2026-02-25 11:52:11 +08:00
|
|
|
|
package handler
|
|
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
|
|
"soul-api/internal/auth"
|
|
|
|
|
|
"soul-api/internal/config"
|
2026-03-04 19:06:06 +08:00
|
|
|
|
"soul-api/internal/database"
|
|
|
|
|
|
"soul-api/internal/model"
|
2026-02-25 11:52:11 +08:00
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
2026-03-04 19:06:06 +08:00
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
|
|
"gorm.io/gorm"
|
2026-02-25 11:52:11 +08:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
// AdminCheck GET /api/admin 鉴权检查(JWT:Authorization Bearer 或 Cookie),已登录返回 success 或概览占位
|
|
|
|
|
|
func AdminCheck(c *gin.Context) {
|
|
|
|
|
|
cfg := config.Get()
|
|
|
|
|
|
if cfg == nil {
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{"success": true})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
token := auth.GetAdminJWTFromRequest(c.Request)
|
|
|
|
|
|
if _, ok := auth.ParseAdminJWT(token, cfg.AdminSessionSecret); !ok {
|
|
|
|
|
|
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"success": false, "error": "未授权访问,请先登录"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
|
"success": true,
|
|
|
|
|
|
"content": gin.H{
|
|
|
|
|
|
"totalChapters": 0, "totalWords": 0, "publishedChapters": 0, "draftChapters": 0,
|
|
|
|
|
|
"lastUpdate": nil,
|
|
|
|
|
|
},
|
|
|
|
|
|
"payment": gin.H{
|
|
|
|
|
|
"totalRevenue": 0, "todayRevenue": 0, "totalOrders": 0, "todayOrders": 0, "averagePrice": 0,
|
|
|
|
|
|
},
|
|
|
|
|
|
"referral": gin.H{
|
|
|
|
|
|
"totalReferrers": 0, "activeReferrers": 0, "totalCommission": 0, "paidCommission": 0, "pendingCommission": 0,
|
|
|
|
|
|
},
|
|
|
|
|
|
"users": gin.H{
|
|
|
|
|
|
"totalUsers": 0, "purchasedUsers": 0, "activeUsers": 0, "todayNewUsers": 0,
|
|
|
|
|
|
},
|
|
|
|
|
|
})
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2026-03-04 19:06:06 +08:00
|
|
|
|
// AdminLogin POST /api/admin 登录(优先校验 admin_users 表,表空时回退 ADMIN_USERNAME/PASSWORD 并自动初始化)
|
2026-02-25 11:52:11 +08:00
|
|
|
|
func AdminLogin(c *gin.Context) {
|
|
|
|
|
|
cfg := config.Get()
|
|
|
|
|
|
if cfg == nil {
|
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": "配置未加载"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
var body struct {
|
|
|
|
|
|
Username string `json:"username" binding:"required"`
|
|
|
|
|
|
Password string `json:"password" binding:"required"`
|
|
|
|
|
|
}
|
|
|
|
|
|
if err := c.ShouldBindJSON(&body); err != nil {
|
|
|
|
|
|
c.JSON(http.StatusBadRequest, gin.H{"success": false, "error": "参数错误"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
username := trimSpace(body.Username)
|
|
|
|
|
|
password := body.Password
|
2026-03-04 19:06:06 +08:00
|
|
|
|
db := database.DB()
|
|
|
|
|
|
|
|
|
|
|
|
// 1. 尝试从 admin_users 表校验
|
|
|
|
|
|
var u model.AdminUser
|
|
|
|
|
|
err := db.Where("username = ?", username).First(&u).Error
|
|
|
|
|
|
if err == nil {
|
|
|
|
|
|
if u.Status != "active" {
|
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "error": "账号已禁用"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if bcryptErr := bcrypt.CompareHashAndPassword([]byte(u.PasswordHash), []byte(password)); bcryptErr != nil {
|
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "error": "用户名或密码错误"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
token, err := auth.IssueAdminJWT(cfg.AdminSessionSecret, u.Username, u.Role)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": "签发失败"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
|
"success": true,
|
|
|
|
|
|
"token": token,
|
|
|
|
|
|
"user": gin.H{"id": u.ID, "username": u.Username, "role": u.Role, "name": u.Name},
|
|
|
|
|
|
})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 2. 表内无匹配:若表为空且 env 账号正确,则创建初始 super_admin 并登录
|
|
|
|
|
|
if err != gorm.ErrRecordNotFound {
|
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": "系统错误"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
if cfg.AdminUsername == "" || cfg.AdminPassword == "" {
|
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "error": "用户名或密码错误"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2026-02-25 11:52:11 +08:00
|
|
|
|
if username != cfg.AdminUsername || password != cfg.AdminPassword {
|
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "error": "用户名或密码错误"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2026-03-04 19:06:06 +08:00
|
|
|
|
// 表为空时初始化超级管理员
|
|
|
|
|
|
var cnt int64
|
|
|
|
|
|
if db.Model(&model.AdminUser{}).Count(&cnt).Error != nil || cnt > 0 {
|
|
|
|
|
|
c.JSON(http.StatusUnauthorized, gin.H{"success": false, "error": "用户名或密码错误"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": "初始化失败"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
initial := model.AdminUser{
|
|
|
|
|
|
Username: cfg.AdminUsername,
|
|
|
|
|
|
PasswordHash: string(hash),
|
|
|
|
|
|
Role: "super_admin",
|
|
|
|
|
|
Name: "卡若",
|
|
|
|
|
|
Status: "active",
|
|
|
|
|
|
}
|
|
|
|
|
|
if err := db.Create(&initial).Error; err != nil {
|
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": "初始化失败"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
token, err := auth.IssueAdminJWT(cfg.AdminSessionSecret, initial.Username, initial.Role)
|
2026-02-25 11:52:11 +08:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": "签发失败"})
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
|
|
|
|
"success": true,
|
|
|
|
|
|
"token": token,
|
2026-03-04 19:06:06 +08:00
|
|
|
|
"user": gin.H{"id": initial.ID, "username": initial.Username, "role": initial.Role, "name": initial.Name},
|
2026-02-25 11:52:11 +08:00
|
|
|
|
})
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// AdminLogout POST /api/admin/logout 服务端无状态,仅返回成功;前端需清除本地 token
|
|
|
|
|
|
func AdminLogout(c *gin.Context) {
|
|
|
|
|
|
c.JSON(http.StatusOK, gin.H{"success": true})
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func trimSpace(s string) string {
|
|
|
|
|
|
start := 0
|
|
|
|
|
|
for start < len(s) && (s[start] == ' ' || s[start] == '\t') {
|
|
|
|
|
|
start++
|
|
|
|
|
|
}
|
|
|
|
|
|
end := len(s)
|
|
|
|
|
|
for end > start && (s[end-1] == ' ' || s[end-1] == '\t') {
|
|
|
|
|
|
end--
|
|
|
|
|
|
}
|
|
|
|
|
|
return s[start:end]
|
|
|
|
|
|
}
|
