", adminUsername, req.Username, clientIP)
|
|
ErrorResponse(c, "用户名已存在", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
// 检查邮箱是否已存在
|
|
existingEmail, _ := repoManager.UserRepository.FindByEmail(req.Email)
|
|
if existingEmail != nil {
|
|
utils.Warn("CreateUser - 邮箱已存在 - 管理员: %s, 邮箱: %s, IP: %s", adminUsername, req.Email, clientIP)
|
|
ErrorResponse(c, "邮箱已存在", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
// 哈希密码
|
|
hashedPassword, err := middleware.HashPassword(req.Password)
|
|
if err != nil {
|
|
utils.Error("CreateUser - 密码加密失败 - 管理员: %s, 用户名: %s, IP: %s, Error: %v", adminUsername, req.Username, clientIP, err)
|
|
ErrorResponse(c, "密码加密失败", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
user := &entity.User{
|
|
Username: req.Username,
|
|
Password: hashedPassword,
|
|
Email: req.Email,
|
|
Role: req.Role,
|
|
IsActive: req.IsActive,
|
|
}
|
|
|
|
err = repoManager.UserRepository.Create(user)
|
|
if err != nil {
|
|
utils.Error("CreateUser - 创建用户失败 - 管理员: %s, 用户名: %s, IP: %s, Error: %v", adminUsername, req.Username, clientIP, err)
|
|
ErrorResponse(c, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
utils.Info("CreateUser - 用户创建成功 - 管理员: %s, 用户名: %s(ID:%d), 角色: %s, IP: %s", adminUsername, req.Username, user.ID, req.Role, clientIP)
|
|
|
|
SuccessResponse(c, gin.H{
|
|
"message": "用户创建成功",
|
|
"user": converter.ToUserResponse(user),
|
|
})
|
|
}
|
|
|
|
// UpdateUser 更新用户(管理员)
|
|
func UpdateUser(c *gin.Context) {
|
|
idStr := c.Param("id")
|
|
id, err := strconv.ParseUint(idStr, 10, 32)
|
|
if err != nil {
|
|
ErrorResponse(c, "无效的ID", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
var req dto.UpdateUserRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
ErrorResponse(c, err.Error(), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
adminUsername, _ := c.Get("username")
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("UpdateUser - 管理员更新用户 - 管理员: %s, 目标用户ID: %d, IP: %s", adminUsername, id, clientIP)
|
|
|
|
user, err := repoManager.UserRepository.FindByID(uint(id))
|
|
if err != nil {
|
|
utils.Warn("UpdateUser - 目标用户不存在 - 管理员: %s, 用户ID: %d, IP: %s", adminUsername, id, clientIP)
|
|
ErrorResponse(c, "用户不存在", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
// 记录变更前的信息
|
|
oldInfo := fmt.Sprintf("用户名:%s,邮箱:%s,角色:%s,状态:%t", user.Username, user.Email, user.Role, user.IsActive)
|
|
utils.Debug("UpdateUser - 更新前用户信息 - 管理员: %s, 用户ID: %d, 信息: %s", adminUsername, id, oldInfo)
|
|
|
|
if req.Username != "" {
|
|
user.Username = req.Username
|
|
}
|
|
if req.Email != "" {
|
|
user.Email = req.Email
|
|
}
|
|
if req.Role != "" {
|
|
user.Role = req.Role
|
|
}
|
|
user.IsActive = req.IsActive
|
|
|
|
err = repoManager.UserRepository.Update(user)
|
|
if err != nil {
|
|
utils.Error("UpdateUser - 更新用户失败 - 管理员: %s, 用户ID: %d, IP: %s, Error: %v", adminUsername, id, clientIP, err)
|
|
ErrorResponse(c, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
// 记录变更后信息
|
|
newInfo := fmt.Sprintf("用户名:%s,邮箱:%s,角色:%s,状态:%t", user.Username, user.Email, user.Role, user.IsActive)
|
|
utils.Info("UpdateUser - 用户更新成功 - 管理员: %s, 用户ID: %d, 更新前: %s, 更新后: %s, IP: %s", adminUsername, id, oldInfo, newInfo, clientIP)
|
|
|
|
SuccessResponse(c, gin.H{"message": "用户更新成功"})
|
|
}
|
|
|
|
// ChangePassword 修改用户密码(管理员)
|
|
func ChangePassword(c *gin.Context) {
|
|
idStr := c.Param("id")
|
|
id, err := strconv.ParseUint(idStr, 10, 32)
|
|
if err != nil {
|
|
ErrorResponse(c, "无效的ID", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
var req dto.ChangePasswordRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
ErrorResponse(c, err.Error(), http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
adminUsername, _ := c.Get("username")
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("ChangePassword - 管理员修改用户密码 - 管理员: %s, 目标用户ID: %d, IP: %s", adminUsername, id, clientIP)
|
|
|
|
user, err := repoManager.UserRepository.FindByID(uint(id))
|
|
if err != nil {
|
|
utils.Warn("ChangePassword - 目标用户不存在 - 管理员: %s, 用户ID: %d, IP: %s", adminUsername, id, clientIP)
|
|
ErrorResponse(c, "用户不存在", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
// 哈希新密码
|
|
hashedPassword, err := middleware.HashPassword(req.NewPassword)
|
|
if err != nil {
|
|
utils.Error("ChangePassword - 密码加密失败 - 管理员: %s, 用户ID: %d, IP: %s, Error: %v", adminUsername, id, clientIP, err)
|
|
ErrorResponse(c, "密码加密失败", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
user.Password = hashedPassword
|
|
err = repoManager.UserRepository.Update(user)
|
|
if err != nil {
|
|
utils.Error("ChangePassword - 更新密码失败 - 管理员: %s, 用户ID: %d, IP: %s, Error: %v", adminUsername, id, clientIP, err)
|
|
ErrorResponse(c, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
utils.Info("ChangePassword - 密码修改成功 - 管理员: %s, 用户名: %s(ID:%d), IP: %s", adminUsername, user.Username, id, clientIP)
|
|
|
|
SuccessResponse(c, gin.H{"message": "密码修改成功"})
|
|
}
|
|
|
|
// DeleteUser 删除用户(管理员)
|
|
func DeleteUser(c *gin.Context) {
|
|
idStr := c.Param("id")
|
|
id, err := strconv.ParseUint(idStr, 10, 32)
|
|
if err != nil {
|
|
ErrorResponse(c, "无效的ID", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
adminUsername, _ := c.Get("username")
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("DeleteUser - 管理员删除用户 - 管理员: %s, 目标用户ID: %d, IP: %s", adminUsername, id, clientIP)
|
|
|
|
// 先获取用户信息用于日志记录
|
|
user, err := repoManager.UserRepository.FindByID(uint(id))
|
|
if err != nil {
|
|
utils.Warn("DeleteUser - 目标用户不存在 - 管理员: %s, 用户ID: %d, IP: %s", adminUsername, id, clientIP)
|
|
ErrorResponse(c, "用户不存在", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
err = repoManager.UserRepository.Delete(uint(id))
|
|
if err != nil {
|
|
utils.Error("DeleteUser - 删除用户失败 - 管理员: %s, 用户ID: %d, IP: %s, Error: %v", adminUsername, id, clientIP, err)
|
|
ErrorResponse(c, err.Error(), http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
utils.Info("DeleteUser - 用户删除成功 - 管理员: %s, 用户名: %s(ID:%d), IP: %s", adminUsername, user.Username, id, clientIP)
|
|
|
|
SuccessResponse(c, gin.H{"message": "用户删除成功"})
|
|
}
|
|
|
|
// GetProfile 获取用户资料
|
|
func GetProfile(c *gin.Context) {
|
|
userID, exists := c.Get("user_id")
|
|
if !exists {
|
|
ErrorResponse(c, "未认证", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
username, _ := c.Get("username")
|
|
clientIP, _ := c.Get("client_ip")
|
|
utils.Info("GetProfile - 用户获取个人资料 - 用户名: %s(ID:%d), IP: %s", username, userID, clientIP)
|
|
|
|
user, err := repoManager.UserRepository.FindByID(userID.(uint))
|
|
if err != nil {
|
|
utils.Warn("GetProfile - 用户不存在 - 用户名: %s(ID:%d), IP: %s", username, userID, clientIP)
|
|
ErrorResponse(c, "用户不存在", http.StatusNotFound)
|
|
return
|
|
}
|
|
|
|
response := converter.ToUserResponse(user)
|
|
utils.Debug("GetProfile - 成功获取个人资料 - 用户名: %s(ID:%d), IP: %s", username, userID, clientIP)
|
|
SuccessResponse(c, response)
|
|
}
|