管理员默认密码 admin/admin,首次登录强制改密码;增加服务器部署配置
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
fish
@@ -13,13 +13,14 @@ import (
|
||||
type AuthStore struct{ db *sql.DB }
|
||||
|
||||
type User struct {
|
||||
ID int64 `json:"id"`
|
||||
Username string `json:"username"`
|
||||
PasswordHash string `json:"-"`
|
||||
Role string `json:"role"`
|
||||
Disabled bool `json:"disabled"`
|
||||
CreatedAt string `json:"created_at"`
|
||||
UpdatedAt string `json:"updated_at"`
|
||||
ID int64 `json:"id"`
|
||||
Username string `json:"username"`
|
||||
PasswordHash string `json:"-"`
|
||||
Role string `json:"role"`
|
||||
Disabled bool `json:"disabled"`
|
||||
ForcePasswordChange bool `json:"force_password_change"`
|
||||
CreatedAt string `json:"created_at"`
|
||||
UpdatedAt string `json:"updated_at"`
|
||||
}
|
||||
|
||||
const (
|
||||
@@ -64,7 +65,12 @@ func (s *AuthStore) init() error {
|
||||
);
|
||||
CREATE INDEX IF NOT EXISTS idx_users_username ON users(username);
|
||||
`)
|
||||
return err
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// 兼容旧表:添加 force_password_change 列(已存在则忽略错误)
|
||||
_, _ = s.db.Exec(`ALTER TABLE users ADD COLUMN force_password_change INTEGER NOT NULL DEFAULT 0`)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *AuthStore) CountAdmins() (int, error) {
|
||||
@@ -89,19 +95,19 @@ func (s *AuthStore) CreateUser(username, passwordHash, role string) (*User, erro
|
||||
}
|
||||
|
||||
func (s *AuthStore) GetByUsername(username string) (*User, error) {
|
||||
row := s.db.QueryRow(`SELECT id, username, password_hash, role, disabled, created_at, updated_at
|
||||
row := s.db.QueryRow(`SELECT id, username, password_hash, role, disabled, force_password_change, created_at, updated_at
|
||||
FROM users WHERE username = ?`, username)
|
||||
return scanUser(row)
|
||||
}
|
||||
|
||||
func (s *AuthStore) GetByID(id int64) (*User, error) {
|
||||
row := s.db.QueryRow(`SELECT id, username, password_hash, role, disabled, created_at, updated_at
|
||||
row := s.db.QueryRow(`SELECT id, username, password_hash, role, disabled, force_password_change, created_at, updated_at
|
||||
FROM users WHERE id = ?`, id)
|
||||
return scanUser(row)
|
||||
}
|
||||
|
||||
func (s *AuthStore) ListUsers() ([]User, error) {
|
||||
rows, err := s.db.Query(`SELECT id, username, password_hash, role, disabled, created_at, updated_at
|
||||
rows, err := s.db.Query(`SELECT id, username, password_hash, role, disabled, force_password_change, created_at, updated_at
|
||||
FROM users ORDER BY id ASC`)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@@ -131,6 +137,23 @@ func (s *AuthStore) UpdatePassword(id int64, hash string) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *AuthStore) SetForcePasswordChange(id int64, v bool) error {
|
||||
now := time.Now().Format("2006-01-02 15:04:05")
|
||||
val := 0
|
||||
if v {
|
||||
val = 1
|
||||
}
|
||||
res, err := s.db.Exec(`UPDATE users SET force_password_change = ?, updated_at = ? WHERE id = ?`, val, now, id)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
n, _ := res.RowsAffected()
|
||||
if n == 0 {
|
||||
return ErrNotFound
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (s *AuthStore) SetDisabled(id int64, disabled bool) error {
|
||||
now := time.Now().Format("2006-01-02 15:04:05")
|
||||
v := 0
|
||||
@@ -167,13 +190,15 @@ type rowScanner interface {
|
||||
func scanUser(r rowScanner) (*User, error) {
|
||||
var u User
|
||||
var disabled int
|
||||
if err := r.Scan(&u.ID, &u.Username, &u.PasswordHash, &u.Role, &disabled, &u.CreatedAt, &u.UpdatedAt); err != nil {
|
||||
var forceChange int
|
||||
if err := r.Scan(&u.ID, &u.Username, &u.PasswordHash, &u.Role, &disabled, &forceChange, &u.CreatedAt, &u.UpdatedAt); err != nil {
|
||||
if errors.Is(err, sql.ErrNoRows) {
|
||||
return nil, ErrNotFound
|
||||
}
|
||||
return nil, err
|
||||
}
|
||||
u.Disabled = disabled != 0
|
||||
u.ForcePasswordChange = forceChange != 0
|
||||
return &u, nil
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user