// =========================================== // 多班级版班级管理系统 - Go 后端 // // 开发者: Canglan // 联系方式: admin@sea-studio.top // 版权归属: Sea Network Technology Studio // 许可证: Apache License 2.0 // // 版权所有 © Sea Network Technology Studio // =========================================== package handler import ( "strconv" "github.com/gin-gonic/gin" "hz-gitea.sea-studio.top/canglan/SharedClassManager/internal/middleware" "hz-gitea.sea-studio.top/canglan/SharedClassManager/internal/schema" "hz-gitea.sea-studio.top/canglan/SharedClassManager/internal/service" "hz-gitea.sea-studio.top/canglan/SharedClassManager/pkg/response" ) // AuthHandler 认证处理器 type AuthHandler struct { authService *service.AuthService superAdminService *service.SuperAdminService } // NewAuthHandler 创建认证处理器 func NewAuthHandler(authService *service.AuthService, superAdminService *service.SuperAdminService) *AuthHandler { return &AuthHandler{authService: authService, superAdminService: superAdminService} } // Login 用户登录 func (h *AuthHandler) Login(c *gin.Context) { var req schema.LoginRequest if err := c.ShouldBindJSON(&req); err != nil { response.BadRequest(c, "参数错误") return } ip := c.ClientIP() userAgent := c.GetHeader("User-Agent") result := h.authService.Login(req.Username, req.Password, ip, userAgent) if !result.Success { response.Unauthorized(c, result.Message) return } response.Success(c, result, "登录成功") } // Logout 用户登出 func (h *AuthHandler) Logout(c *gin.Context) { userID := middleware.GetUserID(c) if err := h.authService.Logout(userID); err != nil { response.InternalError(c, "登出失败") return } response.SuccessWithMessage(c, "登出成功") } // ChangePassword 修改密码(超级管理员操作 super_admins 表,普通用户操作 users 表) func (h *AuthHandler) ChangePassword(c *gin.Context) { var req schema.ChangePasswordRequest if err := c.ShouldBindJSON(&req); err != nil { response.BadRequest(c, "参数错误") return } userID := middleware.GetUserID(c) userType := middleware.GetUserType(c) // force 参数仅在用户确实需要强制改密时才允许使用 if req.Force { if userType == "super_admin" { // 超级管理员的 need_change_password 由 super_admin_service 处理 // force 改密时直接允许(登录时已验证 need_change_password 标记) } else { userInfo, err := h.authService.GetUserInfo(userID) if err != nil { response.InternalError(c, err.Error()) return } needChange, _ := userInfo["need_change_password"].(bool) if !needChange { response.BadRequest(c, "当前状态不允许强制修改密码") return } } } if userType == "super_admin" { if err := h.superAdminService.ChangePassword(userID, req.OldPassword, req.NewPassword, req.Force); err != nil { response.BadRequest(c, err.Error()) return } } else { if err := h.authService.ChangePassword(userID, req.OldPassword, req.NewPassword, req.Force); err != nil { response.BadRequest(c, err.Error()) return } } response.SuccessWithMessage(c, "密码修改成功,请重新登录") } // GetUserInfo 获取当前用户信息 func (h *AuthHandler) GetUserInfo(c *gin.Context) { userID := middleware.GetUserID(c) userInfo, err := h.authService.GetUserInfo(userID) if err != nil { response.InternalError(c, err.Error()) return } response.Success(c, userInfo, "操作成功") } // parseID 解析路径参数中的 ID func parseID(c *gin.Context, key string) (int, bool) { idStr := c.Param(key) id, err := strconv.Atoi(idStr) if err != nil { response.BadRequest(c, "无效的ID参数") return 0, false } return id, true }