kenneth/projectx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
projectx/internal/erpserver/handler/system/user.go
kenneth 6fb06c456c v2_2
2025-03-31 11:59:42 +08:00

310 lines
8.4 KiB
Go
Raw Blame History

package system
import (
"encoding/json"
"net/http"
"strings"
"time"
"management/internal/db/model/dto"
db "management/internal/db/sqlc"
"management/internal/erpserver/biz"
"management/internal/erpserver/model/req"
"management/internal/global"
"management/internal/global/html"
"management/internal/global/know"
"management/internal/middleware/manage/auth"
"management/internal/pkg/convertor"
"management/internal/pkg/crypto"
"management/internal/pkg/rand"
"management/internal/pkg/session"
"management/internal/pkg/tpl"
"management/internal/router/manage/util"
"github.com/google/uuid"
"github.com/zhang2092/browser"
)
type UserHandler interface {
Add(w http.ResponseWriter, r *http.Request)
Edit(w http.ResponseWriter, r *http.Request)
Save(w http.ResponseWriter, r *http.Request)
List(w http.ResponseWriter, r *http.Request)
Profile(w http.ResponseWriter, r *http.Request)
Tree(w http.ResponseWriter, r *http.Request)
UserExpansion
}
type UserExpansion interface {
Login(w http.ResponseWriter, r *http.Request)
Logout(w http.ResponseWriter, r *http.Request)
}
// userHandler 是 UserHandler 接口的实现.
type userHandler struct {
render tpl.Renderer
session session.ISession
biz biz.IBiz
}
// 确保 userHandler 实现了 UserHandler 接口.
var _ UserHandler = (*userHandler)(nil)
func NewUserHandler(render tpl.Renderer, session session.ISession, biz biz.IBiz) *userHandler {
return &userHandler{
render: render,
session: session,
biz: biz,
}
}
func (h *userHandler) Add(w http.ResponseWriter, r *http.Request) {
h.render.HTML(w, r, "user/edit.tmpl", map[string]any{
"Item": &db.SysUser{
HashedPassword: nil,
},
})
}
func (h *userHandler) Edit(w http.ResponseWriter, r *http.Request) {
vars := r.URL.Query()
id := convertor.QueryInt[int32](vars, "id", 0)
sysUser := &db.SysUser{}
if id > 0 {
ctx := r.Context()
if user, err := h.biz.SystemV1().UserBiz().Get(ctx, id); err == nil {
user.HashedPassword = nil
sysUser = user
}
}
h.render.HTML(w, r, "user/edit.tmpl", map[string]any{
"Item": sysUser,
})
}
func (h *userHandler) Save(w http.ResponseWriter, r *http.Request) {
id := convertor.ConvertInt[int32](r.PostFormValue("ID"), 0)
email := r.PostFormValue("Email")
username := r.PostFormValue("Username")
password := r.PostFormValue("Password")
changePassword := r.PostFormValue("ChangePassword")
gender := convertor.ConvertInt[int32](r.PostFormValue("Gender"), 0)
avatar := r.PostFormValue("File")
status := convertor.ConvertInt[int32](r.PostFormValue("Status"), 0)
ctx := r.Context()
departmentID := convertor.ConvertInt[int32](r.PostFormValue("DepartmentID"), 0)
var department *db.SysDepartment
var err error
if departmentID > 0 {
department, err = h.biz.SystemV1().DepartmentBiz().Get(ctx, departmentID)
if err != nil {
h.render.JSONERR(w, "部门数据错误")
return
}
}
var role *db.SysRole
roleID := convertor.ConvertInt[int32](r.PostFormValue("RoleID"), 0)
if roleID > 0 {
role, err = h.biz.SystemV1().RoleBiz().Get(ctx, roleID)
if err != nil {
h.render.JSONERR(w, "角色数据错误")
return
}
}
if id == 0 {
salt, err := rand.String(10)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
hashedPassword, err := crypto.BcryptHashPassword(password + salt)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
initTime, err := time.ParseInLocation(time.DateTime, "0001-01-01 00:00:00", time.Local)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
arg := &db.CreateSysUserParams{
Uuid: uuid.Must(uuid.NewV7()),
Email: email,
Username: username,
HashedPassword: hashedPassword,
Salt: salt,
Avatar: avatar,
Gender: gender,
DepartmentID: department.ID,
RoleID: role.ID,
Status: status,
ChangePasswordAt: initTime,
CreatedAt: time.Now(),
UpdatedAt: time.Now(),
}
_, err = h.biz.SystemV1().UserBiz().Create(ctx, arg)
if err != nil {
if db.IsUniqueViolation(err) {
h.render.JSONERR(w, "数据已存在")
return
}
h.render.JSONERR(w, err.Error())
return
}
h.render.JSONOK(w, "添加成功")
} else {
res, err := h.biz.SystemV1().UserBiz().Get(ctx, id)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
arg := &db.UpdateSysUserParams{
ID: res.ID,
Username: username,
HashedPassword: res.HashedPassword,
Avatar: avatar,
Gender: int32(gender),
DepartmentID: department.ID,
RoleID: role.ID,
Status: int32(status),
ChangePasswordAt: res.ChangePasswordAt,
UpdatedAt: time.Now(),
}
if changePassword == "on" {
hashedPassword, err := crypto.BcryptHashPassword(password + res.Salt)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
arg.HashedPassword = hashedPassword
arg.ChangePasswordAt = time.Now()
}
_, err = h.biz.SystemV1().UserBiz().Update(ctx, arg)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
h.render.JSONOK(w, "更新成功")
}
}
func (h *userHandler) List(w http.ResponseWriter, r *http.Request) {
switch r.Method {
case http.MethodGet:
h.render.HTML(w, r, "user/list.tmpl", map[string]any{
"Statuses": html.NewSelectControls(global.SearchStatuses, 0),
})
case http.MethodPost:
var q dto.SearchDto
q.SearchStatus = util.ConvertInt(r.PostFormValue("status"), 9999)
q.SearchName = r.PostFormValue("name")
q.SearchEmail = r.PostFormValue("email")
q.SearchID = convertor.ConvertInt[int64](r.PostFormValue("id"), 0)
q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
res, count, err := h.biz.SystemV1().UserBiz().List(r.Context(), q)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
data := tpl.ResponseList{
Code: 0,
Message: "ok",
Count: count,
Data: res,
}
h.render.JSON(w, data)
default:
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
}
}
func (h *userHandler) Profile(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
user := auth.AuthUser(ctx)
vm, _ := h.biz.SystemV1().UserBiz().Get(ctx, user.ID)
h.render.HTML(w, r, "user/profile.tmpl", map[string]any{
"Item": vm,
})
}
func (h *userHandler) Tree(w http.ResponseWriter, r *http.Request) {}
func (h *userHandler) Login(w http.ResponseWriter, r *http.Request) {
ctx := r.Context()
switch r.Method {
case http.MethodGet:
var user dto.AuthorizeUser
u := h.session.GetBytes(ctx, know.StoreName)
if err := json.Unmarshal(u, &user); err == nil {
// 判断租户是否一致, 一致则刷新令牌,跳转到首页
if err := h.session.RenewToken(ctx); err == nil {
h.session.Put(ctx, know.StoreName, u)
http.Redirect(w, r, "/home.html", http.StatusFound)
return
}
}
h.session.Destroy(ctx)
h.render.HTML(w, r, "oauth/login.tmpl", nil)
case http.MethodPost:
req := &req.Login{
Email: strings.TrimSpace(r.PostFormValue("email")),
Password: strings.TrimSpace(r.PostFormValue("password")),
CaptchaID: strings.TrimSpace(r.PostFormValue("captcha_id")),
Captcha: strings.TrimSpace(r.PostFormValue("captcha")),
Ip: r.RemoteAddr,
Referrer: r.Header.Get("Referer"),
Url: r.URL.RequestURI(),
}
if len(req.Email) == 0 {
h.render.JSON(w, tpl.Response{Success: false, Message: "请填写邮箱"})
return
}
if len(req.Password) == 0 {
h.render.JSON(w, tpl.Response{Success: false, Message: "请填写密码"})
return
}
if len(req.Captcha) == 0 {
h.render.JSON(w, tpl.Response{Success: false, Message: "请填写验证码"})
return
}
if !h.biz.CommonV1().CaptchaBiz().Verify(req.CaptchaID, req.Captcha, true) {
h.render.JSON(w, tpl.Response{Success: false, Message: "验证码错误"})
return
}
br, err := browser.NewBrowser(r.Header.Get("User-Agent"))
if err != nil {
h.render.JSONERR(w, "平台信息获取错误")
return
}
req.Os = br.Platform().Name()
req.Browser = br.Name()
err = h.biz.SystemV1().UserBiz().Login(ctx, req)
if err != nil {
h.render.JSONERR(w, err.Error())
return
}
h.render.JSONOK(w, "login successful")
default:
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
}
}
func (h *userHandler) Logout(w http.ResponseWriter, r *http.Request) {
h.session.Destroy(r.Context())
http.Redirect(w, r, "/", http.StatusFound)
}
Reference in New Issue View Git Blame Copy Permalink