package system import ( "encoding/json" "net/http" "management/internal/db/model/dto" db "management/internal/db/sqlc" "management/internal/erpserver/biz" "management/internal/erpserver/model/form" "management/internal/pkg/binding" "management/internal/pkg/convertor" "management/internal/pkg/know" "management/internal/pkg/middleware" "management/internal/pkg/session" "management/internal/pkg/tpl" "management/internal/pkg/tpl/html" "github.com/zhang2092/browser" ) type UserHandler interface { Add(w http.ResponseWriter, r *http.Request) Edit(w http.ResponseWriter, r *http.Request) Save(w http.ResponseWriter, r *http.Request) List(w http.ResponseWriter, r *http.Request) Profile(w http.ResponseWriter, r *http.Request) Data(w http.ResponseWriter, r *http.Request) UserExpansion } type UserExpansion interface { Login(w http.ResponseWriter, r *http.Request) Logout(w http.ResponseWriter, r *http.Request) } // userHandler 是 UserHandler 接口的实现. type userHandler struct { render tpl.Renderer session session.ISession biz biz.IBiz mi middleware.IMiddleware } // 确保 userHandler 实现了 UserHandler 接口. var _ UserHandler = (*userHandler)(nil) func NewUserHandler(render tpl.Renderer, session session.ISession, biz biz.IBiz, mi middleware.IMiddleware) *userHandler { return &userHandler{ render: render, session: session, biz: biz, mi: mi, } } func (h *userHandler) Add(w http.ResponseWriter, r *http.Request) { h.render.HTML(w, r, "user/edit.tmpl", map[string]any{ "Item": &db.SysUser{ HashedPassword: nil, }, }) } func (h *userHandler) Edit(w http.ResponseWriter, r *http.Request) { vars := r.URL.Query() id := convertor.QueryInt[int32](vars, "id", 0) sysUser := &db.SysUser{} if id > 0 { ctx := r.Context() if user, err := h.biz.SystemV1().UserBiz().Get(ctx, id); err == nil { user.HashedPassword = []byte("********") sysUser = user } } h.render.HTML(w, r, "user/edit.tmpl", map[string]any{ "Item": sysUser, }) } func (h *userHandler) Save(w http.ResponseWriter, r *http.Request) { var req form.User if err := binding.Form.Bind(r, &req); err != nil { h.render.JSONERR(w, binding.ValidatorErrors(err)) return } ctx := r.Context() if req.DepartmentID > 0 { if _, err := h.biz.SystemV1().DepartmentBiz().Get(ctx, req.DepartmentID); err != nil { h.render.JSONERR(w, "部门数据错误") return } } if req.RoleID > 0 { if _, err := h.biz.SystemV1().RoleBiz().Get(ctx, req.RoleID); err != nil { h.render.JSONERR(w, "角色数据错误") return } } if *req.ID == 0 { err := h.biz.SystemV1().UserBiz().Create(ctx, &req) if err != nil { h.render.JSONERR(w, err.Error()) return } h.render.JSONOK(w, "添加成功") } else { err := h.biz.SystemV1().UserBiz().Update(ctx, &req) if err != nil { h.render.JSONERR(w, err.Error()) return } h.render.JSONOK(w, "更新成功") } } func (h *userHandler) List(w http.ResponseWriter, r *http.Request) { switch r.Method { case http.MethodGet: h.render.HTML(w, r, "user/list.tmpl", map[string]any{ "Statuses": html.NewSelectControls(html.SearchStatuses, "0"), }) case http.MethodPost: var q dto.SearchDto q.SearchStatus = convertor.ConvertInt(r.PostFormValue("status"), 9999) q.SearchName = r.PostFormValue("name") q.SearchEmail = r.PostFormValue("email") q.SearchID = convertor.ConvertInt[int64](r.PostFormValue("id"), 0) q.Page = convertor.ConvertInt(r.PostFormValue("page"), 1) q.Rows = convertor.ConvertInt(r.PostFormValue("rows"), 10) res, count, err := h.biz.SystemV1().UserBiz().List(r.Context(), q) if err != nil { h.render.JSONERR(w, err.Error()) return } data := tpl.ResponseList{ Code: 0, Message: "ok", Count: count, Data: res, } h.render.JSON(w, data) default: http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed) } } func (h *userHandler) Profile(w http.ResponseWriter, r *http.Request) { ctx := r.Context() user := h.mi.AuthUser(ctx) vm, _ := h.biz.SystemV1().UserBiz().Get(ctx, user.ID) h.render.HTML(w, r, "user/profile.tmpl", map[string]any{ "Item": vm, }) } func (h *userHandler) Data(w http.ResponseWriter, r *http.Request) { vars := r.URL.Query() t := vars.Get("type") if t == "xmselect" { res, err := h.biz.SystemV1().UserBiz().XmSelect(r.Context()) if err != nil { h.render.JSONERR(w, err.Error()) return } h.render.JSON(w, res) return } h.render.JSON(w, nil) } func (h *userHandler) Login(w http.ResponseWriter, r *http.Request) { ctx := r.Context() switch r.Method { case http.MethodGet: var user dto.AuthorizeUser u := h.session.GetBytes(ctx, know.StoreName) if err := json.Unmarshal(u, &user); err == nil { // 判断用户是否登陆, 已经登陆则刷新令牌,跳转到首页 if err := h.session.RenewToken(ctx); err == nil { h.session.Put(ctx, know.StoreName, u) http.Redirect(w, r, "/home.html", http.StatusFound) return } } h.session.Destroy(ctx) h.render.HTML(w, r, "oauth/login.tmpl", nil) case http.MethodPost: defer r.Body.Close() var req form.Login if err := binding.Form.Bind(r, &req); err != nil { e := binding.ValidatorErrors(err) h.render.JSONERR(w, e) return } if !h.biz.CommonV1().CaptchaBiz().Verify(req.CaptchaID, req.Captcha, true) { h.render.JSONERR(w, "验证码错误") return } br, err := browser.NewBrowser(r.Header.Get("User-Agent")) if err != nil { h.render.JSONERR(w, "平台信息获取错误") return } req.Ip = r.RemoteAddr req.Referrer = r.Header.Get("Referer") req.Url = r.URL.RequestURI() req.Os = br.Platform().Name() req.Browser = br.Name() err = h.biz.SystemV1().UserBiz().Login(ctx, &req) if err != nil { h.render.JSONERR(w, err.Error()) return } h.render.JSONOK(w, "login successful") default: http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed) } } func (h *userHandler) Logout(w http.ResponseWriter, r *http.Request) { h.session.Destroy(r.Context()) http.Redirect(w, r, "/", http.StatusFound) }