添加用户信息更新接口，掩码敏感信息；修正 ContactQQ 字段命名

web/handlers/user.go

@@ -2,15 +2,145 @@ package handlers
 
 import (
 	"platform/web/auth"
+	"platform/web/common"
+	m "platform/web/models"
 	q "platform/web/queries"
 	s "platform/web/services"
 	"strconv"
 	"time"
 
 	"github.com/gofiber/fiber/v2"
+	"golang.org/x/crypto/bcrypt"
 )
 
-// region recharge
+// region /update
+
+type UpdateUserReq struct {
+	Username      string `json:"username" validate:"omitempty,min=3,max=20"`
+	Email         string `json:"email" validate:"omitempty,email"`
+	ContactQQ     string `json:"contact_qq" validate:"omitempty,qq"`
+	ContactWechat string `json:"contact_wechat" validate:"omitempty,wechat"`
+}
+
+func UpdateUser(c *fiber.Ctx) error {
+	// 检查权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(UpdateUserReq)
+	if err := c.BodyParser(req); err != nil {
+		return err
+	}
+
+	// 更新用户信息
+	_, err = q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		Updates(m.User{
+			Username:      req.Username,
+			Email:         req.Email,
+			ContactQQ:     req.ContactQQ,
+			ContactWechat: req.ContactWechat,
+		})
+	if err != nil {
+		return err
+	}
+
+	// 返回结果
+	return c.SendStatus(fiber.StatusNoContent)
+}
+
+// endregion
+
+// region /update/account
+
+type UpdateAccountReq struct {
+	Username string `json:"username" validate:"omitempty,min=3,max=20"`
+	Password string `json:"password" validate:"omitempty,min=6,max=20"`
+}
+
+func UpdateAccount(c *fiber.Ctx) error {
+	// 检查权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(UpdateAccountReq)
+	if err := c.BodyParser(req); err != nil {
+		return err
+	}
+
+	// 更新用户信息
+	_, err = q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		Updates(m.User{
+			Username: req.Username,
+			Password: req.Password,
+		})
+	if err != nil {
+		return err
+	}
+
+	// 返回结果
+	return c.SendStatus(fiber.StatusNoContent)
+}
+
+// endregion
+
+// region /update/password
+
+type UpdatePasswordReq struct {
+	Phone    string `json:"phone"`
+	Code     string `json:"code"`
+	Password string `json:"password"`
+}
+
+func UpdatePassword(c *fiber.Ctx) error {
+	// 检查权限
+	authCtx, err := auth.Protect(c, []s.PayloadType{s.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+
+	// 解析请求参数
+	req := new(UpdatePasswordReq)
+	if err := c.BodyParser(req); err != nil {
+		return err
+	}
+
+	// 验证手机令牌
+	if req.Phone == "" || req.Code == "" {
+		return common.NewErr("user", "手机号码和验证码不能为空")
+	}
+	err = s.Verifier.VerifySms(c.Context(), req.Phone, req.Code)
+	if err != nil {
+		return err
+	}
+
+	// 更新密码
+	newHash, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
+	if err != nil {
+		return err
+	}
+
+	_, err = q.User.
+		Where(q.User.ID.Eq(authCtx.Payload.Id)).
+		UpdateColumn(q.User.Password, newHash)
+	if err != nil {
+		return err
+	}
+
+	// 返回结果
+	return c.SendStatus(fiber.StatusNoContent)
+}
+
+// endregion
+
+// region /recharge
 
 type RechargePrepareReq struct {
 	Amount float64 `json:"amount" validate:"required,min=0.01"`