添加用户信息更新接口，掩码敏感信息；修正 ContactQQ 字段命名

2025-04-29 18:48:14 +08:00
parent 2fa8b4d540
commit f2ea7b152a
7 changed files with 169 additions and 20 deletions
--- a/web/handlers/auth.go
+++ b/web/handlers/auth.go
@@ -313,7 +313,28 @@ func Introspect(c *fiber.Ctx) error {
 		return err
 	}

+	// 掩码敏感信息
+	if profile.Phone != "" {
+		profile.Phone = maskPhone(profile.Phone)
+	}
+	if profile.IDNo != "" {
+		profile.IDNo = maskIdNo(profile.IDNo)
+	}
 	return c.JSON(IntrospectResp{*profile})
 }

+func maskPhone(phone string) string {
+	if len(phone) < 11 {
+		return phone
+	}
+	return phone[:3] + "****" + phone[7:]
+}
+
+func maskIdNo(idNo string) string {
+	if len(idNo) < 18 {
+		return idNo
+	}
+	return idNo[:3] + "*********" + idNo[14:]
+}
+
 // endregion
--- a/web/handlers/user.go
+++ b/web/handlers/user.go
@@ -2,15 +2,145 @@ package handlers

 import (
 	"platform/web/auth"
+	"platform/web/common"
+	m "platform/web/models"
 	q "platform/web/queries"
 	s "platform/web/services"
 	"strconv"
 	"time"

 	"github.com/gofiber/fiber/v2"
+	"golang.org/x/crypto/bcrypt"
 )

-// region recharge
+// region /update
+
+type UpdateUserReq struct {
+	Username      string `json:"username" validate:"omitempty,min=3,max=20"`
+	Email         string `json:"email" validate:"omitempty,email"`
+	ContactQQ     string `json:"contact_qq" validate:"omitempty,qq"`
+	ContactWechat string `json:"contact_wechat" validate:"omitempty,wechat"`
+}
+
+func UpdateUser(c *fiber.Ctx) error {
+	// 检查权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(UpdateUserReq)
+	if err := c.BodyParser(req); err != nil {
+		return err
+	}
+
+	// 更新用户信息
+	_, err = q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		Updates(m.User{
+			Username:      req.Username,
+			Email:         req.Email,
+			ContactQQ:     req.ContactQQ,
+			ContactWechat: req.ContactWechat,
+		})
+	if err != nil {
+		return err
+	}
+
+	// 返回结果
+	return c.SendStatus(fiber.StatusNoContent)
+}
+
+// endregion
+
+// region /update/account
+
+type UpdateAccountReq struct {
+	Username string `json:"username" validate:"omitempty,min=3,max=20"`
+	Password string `json:"password" validate:"omitempty,min=6,max=20"`
+}
+
+func UpdateAccount(c *fiber.Ctx) error {
+	// 检查权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(UpdateAccountReq)
+	if err := c.BodyParser(req); err != nil {
+		return err
+	}
+
+	// 更新用户信息
+	_, err = q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		Updates(m.User{
+			Username: req.Username,
+			Password: req.Password,
+		})
+	if err != nil {
+		return err
+	}
+
+	// 返回结果
+	return c.SendStatus(fiber.StatusNoContent)
+}
+
+// endregion
+
+// region /update/password
+
+type UpdatePasswordReq struct {
+	Phone    string `json:"phone"`
+	Code     string `json:"code"`
+	Password string `json:"password"`
+}
+
+func UpdatePassword(c *fiber.Ctx) error {
+	// 检查权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(UpdatePasswordReq)
+	if err := c.BodyParser(req); err != nil {
+		return err
+	}
+
+	// 验证手机令牌
+	if req.Phone == "" || req.Code == "" {
+		return common.NewErr("user", "手机号码和验证码不能为空")
+	}
+	err = s.Verifier.VerifySms(c.Context(), req.Phone, req.Code)
+	if err != nil {
+		return err
+	}
+
+	// 更新密码
+	newHash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
+	if err != nil {
+		return err
+	}
+
+	_, err = q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		UpdateColumn(q.User.Password, newHash)
+	if err != nil {
+		return err
+	}
+
+	// 返回结果
+	return c.SendStatus(fiber.StatusNoContent)
+}
+
+// endregion
+
+// region /recharge

 type RechargePrepareReq struct {
 	Amount float64 `json:"amount" validate:"required,min=0.01"`