325 lines
8.6 KiB
Go
325 lines
8.6 KiB
Go
package system
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"management/internal/db/model/dto"
|
|
db "management/internal/db/sqlc"
|
|
"management/internal/erpserver/biz"
|
|
"management/internal/erpserver/model/req"
|
|
"management/internal/global"
|
|
"management/internal/global/html"
|
|
"management/internal/global/know"
|
|
"management/internal/middleware/manage/auth"
|
|
"management/internal/pkg/convertor"
|
|
"management/internal/pkg/crypto"
|
|
"management/internal/pkg/rand"
|
|
"management/internal/pkg/session"
|
|
"management/internal/pkg/tpl"
|
|
"management/internal/router/manage/util"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/zhang2092/browser"
|
|
)
|
|
|
|
type UserHandler interface {
|
|
Add(w http.ResponseWriter, r *http.Request)
|
|
Edit(w http.ResponseWriter, r *http.Request)
|
|
Save(w http.ResponseWriter, r *http.Request)
|
|
List(w http.ResponseWriter, r *http.Request)
|
|
Profile(w http.ResponseWriter, r *http.Request)
|
|
Data(w http.ResponseWriter, r *http.Request)
|
|
|
|
UserExpansion
|
|
}
|
|
|
|
type UserExpansion interface {
|
|
Login(w http.ResponseWriter, r *http.Request)
|
|
Logout(w http.ResponseWriter, r *http.Request)
|
|
}
|
|
|
|
// userHandler 是 UserHandler 接口的实现.
|
|
type userHandler struct {
|
|
render tpl.Renderer
|
|
session session.ISession
|
|
biz biz.IBiz
|
|
}
|
|
|
|
// 确保 userHandler 实现了 UserHandler 接口.
|
|
var _ UserHandler = (*userHandler)(nil)
|
|
|
|
func NewUserHandler(render tpl.Renderer, session session.ISession, biz biz.IBiz) *userHandler {
|
|
return &userHandler{
|
|
render: render,
|
|
session: session,
|
|
biz: biz,
|
|
}
|
|
}
|
|
|
|
func (h *userHandler) Add(w http.ResponseWriter, r *http.Request) {
|
|
h.render.HTML(w, r, "user/edit.tmpl", map[string]any{
|
|
"Item": &db.SysUser{
|
|
HashedPassword: nil,
|
|
},
|
|
})
|
|
}
|
|
|
|
func (h *userHandler) Edit(w http.ResponseWriter, r *http.Request) {
|
|
vars := r.URL.Query()
|
|
id := convertor.QueryInt[int32](vars, "id", 0)
|
|
sysUser := &db.SysUser{}
|
|
if id > 0 {
|
|
ctx := r.Context()
|
|
if user, err := h.biz.SystemV1().UserBiz().Get(ctx, id); err == nil {
|
|
user.HashedPassword = nil
|
|
sysUser = user
|
|
}
|
|
}
|
|
h.render.HTML(w, r, "user/edit.tmpl", map[string]any{
|
|
"Item": sysUser,
|
|
})
|
|
}
|
|
|
|
func (h *userHandler) Save(w http.ResponseWriter, r *http.Request) {
|
|
id := convertor.ConvertInt[int32](r.PostFormValue("ID"), 0)
|
|
email := r.PostFormValue("Email")
|
|
username := r.PostFormValue("Username")
|
|
password := r.PostFormValue("Password")
|
|
changePassword := r.PostFormValue("ChangePassword")
|
|
gender := convertor.ConvertInt[int32](r.PostFormValue("Gender"), 0)
|
|
avatar := r.PostFormValue("File")
|
|
status := convertor.ConvertInt[int32](r.PostFormValue("Status"), 0)
|
|
|
|
ctx := r.Context()
|
|
departmentID := convertor.ConvertInt[int32](r.PostFormValue("DepartmentID"), 0)
|
|
var department *db.SysDepartment
|
|
var err error
|
|
if departmentID > 0 {
|
|
department, err = h.biz.SystemV1().DepartmentBiz().Get(ctx, departmentID)
|
|
if err != nil {
|
|
h.render.JSONERR(w, "部门数据错误")
|
|
return
|
|
}
|
|
}
|
|
var role *db.SysRole
|
|
roleID := convertor.ConvertInt[int32](r.PostFormValue("RoleID"), 0)
|
|
if roleID > 0 {
|
|
role, err = h.biz.SystemV1().RoleBiz().Get(ctx, roleID)
|
|
if err != nil {
|
|
h.render.JSONERR(w, "角色数据错误")
|
|
return
|
|
}
|
|
}
|
|
|
|
if id == 0 {
|
|
salt, err := rand.String(10)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
hashedPassword, err := crypto.BcryptHashPassword(password + salt)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
initTime, err := time.ParseInLocation(time.DateTime, "0001-01-01 00:00:00", time.Local)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
arg := &db.CreateSysUserParams{
|
|
Uuid: uuid.Must(uuid.NewV7()),
|
|
Email: email,
|
|
Username: username,
|
|
HashedPassword: hashedPassword,
|
|
Salt: salt,
|
|
Avatar: avatar,
|
|
Gender: gender,
|
|
DepartmentID: department.ID,
|
|
RoleID: role.ID,
|
|
Status: status,
|
|
ChangePasswordAt: initTime,
|
|
CreatedAt: time.Now(),
|
|
UpdatedAt: time.Now(),
|
|
}
|
|
_, err = h.biz.SystemV1().UserBiz().Create(ctx, arg)
|
|
if err != nil {
|
|
if db.IsUniqueViolation(err) {
|
|
h.render.JSONERR(w, "数据已存在")
|
|
return
|
|
}
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
h.render.JSONOK(w, "添加成功")
|
|
} else {
|
|
res, err := h.biz.SystemV1().UserBiz().Get(ctx, id)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
arg := &db.UpdateSysUserParams{
|
|
ID: res.ID,
|
|
Username: username,
|
|
HashedPassword: res.HashedPassword,
|
|
Avatar: avatar,
|
|
Gender: int32(gender),
|
|
DepartmentID: department.ID,
|
|
RoleID: role.ID,
|
|
Status: int32(status),
|
|
ChangePasswordAt: res.ChangePasswordAt,
|
|
UpdatedAt: time.Now(),
|
|
}
|
|
if changePassword == "on" {
|
|
hashedPassword, err := crypto.BcryptHashPassword(password + res.Salt)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
arg.HashedPassword = hashedPassword
|
|
arg.ChangePasswordAt = time.Now()
|
|
}
|
|
_, err = h.biz.SystemV1().UserBiz().Update(ctx, arg)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
h.render.JSONOK(w, "更新成功")
|
|
}
|
|
}
|
|
|
|
func (h *userHandler) List(w http.ResponseWriter, r *http.Request) {
|
|
switch r.Method {
|
|
case http.MethodGet:
|
|
h.render.HTML(w, r, "user/list.tmpl", map[string]any{
|
|
"Statuses": html.NewSelectControls(global.SearchStatuses, 0),
|
|
})
|
|
case http.MethodPost:
|
|
var q dto.SearchDto
|
|
q.SearchStatus = util.ConvertInt(r.PostFormValue("status"), 9999)
|
|
q.SearchName = r.PostFormValue("name")
|
|
q.SearchEmail = r.PostFormValue("email")
|
|
q.SearchID = convertor.ConvertInt[int64](r.PostFormValue("id"), 0)
|
|
q.Page = util.ConvertInt(r.PostFormValue("page"), 1)
|
|
q.Rows = util.ConvertInt(r.PostFormValue("rows"), 10)
|
|
res, count, err := h.biz.SystemV1().UserBiz().List(r.Context(), q)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
data := tpl.ResponseList{
|
|
Code: 0,
|
|
Message: "ok",
|
|
Count: count,
|
|
Data: res,
|
|
}
|
|
h.render.JSON(w, data)
|
|
default:
|
|
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
|
|
}
|
|
}
|
|
|
|
func (h *userHandler) Profile(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
user := auth.AuthUser(ctx)
|
|
vm, _ := h.biz.SystemV1().UserBiz().Get(ctx, user.ID)
|
|
h.render.HTML(w, r, "user/profile.tmpl", map[string]any{
|
|
"Item": vm,
|
|
})
|
|
}
|
|
|
|
func (h *userHandler) Data(w http.ResponseWriter, r *http.Request) {
|
|
vars := r.URL.Query()
|
|
t := vars.Get("type")
|
|
if t == "xmselect" {
|
|
res, err := h.biz.SystemV1().UserBiz().XmSelect(r.Context())
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
h.render.JSON(w, res)
|
|
return
|
|
}
|
|
|
|
h.render.JSON(w, nil)
|
|
}
|
|
|
|
func (h *userHandler) Login(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
switch r.Method {
|
|
case http.MethodGet:
|
|
var user dto.AuthorizeUser
|
|
u := h.session.GetBytes(ctx, know.StoreName)
|
|
if err := json.Unmarshal(u, &user); err == nil {
|
|
// 判断租户是否一致, 一致则刷新令牌,跳转到首页
|
|
if err := h.session.RenewToken(ctx); err == nil {
|
|
h.session.Put(ctx, know.StoreName, u)
|
|
http.Redirect(w, r, "/home.html", http.StatusFound)
|
|
return
|
|
}
|
|
}
|
|
h.session.Destroy(ctx)
|
|
h.render.HTML(w, r, "oauth/login.tmpl", nil)
|
|
case http.MethodPost:
|
|
req := &req.Login{
|
|
Email: strings.TrimSpace(r.PostFormValue("email")),
|
|
Password: strings.TrimSpace(r.PostFormValue("password")),
|
|
CaptchaID: strings.TrimSpace(r.PostFormValue("captcha_id")),
|
|
Captcha: strings.TrimSpace(r.PostFormValue("captcha")),
|
|
Ip: r.RemoteAddr,
|
|
Referrer: r.Header.Get("Referer"),
|
|
Url: r.URL.RequestURI(),
|
|
}
|
|
|
|
if len(req.Email) == 0 {
|
|
h.render.JSON(w, tpl.Response{Success: false, Message: "请填写邮箱"})
|
|
return
|
|
}
|
|
if len(req.Password) == 0 {
|
|
h.render.JSON(w, tpl.Response{Success: false, Message: "请填写密码"})
|
|
return
|
|
}
|
|
if len(req.Captcha) == 0 {
|
|
h.render.JSON(w, tpl.Response{Success: false, Message: "请填写验证码"})
|
|
return
|
|
}
|
|
if !h.biz.CommonV1().CaptchaBiz().Verify(req.CaptchaID, req.Captcha, true) {
|
|
h.render.JSON(w, tpl.Response{Success: false, Message: "验证码错误"})
|
|
return
|
|
}
|
|
|
|
br, err := browser.NewBrowser(r.Header.Get("User-Agent"))
|
|
if err != nil {
|
|
h.render.JSONERR(w, "平台信息获取错误")
|
|
return
|
|
}
|
|
|
|
req.Os = br.Platform().Name()
|
|
req.Browser = br.Name()
|
|
err = h.biz.SystemV1().UserBiz().Login(ctx, req)
|
|
if err != nil {
|
|
h.render.JSONERR(w, err.Error())
|
|
return
|
|
}
|
|
|
|
h.render.JSONOK(w, "login successful")
|
|
default:
|
|
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
|
|
}
|
|
}
|
|
|
|
func (h *userHandler) Logout(w http.ResponseWriter, r *http.Request) {
|
|
h.session.Destroy(r.Context())
|
|
http.Redirect(w, r, "/", http.StatusFound)
|
|
}
|