fumiama/paper-manager
1
0
Fork 0
mirror of https://github.com/fumiama/paper-manager.git synced 2026-06-23 12:00:35 +08:00
Code Activity

finish dashboard/account

Browse Source
This commit is contained in:
源文雨
2023-03-22 14:53:32 +08:00
parent 5ecee0d12b
commit 9f97d66600
10 changed files with 468 additions and 505 deletions
Download Patch File Download Diff File Expand all files Collapse all files

354
backend/api.go
View File

@@ -1,10 +1,7 @@
package backend
import (
"encoding/json"
"net/http"
"strconv"
"strings"
"github.com/fumiama/paper-manager/backend/global"
"github.com/fumiama/paper-manager/backend/utils"
@@ -25,357 +22,6 @@ func (h *apihandler) handle(w http.ResponseWriter, r *http.Request) {
var apimap = make(map[string]*apihandler, 512)
func init() {
apimap["/api/getLoginSalt"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
username := r.URL.Query().Get("username")
if username == "" {
writeresult(w, codeError, nil, "empty username", typeError)
return
}
salt, err := getLoginSalt(username)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, salt, messageOk, typeSuccess)
}}
apimap["/api/login"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type loginbody struct {
Username string `json:"username"`
Password string `json:"password"`
}
var body loginbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
ret, err := login(body.Username, body.Password)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, ret, messageOk, typeSuccess)
}}
apimap["/api/getUserInfo"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
ret, err := getUserInfo(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, ret, messageOk, typeSuccess)
}}
apimap["/api/logout"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
err := logout(r.Header.Get("Authorization"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
}}
apimap["/api/register"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type registerbody struct {
Username string `json:"username"`
Mobile string `json:"mobile"`
Password string `json:"password"`
}
if r.Header.Get("Authorization") != "" {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body registerbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
ip := r.RemoteAddr
i := strings.LastIndex(ip, ":")
if i >= 0 {
ip = ip[:i]
}
err = register(ip, body.Username, body.Mobile, body.Password)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "已上报, 请耐心等待通知"}, messageOk, typeSuccess)
}}
apimap["/api/getUsersCount"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
n, err := getUsersCount(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, n, messageOk, typeSuccess)
}}
apimap["/api/getUsersList"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
ret, err := getUsersList(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, &ret, messageOk, typeSuccess)
}}
apimap["/api/isNameExist"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
name := r.URL.Query().Get("username")
if name == "" {
writeresult(w, codeError, nil, "empty username", typeError)
return
}
yes, err := isNameExist(token, name)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, yes, messageOk, typeSuccess)
}}
apimap["/api/setPassword"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setpasswordbody struct {
Token string `json:"token"`
Password string `json:"password"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body setpasswordbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = setUserPassword(*user.ID, body.Token, body.Password)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "成功, 请重新登录"}, messageOk, typeSuccess)
_ = logout(token)
}}
apimap["/api/setContact"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setcontactbody struct {
Token string `json:"token"`
Contact string `json:"contact"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body setcontactbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = setUserContact(*user.ID, body.Token, body.Contact)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
user.Cont = hideContact(body.Contact)
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "成功, 已将消息报告给课程组长"}, messageOk, typeSuccess)
}}
apimap["/api/setUserInfo"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setuserinfobody struct {
Nick string `json:"nick"`
Desc string `json:"desc"`
Avtr string `json:"avtr"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body setuserinfobody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = setUserInfo(*user.ID, &body.Nick, &body.Desc, &body.Avtr)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
user.Nick = body.Nick
user.Desc = body.Desc
user.Avtr = body.Avtr
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "成功"}, messageOk, typeSuccess)
}}
apimap["/api/setRole"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setrolebody struct {
ID int `json:"id"`
Role global.UserRole `json:"role"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
if !user.IsSuper() {
writeresult(w, codeError, nil, errNoSetRolePermission.Error(), typeError)
return
}
var body setrolebody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
if body.ID == *user.ID {
writeresult(w, codeError, nil, "cannot set self", typeError)
return
}
err = setUserRole(body.ID, body.Role, user.Name)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
}}
apimap["/api/disableUser"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type disableuserbody struct {
ID int `json:"id"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
if !user.IsSuper() {
writeresult(w, codeError, nil, errNoSetRolePermission.Error(), typeError)
return
}
var body disableuserbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
if body.ID == *user.ID {
writeresult(w, codeError, nil, "cannot disbale self", typeError)
return
}
err = global.UserDB.DisableUser(body.ID, user.Name)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
}}
apimap["/api/resetPassword"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type resetpwdbody struct {
Username string `json:"username"`
Mobile string `json:"mobile"`
}
if r.Header.Get("Authorization") != "" {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body resetpwdbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
ip := r.RemoteAddr
i := strings.LastIndex(ip, ":")
if i >= 0 {
ip = ip[:i]
}
err = resetPassword(ip, body.Username, body.Mobile)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "已上报, 请耐心等待通知"}, messageOk, typeSuccess)
}}
apimap["/api/getMessageList"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
ret, err := getMessageList(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, ret, messageOk, typeSuccess)
}}
apimap["/api/acceptMessage"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
id, err := strconv.Atoi(r.URL.Query().Get("id"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = acceptMessage(r.Header.Get("Authorization"), id)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, "成功", messageOk, typeSuccess)
}}
apimap["/api/delMessage"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
id, err := strconv.Atoi(r.URL.Query().Get("id"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = delMessage(r.Header.Get("Authorization"), id)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, "成功", messageOk, typeSuccess)
}}
apimap["/api/getAnnualVisits"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
user := usertokens.Get(token)

57
backend/login.go
View File

@@ -5,8 +5,10 @@ import (
crand "crypto/rand"
"encoding/base64"
"encoding/hex"
"encoding/json"
"errors"
"math/rand"
"net/http"
"sync/atomic"
"time"
@@ -147,3 +149,58 @@ func login(username, challenge string) (*loginResult, error) {
Desc: user.Desc,
}, nil
}
func logout(token string) error {
user := usertokens.Get(token)
if user == nil {
return errInvalidToken
}
loginstatus.Delete(user.Name)
usertokens.Delete(token)
return nil
}
func init() {
apimap["/api/getLoginSalt"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
username := r.URL.Query().Get("username")
if username == "" {
writeresult(w, codeError, nil, "empty username", typeError)
return
}
salt, err := getLoginSalt(username)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, salt, messageOk, typeSuccess)
}}
apimap["/api/login"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type loginbody struct {
Username string `json:"username"`
Password string `json:"password"`
}
var body loginbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
ret, err := login(body.Username, body.Password)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, ret, messageOk, typeSuccess)
}}
apimap["/api/logout"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
err := logout(r.Header.Get("Authorization"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
}}
}

42
backend/message.go
View File

@@ -2,6 +2,8 @@ package backend
import (
"errors"
"net/http"
"strconv"
"time"
"github.com/fumiama/paper-manager/backend/global"
@@ -107,3 +109,43 @@ func delMessage(token string, id int) error {
}
return global.UserDB.DelMessageByID(id)
}
func init() {
apimap["/api/getMessageList"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
ret, err := getMessageList(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, ret, messageOk, typeSuccess)
}}
apimap["/api/acceptMessage"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
id, err := strconv.Atoi(r.URL.Query().Get("id"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = acceptMessage(r.Header.Get("Authorization"), id)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, "成功", messageOk, typeSuccess)
}}
apimap["/api/delMessage"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
id, err := strconv.Atoi(r.URL.Query().Get("id"))
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = delMessage(r.Header.Get("Authorization"), id)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, "成功", messageOk, typeSuccess)
}}
}

38
backend/register.go
View File

@@ -1,7 +1,10 @@
package backend
import (
"encoding/json"
"errors"
"net/http"
"strings"
"time"
"github.com/FloatTech/ttl"
@@ -25,3 +28,38 @@ func register(ip, name, mobile, npwd string) error {
registerlimit.Set(ip, true)
return global.UserDB.NotifyRegister(ip, name, mobile, npwd)
}
func init() {
apimap["/api/register"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type registerbody struct {
Username string `json:"username"`
Mobile string `json:"mobile"`
Password string `json:"password"`
}
if r.Header.Get("Authorization") != "" {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body registerbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
ip := r.RemoteAddr
i := strings.LastIndex(ip, ":")
if i >= 0 {
ip = ip[:i]
}
err = register(ip, body.Username, body.Mobile, body.Password)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "已上报, 请耐心等待通知"}, messageOk, typeSuccess)
}}
}

287
backend/user.go
View File

@@ -3,7 +3,9 @@ package backend
import (
"crypto/md5"
"encoding/hex"
"encoding/json"
"errors"
"net/http"
"os"
"strings"
"time"
@@ -74,16 +76,6 @@ func getUserInfo(token string) (*getUserInfoResult, error) {
}, nil
}
func logout(token string) error {
user := usertokens.Get(token)
if user == nil {
return errInvalidToken
}
loginstatus.Delete(user.Name)
usertokens.Delete(token)
return nil
}
func getUsersCount(token string) (int, error) {
user := usertokens.Get(token)
if user == nil {
@@ -196,6 +188,25 @@ func setUserInfo(id int, nick, desc, avtr *string) error {
return global.UserDB.UpdateUserInfo(id, user.Name, n, a, d)
}
// setOthersInfo may change the arguments
func setOthersInfo(id int, opname, nick, desc string) error {
user, err := global.UserDB.GetUserByID(id)
if err != nil {
return err
}
if nick == user.Nick {
nick = ""
} else if nick != "" {
user.Nick = nick
}
if desc == user.Desc {
desc = ""
} else if desc != "" {
user.Desc = desc
}
return global.UserDB.UpdateUserInfo(id, opname, nick, "", desc)
}
func setUserRole(id int, role global.UserRole, opname string) error {
if !role.IsVaild() {
return errInvalidRole
@@ -204,6 +215,9 @@ func setUserRole(id int, role global.UserRole, opname string) error {
if err != nil {
return err
}
if role == user.Role {
return nil
}
return global.UserDB.UpdateUserRole(*user.ID, role, opname)
}
@@ -217,3 +231,256 @@ func resetPassword(ip, name, mobile string) error {
registerlimit.Set(ip, true)
return global.UserDB.NotifyResetPassword(ip, name, mobile)
}
func init() {
apimap["/api/getUserInfo"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
ret, err := getUserInfo(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, ret, messageOk, typeSuccess)
}}
apimap["/api/getUsersCount"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
n, err := getUsersCount(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, n, messageOk, typeSuccess)
}}
apimap["/api/getUsersList"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
ret, err := getUsersList(token)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, &ret, messageOk, typeSuccess)
}}
apimap["/api/isNameExist"] = &apihandler{"GET", func(w http.ResponseWriter, r *http.Request) {
token := r.Header.Get("Authorization")
name := r.URL.Query().Get("username")
if name == "" {
writeresult(w, codeError, nil, "empty username", typeError)
return
}
yes, err := isNameExist(token, name)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, yes, messageOk, typeSuccess)
}}
apimap["/api/setPassword"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setpasswordbody struct {
Token string `json:"token"`
Password string `json:"password"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body setpasswordbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = setUserPassword(*user.ID, body.Token, body.Password)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "成功, 请重新登录"}, messageOk, typeSuccess)
_ = logout(token)
}}
apimap["/api/setContact"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setcontactbody struct {
Token string `json:"token"`
Contact string `json:"contact"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body setcontactbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
err = setUserContact(*user.ID, body.Token, body.Contact)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
user.Cont = hideContact(body.Contact)
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "成功, 已将消息报告给课程组长"}, messageOk, typeSuccess)
}}
apimap["/api/setUserInfo"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setuserinfobody struct {
ID int `json:"id"`
Nick string `json:"nick"`
Desc string `json:"desc"`
Avtr string `json:"avtr"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body setuserinfobody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
if body.ID != 0 {
if !user.IsSuper() {
writeresult(w, codeError, nil, "no permission to set others' info", typeError)
return
}
err = setOthersInfo(body.ID, user.Name, body.Nick, body.Desc)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, &message{M: "成功"}, messageOk, typeSuccess)
return
}
err = setUserInfo(*user.ID, &body.Nick, &body.Desc, &body.Avtr)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
user.Nick = body.Nick
user.Desc = body.Desc
user.Avtr = body.Avtr
writeresult(w, codeSuccess, &message{M: "成功"}, messageOk, typeSuccess)
}}
apimap["/api/setRole"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type setrolebody struct {
ID int `json:"id"`
Role global.UserRole `json:"role"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
if !user.IsSuper() {
writeresult(w, codeError, nil, errNoSetRolePermission.Error(), typeError)
return
}
var body setrolebody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
if body.ID == *user.ID {
writeresult(w, codeError, nil, "cannot set self", typeError)
return
}
err = setUserRole(body.ID, body.Role, user.Name)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
}}
apimap["/api/disableUser"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type disableuserbody struct {
ID int `json:"id"`
}
token := r.Header.Get("Authorization")
user := usertokens.Get(token)
if user == nil {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
if !user.IsSuper() {
writeresult(w, codeError, nil, errNoSetRolePermission.Error(), typeError)
return
}
var body disableuserbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
if body.ID == *user.ID {
writeresult(w, codeError, nil, "cannot disbale self", typeError)
return
}
err = global.UserDB.DisableUser(body.ID, user.Name)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
writeresult(w, codeSuccess, nil, messageOk, typeSuccess)
}}
apimap["/api/resetPassword"] = &apihandler{"POST", func(w http.ResponseWriter, r *http.Request) {
type resetpwdbody struct {
Username string `json:"username"`
Mobile string `json:"mobile"`
}
if r.Header.Get("Authorization") != "" {
writeresult(w, codeError, nil, errInvalidToken.Error(), typeError)
return
}
var body resetpwdbody
defer r.Body.Close()
err := json.NewDecoder(r.Body).Decode(&body)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
ip := r.RemoteAddr
i := strings.LastIndex(ip, ":")
if i >= 0 {
ip = ip[:i]
}
err = resetPassword(ip, body.Username, body.Mobile)
if err != nil {
writeresult(w, codeError, nil, err.Error(), typeError)
return
}
type message struct {
M string `json:"msg"`
}
writeresult(w, codeSuccess, &message{M: "已上报, 请耐心等待通知"}, messageOk, typeSuccess)
}}
}