| | package controller |
| |
|
| | import ( |
| | "bytes" |
| | "encoding/json" |
| | "errors" |
| | "fmt" |
| | "github.com/gin-contrib/sessions" |
| | "github.com/gin-gonic/gin" |
| | "net/http" |
| | "one-api/common" |
| | "one-api/model" |
| | "strconv" |
| | "time" |
| | ) |
| |
|
| | type GitHubOAuthResponse struct { |
| | AccessToken string `json:"access_token"` |
| | Scope string `json:"scope"` |
| | TokenType string `json:"token_type"` |
| | } |
| |
|
| | type GitHubUser struct { |
| | Login string `json:"login"` |
| | Name string `json:"name"` |
| | Email string `json:"email"` |
| | } |
| |
|
| | func getGitHubUserInfoByCode(code string) (*GitHubUser, error) { |
| | if code == "" { |
| | return nil, errors.New("无效的参数") |
| | } |
| | values := map[string]string{"client_id": common.GitHubClientId, "client_secret": common.GitHubClientSecret, "code": code} |
| | jsonData, err := json.Marshal(values) |
| | if err != nil { |
| | return nil, err |
| | } |
| | req, err := http.NewRequest("POST", "https://github.com/login/oauth/access_token", bytes.NewBuffer(jsonData)) |
| | if err != nil { |
| | return nil, err |
| | } |
| | req.Header.Set("Content-Type", "application/json") |
| | req.Header.Set("Accept", "application/json") |
| | client := http.Client{ |
| | Timeout: 5 * time.Second, |
| | } |
| | res, err := client.Do(req) |
| | if err != nil { |
| | common.SysLog(err.Error()) |
| | return nil, errors.New("无法连接至 GitHub 服务器,请稍后重试!") |
| | } |
| | defer res.Body.Close() |
| | var oAuthResponse GitHubOAuthResponse |
| | err = json.NewDecoder(res.Body).Decode(&oAuthResponse) |
| | if err != nil { |
| | return nil, err |
| | } |
| | req, err = http.NewRequest("GET", "https://api.github.com/user", nil) |
| | if err != nil { |
| | return nil, err |
| | } |
| | req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", oAuthResponse.AccessToken)) |
| | res2, err := client.Do(req) |
| | if err != nil { |
| | common.SysLog(err.Error()) |
| | return nil, errors.New("无法连接至 GitHub 服务器,请稍后重试!") |
| | } |
| | defer res2.Body.Close() |
| | var githubUser GitHubUser |
| | err = json.NewDecoder(res2.Body).Decode(&githubUser) |
| | if err != nil { |
| | return nil, err |
| | } |
| | if githubUser.Login == "" { |
| | return nil, errors.New("返回值非法,用户字段为空,请稍后重试!") |
| | } |
| | return &githubUser, nil |
| | } |
| |
|
| | func GitHubOAuth(c *gin.Context) { |
| | session := sessions.Default(c) |
| | username := session.Get("username") |
| | if username != nil { |
| | GitHubBind(c) |
| | return |
| | } |
| |
|
| | if !common.GitHubOAuthEnabled { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": "管理员未开启通过 GitHub 登录以及注册", |
| | }) |
| | return |
| | } |
| | code := c.Query("code") |
| | githubUser, err := getGitHubUserInfoByCode(code) |
| | if err != nil { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": err.Error(), |
| | }) |
| | return |
| | } |
| | user := model.User{ |
| | GitHubId: githubUser.Login, |
| | } |
| | if model.IsGitHubIdAlreadyTaken(user.GitHubId) { |
| | err := user.FillUserByGitHubId() |
| | if err != nil { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": err.Error(), |
| | }) |
| | return |
| | } |
| | } else { |
| | if common.RegisterEnabled { |
| | user.Username = "github_" + strconv.Itoa(model.GetMaxUserId()+1) |
| | if githubUser.Name != "" { |
| | user.DisplayName = githubUser.Name |
| | } else { |
| | user.DisplayName = "GitHub User" |
| | } |
| | user.Email = githubUser.Email |
| | user.Role = common.RoleCommonUser |
| | user.Status = common.UserStatusEnabled |
| |
|
| | if err := user.Insert(0); err != nil { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": err.Error(), |
| | }) |
| | return |
| | } |
| | } else { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": "管理员关闭了新用户注册", |
| | }) |
| | return |
| | } |
| | } |
| |
|
| | if user.Status != common.UserStatusEnabled { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "message": "用户已被封禁", |
| | "success": false, |
| | }) |
| | return |
| | } |
| | setupLogin(&user, c) |
| | } |
| |
|
| | func GitHubBind(c *gin.Context) { |
| | if !common.GitHubOAuthEnabled { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": "管理员未开启通过 GitHub 登录以及注册", |
| | }) |
| | return |
| | } |
| | code := c.Query("code") |
| | githubUser, err := getGitHubUserInfoByCode(code) |
| | if err != nil { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": err.Error(), |
| | }) |
| | return |
| | } |
| | user := model.User{ |
| | GitHubId: githubUser.Login, |
| | } |
| | if model.IsGitHubIdAlreadyTaken(user.GitHubId) { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": "该 GitHub 账户已被绑定", |
| | }) |
| | return |
| | } |
| | session := sessions.Default(c) |
| | id := session.Get("id") |
| | |
| | user.Id = id.(int) |
| | err = user.FillUserById() |
| | if err != nil { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": err.Error(), |
| | }) |
| | return |
| | } |
| | user.GitHubId = githubUser.Login |
| | err = user.Update(false) |
| | if err != nil { |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": false, |
| | "message": err.Error(), |
| | }) |
| | return |
| | } |
| | c.JSON(http.StatusOK, gin.H{ |
| | "success": true, |
| | "message": "bind", |
| | }) |
| | return |
| | } |
| |
|
