nginx-ui/api/user/user.go

package user

import (
	"github.com/0xJacky/Nginx-UI/internal/user"
	"github.com/0xJacky/Nginx-UI/model"
	"github.com/0xJacky/Nginx-UI/settings"
	"github.com/gin-gonic/gin"
	"github.com/spf13/cast"
	"github.com/uozi-tech/cosy"
	"golang.org/x/crypto/bcrypt"
)

func encryptPassword(ctx *cosy.Ctx[model.User]) {
	if ctx.Payload["password"] == nil {
		delete(ctx.Payload, "password")
		return
	}
	pwd := ctx.Payload["password"].(string)
	if pwd != "" {
		pwdBytes, err := bcrypt.GenerateFromPassword([]byte(pwd), bcrypt.DefaultCost)
		if err != nil {
			ctx.AbortWithError(err)
			return
		}
		ctx.Model.Password = string(pwdBytes)
	} else {
		delete(ctx.Payload, "password")
	}
}

func InitManageUserRouter(g *gin.RouterGroup) {
	c := cosy.Api[model.User]("users")

	c.CreateHook(func(c *cosy.Ctx[model.User]) {
		c.BeforeDecodeHook(encryptPassword)
	})

	c.ModifyHook(func(c *cosy.Ctx[model.User]) {
		c.BeforeDecodeHook(func(ctx *cosy.Ctx[model.User]) {
			if settings.NodeSettings.Demo && ctx.ID == 1 {
				ctx.AbortWithError(user.ErrChangeInitUserPwdInDemo)
			}
		})
		c.BeforeDecodeHook(encryptPassword)
		c.ExecutedHook(func(ctx *cosy.Ctx[model.User]) {
			user.InvalidateUserCache(ctx.ID)

			if ctx.Payload["password"] != nil {
				user.DeleteUserTokens(ctx.ID)
				return
			}

			if status, ok := ctx.Payload["status"]; ok && !cast.ToBool(status) {
				user.DeleteUserTokens(ctx.ID)
			}
		})
	})

	c.DestroyHook(func(c *cosy.Ctx[model.User]) {
		c.BeforeExecuteHook(func(ctx *cosy.Ctx[model.User]) {
			if ctx.ID == 1 {
				ctx.AbortWithError(user.ErrCannotRemoveInitUser)
			}
		})
	})

	c.InitRouter(g)
}