ai/routers/users.go

package routers

import (
	"crypto/md5"
	"encoding/json"
	"fmt"
	"main/configs"
	"main/models"
	"main/utils"
	"net/http"
	"strconv"

	"github.com/google/uuid"
	"github.com/gorilla/mux"
)

// 获取用戶列表
func UsersGet(w http.ResponseWriter, r *http.Request) {
	var listview models.ListView
	listview.Page = utils.ParamInt(r.URL.Query().Get("page"), 1)
	listview.PageSize = utils.ParamInt(r.URL.Query().Get("pageSize"), 10)
	var user_list []models.User
	db := configs.ORMDB()
	db.Offset((listview.Page - 1) * listview.PageSize).Limit(listview.PageSize).Find(&user_list).Count(&listview.Total)
	listview.List = user_list
	listview.Next = listview.Page*listview.PageSize < int(listview.Total)
	listview.WriteJSON(w)
}

// 創建用戶
func UsersPost(w http.ResponseWriter, r *http.Request) {
	var data struct {
		Name     string `json:"name"`
		Email    string `json:"email"`
		Mobile   string `json:"mobile"`
		Password string `json:"password"`
		Code     string `json:"code"`
	}
	if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}
	var user models.User
	var count int64
	// 如果是帐号密码注册
	if data.Name != "" && data.Password != "" {
		user.Name = data.Name
		user.Slat = uuid.New().String()
		user.Password = fmt.Sprintf("%x", md5.Sum([]byte(data.Password+user.Slat)))
		configs.ORMDB().Model(&models.User{}).Where("name = ?", user.Name).Count(&count)
		if count > 0 {
			http.Error(w, "用户名已存在", http.StatusBadRequest)
			return
		}
	}
	// 如果是邮箱验证码注册
	if data.Email != "" && data.Code != "" {
		// 检查验证码是否正确
		if err := models.EmailCheck(data.Email, data.Code); err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
			return
		}
		user.Email = data.Email
		user.Name = fmt.Sprintf("user_%s", uuid.New().String()) // 设置一个随机用户名
		configs.ORMDB().Model(&models.User{}).Where("email = ?", user.Email).Count(&count)
		if count > 0 {
			http.Error(w, "邮箱已存在", http.StatusBadRequest)
			return
		}
	}
	// 如果是短信验证码注册
	if data.Mobile != "" && data.Code != "" {
		// 检查验证码是否正确
		if err := models.MobileCheck(data.Mobile, data.Code); err != nil {
			http.Error(w, err.Error(), http.StatusBadRequest)
			return
		}
		user.Mobile = data.Mobile
		user.Name = fmt.Sprintf("user_%s", uuid.New().String()) // 设置一个随机用户名
		configs.ORMDB().Model(&models.User{}).Where("mobile = ?", user.Mobile).Count(&count)
		if count > 0 {
			http.Error(w, "手机号已存在", http.StatusBadRequest)
			return
		}
	}
	// 寫入數據庫
	if err := configs.ORMDB().Create(&user).Error; err != nil {
		w.WriteHeader(http.StatusBadRequest)
		w.Write([]byte("400 - " + err.Error()))
		return
	}
	// 如果是第一個用戶, 設置為管理員
	if user.ID == 1 {
		user.Admin = true
		configs.ORMDB().Save(&user)
	}
	// 返回信息
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.Write(utils.ToJSON(user))
}

// 獲取用戶
func UsersItemGet(w http.ResponseWriter, r *http.Request) {
	user := models.User{ID: utils.ParamInt(mux.Vars(r)["id"], 0)}
	if err := configs.ORMDB().First(&user).Error; err != nil {
		w.WriteHeader(http.StatusNotFound)
		w.Write([]byte("404 - " + err.Error()))
		return
	}
	w.Header().Set("Content-Type", "application/json; charset=utf-8")
	w.Write(utils.ToJSON(user))
}

// 更新用戶
func UsersItemPatch(w http.ResponseWriter, r *http.Request) {
	models.AccountRead(w, r, func(account *models.Account) {
		var form map[string]interface{} = utils.BodyRead(r)
		var user models.User = models.User{ID: utils.ParamInt(mux.Vars(r)["id"], 0)}
		configs.ORMDB().First(&user)

		// 只有自己的賬戶或是管理員才能更新用戶信息
		if account.ID != user.ID && !account.Admin {
			w.WriteHeader(http.StatusForbidden)
			w.Write([]byte("403 - Forbidden"))
			return
		}
		// 用戶不能修改管理員權限, 管理員不能修改自己的管理員權限
		if account.ID == user.ID || !account.Admin {
			delete(form, "admin")
		}

		if name, ok := form["name"].(string); ok {
			user.Name = name
		}
		if email, ok := form["email"].(string); ok {
			user.Email = email
		}
		if password, ok := form["password"].(string); ok {
			user.Slat = uuid.New().String()
			user.Password = fmt.Sprintf("%x", md5.Sum([]byte(password+user.Slat)))
		}
		if admin, ok := form["admin"].(bool); ok {
			user.Admin = admin
		}

		configs.ORMDB().Save(&user)
		w.Header().Set("Content-Type", "application/json; charset=utf-8")
		w.Write(utils.ToJSON(user))
	})
}

// 刪除用戶
func UsersItemDelete(w http.ResponseWriter, r *http.Request) {
	models.AccountRead(w, r, func(account *models.Account) {
		var user models.User = models.User{ID: utils.ParamInt(mux.Vars(r)["id"], 0)}

		// 獲取用戶
		if err := configs.ORMDB().First(&user).Error; err != nil {
			w.WriteHeader(http.StatusNotFound)
			w.Write([]byte("404 - " + err.Error()))
			return
		}

		// 只有自己的賬戶或是管理員才能刪除用戶
		if account.ID != user.ID && !account.Admin {
			w.WriteHeader(http.StatusForbidden)
			w.Write([]byte("403 - 只有自己的賬戶或是管理員才能刪除用戶"))
			return
		}

		// 管理員不能刪除自己
		if account.ID == user.ID && account.Admin {
			w.WriteHeader(http.StatusForbidden)
			w.Write([]byte("403 - 管理員不能刪除自己"))
			return
		}

		configs.ORMDB().Delete(&user)
		w.Header().Set("Content-Type", "application/json; charset=utf-8")
		w.Write(utils.ToJSON(user))
	})
}

// 添加一条喜欢
func UsersItemLike(w http.ResponseWriter, r *http.Request) {
	models.AccountRead(w, r, func(account *models.Account) {
		// 先检查目标用户是否存在
		var user models.User = models.User{ID: utils.ParamInt(mux.Vars(r)["id"], 0)}
		if err := configs.ORMDB().First(&user).Error; err != nil {
			w.WriteHeader(http.StatusNotFound)
			w.Write([]byte("404 - " + err.Error()))
			return
		}
		// 添加喜欢
		models.LikeUser.Add(strconv.Itoa(account.ID), strconv.Itoa(user.ID))
		w.Write([]byte("ok"))
	})
}

// 移除一条喜欢
func UsersItemUnlike(w http.ResponseWriter, r *http.Request) {
	models.AccountRead(w, r, func(account *models.Account) {
		models.LikeUser.Remove(strconv.Itoa(account.ID), mux.Vars(r)["id"])
		w.Write([]byte("ok"))
	})
}