234 lines
6.1 KiB
Go
234 lines
6.1 KiB
Go
package handlers
|
||
|
||
import (
|
||
"net/http"
|
||
|
||
"github.com/gin-gonic/gin"
|
||
"github.com/novablog/server/internal/database"
|
||
"github.com/novablog/server/internal/middleware"
|
||
"github.com/novablog/server/internal/models"
|
||
"github.com/novablog/server/internal/utils"
|
||
"gorm.io/gorm"
|
||
)
|
||
|
||
// AuthHandler 认证处理器
|
||
type AuthHandler struct {
|
||
jwtManager *utils.JWTManager
|
||
}
|
||
|
||
// NewAuthHandler 创建认证处理器
|
||
func NewAuthHandler(jwtManager *utils.JWTManager) *AuthHandler {
|
||
return &AuthHandler{
|
||
jwtManager: jwtManager,
|
||
}
|
||
}
|
||
|
||
// RegisterRequest 注册请求
|
||
type RegisterRequest struct {
|
||
Username string `json:"username" binding:"required,min=3,max=50"`
|
||
Email string `json:"email" binding:"required,email"`
|
||
Password string `json:"password" binding:"required,min=6,max=50"`
|
||
Nickname string `json:"nickname"`
|
||
}
|
||
|
||
// LoginRequest 登录请求
|
||
type LoginRequest struct {
|
||
Username string `json:"username" binding:"required"`
|
||
Password string `json:"password" binding:"required"`
|
||
}
|
||
|
||
// AuthResponse 认证响应
|
||
type AuthResponse struct {
|
||
Token string `json:"token"`
|
||
User models.User `json:"user"`
|
||
}
|
||
|
||
// Register 用户注册
|
||
func (h *AuthHandler) Register(c *gin.Context) {
|
||
var req RegisterRequest
|
||
if err := c.ShouldBindJSON(&req); err != nil {
|
||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||
return
|
||
}
|
||
|
||
// 检查用户名是否已存在
|
||
var existingUser models.User
|
||
if err := database.DB.Where("username = ?", req.Username).First(&existingUser).Error; err == nil {
|
||
c.JSON(http.StatusConflict, gin.H{"error": "username already exists"})
|
||
return
|
||
}
|
||
|
||
// 检查邮箱是否已存在
|
||
if err := database.DB.Where("email = ?", req.Email).First(&existingUser).Error; err == nil {
|
||
c.JSON(http.StatusConflict, gin.H{"error": "email already exists"})
|
||
return
|
||
}
|
||
|
||
// 哈希密码
|
||
hashedPassword, err := utils.HashPassword(req.Password)
|
||
if err != nil {
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to hash password"})
|
||
return
|
||
}
|
||
|
||
// 创建用户
|
||
user := models.User{
|
||
Username: req.Username,
|
||
Email: req.Email,
|
||
Password: hashedPassword,
|
||
Nickname: req.Nickname,
|
||
Role: "user",
|
||
}
|
||
|
||
if err := database.DB.Create(&user).Error; err != nil {
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to create user"})
|
||
return
|
||
}
|
||
|
||
// 生成 Token
|
||
token, err := h.jwtManager.GenerateToken(user.ID, user.Username, user.Role)
|
||
if err != nil {
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to generate token"})
|
||
return
|
||
}
|
||
|
||
c.JSON(http.StatusCreated, AuthResponse{
|
||
Token: token,
|
||
User: user,
|
||
})
|
||
}
|
||
|
||
// Login 用户登录
|
||
func (h *AuthHandler) Login(c *gin.Context) {
|
||
var req LoginRequest
|
||
if err := c.ShouldBindJSON(&req); err != nil {
|
||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||
return
|
||
}
|
||
|
||
// 查找用户(支持用户名或邮箱登录)
|
||
var user models.User
|
||
if err := database.DB.Where("username = ? OR email = ?", req.Username, req.Username).First(&user).Error; err != nil {
|
||
if err == gorm.ErrRecordNotFound {
|
||
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid credentials"})
|
||
return
|
||
}
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "database error"})
|
||
return
|
||
}
|
||
|
||
// 验证密码
|
||
if !utils.CheckPassword(req.Password, user.Password) {
|
||
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid credentials"})
|
||
return
|
||
}
|
||
|
||
// 生成 Token
|
||
token, err := h.jwtManager.GenerateToken(user.ID, user.Username, user.Role)
|
||
if err != nil {
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to generate token"})
|
||
return
|
||
}
|
||
|
||
c.JSON(http.StatusOK, AuthResponse{
|
||
Token: token,
|
||
User: user,
|
||
})
|
||
}
|
||
|
||
// GetCurrentUser 获取当前用户信息(通过 Authorization header)
|
||
func (h *AuthHandler) GetCurrentUser(c *gin.Context) {
|
||
// 从 header 获取 token
|
||
authHeader := c.GetHeader("Authorization")
|
||
if authHeader == "" {
|
||
c.JSON(http.StatusUnauthorized, gin.H{"error": "no token provided"})
|
||
return
|
||
}
|
||
|
||
// 解析 Bearer token
|
||
tokenString := ""
|
||
if len(authHeader) > 7 && authHeader[:7] == "Bearer " {
|
||
tokenString = authHeader[7:]
|
||
} else {
|
||
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid token format"})
|
||
return
|
||
}
|
||
|
||
// 验证 token
|
||
claims, err := h.jwtManager.ParseToken(tokenString)
|
||
if err != nil {
|
||
c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid token"})
|
||
return
|
||
}
|
||
|
||
// 获取用户信息
|
||
var user models.User
|
||
if err := database.DB.First(&user, claims.UserID).Error; err != nil {
|
||
if err == gorm.ErrRecordNotFound {
|
||
c.JSON(http.StatusNotFound, gin.H{"error": "user not found"})
|
||
return
|
||
}
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "database error"})
|
||
return
|
||
}
|
||
|
||
c.JSON(http.StatusOK, gin.H{"user": user})
|
||
}
|
||
|
||
// GetProfile 获取当前用户信息
|
||
func (h *AuthHandler) GetProfile(c *gin.Context) {
|
||
userID, _ := middleware.GetUserID(c)
|
||
|
||
var user models.User
|
||
if err := database.DB.First(&user, userID).Error; err != nil {
|
||
if err == gorm.ErrRecordNotFound {
|
||
c.JSON(http.StatusNotFound, gin.H{"error": "user not found"})
|
||
return
|
||
}
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "database error"})
|
||
return
|
||
}
|
||
|
||
c.JSON(http.StatusOK, user)
|
||
}
|
||
|
||
// UpdateProfileRequest 更新用户信息请求
|
||
type UpdateProfileRequest struct {
|
||
Nickname string `json:"nickname"`
|
||
Avatar string `json:"avatar"`
|
||
Bio string `json:"bio"`
|
||
}
|
||
|
||
// UpdateProfile 更新用户信息
|
||
func (h *AuthHandler) UpdateProfile(c *gin.Context) {
|
||
userID, _ := middleware.GetUserID(c)
|
||
|
||
var req UpdateProfileRequest
|
||
if err := c.ShouldBindJSON(&req); err != nil {
|
||
c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
|
||
return
|
||
}
|
||
|
||
// 更新用户信息
|
||
updates := map[string]interface{}{}
|
||
if req.Nickname != "" {
|
||
updates["nickname"] = req.Nickname
|
||
}
|
||
if req.Avatar != "" {
|
||
updates["avatar"] = req.Avatar
|
||
}
|
||
if req.Bio != "" {
|
||
updates["bio"] = req.Bio
|
||
}
|
||
|
||
if err := database.DB.Model(&models.User{}).Where("id = ?", userID).Updates(updates).Error; err != nil {
|
||
c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to update profile"})
|
||
return
|
||
}
|
||
|
||
// 返回更新后的用户信息
|
||
var user models.User
|
||
database.DB.First(&user, userID)
|
||
|
||
c.JSON(http.StatusOK, user)
|
||
} |