diff --git a/middleware/permission.go b/middleware/permission.go new file mode 100644 index 0000000..4cce087 --- /dev/null +++ b/middleware/permission.go @@ -0,0 +1,30 @@ +package middleware + +import ( + "github.com/gin-gonic/gin" + "wireguard-dashboard/constant" + "wireguard-dashboard/model/entity" + "wireguard-dashboard/utils" +) + +// Permission +// @description: 权限验证,一些操作权限 +// @return gin.HandlerFunc +func Permission() gin.HandlerFunc { + return func(c *gin.Context) { + userInfo, ok := c.Get("user") + if !ok { + utils.GinResponse(c).AuthorizationFailed() + c.Abort() + return + } + + if userInfo.(*entity.User).IsAdmin != constant.SuperAdmin { + utils.GinResponse(c).FailedWithMsg("你暂无权限操作") + c.Abort() + return + } + + c.Next() + } +} diff --git a/repository/user.go b/repository/user.go index 5eb1a28..793548c 100644 --- a/repository/user.go +++ b/repository/user.go @@ -78,6 +78,8 @@ func (r user) Save(ent *entity.User) (err error) { defaultPassword := utils.Password().GenerateHashPassword("admin123") if ent.Password == "" { // 没有密码给一个默认密码 ent.Password = defaultPassword + } else { + ent.Password = utils.Password().GenerateHashPassword(ent.Password) } // 没有头像就生成一个头像 diff --git a/route/client.go b/route/client.go index 6693476..8be0b6a 100644 --- a/route/client.go +++ b/route/client.go @@ -9,10 +9,10 @@ import ( func ClientApi(r *gin.RouterGroup) { apiGroup := r.Group("client", middleware.Authorization()) { - apiGroup.GET("list", api.Client().List) // 客户端列表 - apiGroup.POST("save", api.Client().Save) // 新增/编辑客户端 - apiGroup.DELETE(":id", api.Client().Delete) // 删除客户端 - apiGroup.POST("download/:id", api.Client().Download) // 下载客户端配置文件 - apiGroup.POST("generate-qrcode/:id", api.Client().GenerateQrCode) // 生成客户端二维码 + apiGroup.GET("list", api.Client().List) // 客户端列表 + apiGroup.POST("save", middleware.Permission(), api.Client().Save) // 新增/编辑客户端 + apiGroup.DELETE(":id", middleware.Permission(), api.Client().Delete) // 删除客户端 + apiGroup.POST("download/:id", api.Client().Download) // 下载客户端配置文件 + apiGroup.POST("generate-qrcode/:id", api.Client().GenerateQrCode) // 生成客户端二维码 } } diff --git a/route/server.go b/route/server.go index bf1fea4..3173fe7 100644 --- a/route/server.go +++ b/route/server.go @@ -9,7 +9,7 @@ import ( func ServerApi(r *gin.RouterGroup) { apiGroup := r.Group("server", middleware.Authorization()) { - apiGroup.GET("", api.Server().GetServer) // 获取服务端信息 - apiGroup.POST("", api.Server().SaveServer) // 新增/更新服务端信息 + apiGroup.GET("", api.Server().GetServer) // 获取服务端信息 + apiGroup.POST("", middleware.Permission(), api.Server().SaveServer) // 新增/更新服务端信息 } } diff --git a/route/user.go b/route/user.go index b0e2fc6..7b61efe 100644 --- a/route/user.go +++ b/route/user.go @@ -16,11 +16,11 @@ func UserApi(r *gin.RouterGroup) { // 用户登陆后相关的API userApi := r.Group("user", middleware.Authorization()) { - userApi.DELETE("logout", api.UserApi().Logout) // 用户退出登陆 - userApi.GET("", api.UserApi().GetUser) // 获取登陆用户信息 - userApi.POST("save", api.UserApi().Save) // 新增/编辑用户信息 - userApi.POST("change-password", api.UserApi().ChangePassword) // 更改密码 - userApi.GET("list", api.UserApi().List) // 用户列表 - userApi.PUT("change-status", api.UserApi().ChangeUserState) // 变更状态 + userApi.DELETE("logout", api.UserApi().Logout) // 用户退出登陆 + userApi.GET("", api.UserApi().GetUser) // 获取登陆用户信息 + userApi.POST("save", middleware.Permission(), api.UserApi().Save) // 新增/编辑用户信息 + userApi.POST("change-password", api.UserApi().ChangePassword) // 更改密码 + userApi.GET("list", middleware.Permission(), api.UserApi().List) // 用户列表 + userApi.PUT("change-status", middleware.Permission(), api.UserApi().ChangeUserState) // 变更状态 } }