恢复余额功能 & 管理员修改余额功能

web/auth/endpoints.go

@@ -336,9 +336,8 @@ func authPassword(c *fiber.Ctx, auth *AuthCtx, req *TokenReq, now time.Time) (*m
 
 			// 手机号首次登录的自动创建用户
 			user = &m.User{
-				Phone:    req.Username,
-				Username: u.P(req.Username),
-				Status:   m.UserStatusEnabled,
+				Phone:  req.Username,
+				Status: m.UserStatusEnabled,
 			}
 		}
 
@@ -549,22 +548,30 @@ func introspectUser(ctx *fiber.Ctx, authCtx *AuthCtx) error {
 func introspectAdmin(ctx *fiber.Ctx, authCtx *AuthCtx) error {
 	// 获取管理员信息
 	profile, err := q.Admin.
+		Preload(q.Admin.Roles, q.Admin.Roles.Permissions).
 		Where(q.Admin.ID.Eq(authCtx.Admin.ID)).
-		Omit(q.Admin.DeletedAt).
+		Omit(q.Admin.DeletedAt, q.Admin.Password).
 		Take()
 	if err != nil {
 		return err
 	}
 
-	// 不返回密码
-	profile.Password = ""
-
-	// 掩码敏感信息
-	if profile.Phone != nil && *profile.Phone != "" {
-		profile.Phone = u.P(maskPhone(*profile.Phone))
+	// 整理权限列表
+	scopes := make(map[string]struct{}, 0)
+	for _, role := range profile.Roles {
+		for _, permission := range role.Permissions {
+			scopes[permission.Name] = struct{}{}
+		}
+	}
+	list := make([]string, 0, len(scopes))
+	for scope := range scopes {
+		list = append(list, scope)
 	}
 
-	return ctx.JSON(profile)
+	return ctx.JSON(struct {
+		*m.Admin
+		Scopes []string `json:"scopes"`
+	}{profile, list})
 }
 
 func maskPhone(phone string) string {