Hugging Face's logo

Spaces:
Jack698
/
velo
Sleeping

App Files Community
velo / controller /user.go
Jack698's picture
Jack698
Upload folder using huggingface_hub
adc1e1c verified
raw
history blame contribute delete
31.4 kB
// Copyright (c) 2025 Tethys Plex
//
// This file is part of Veloera.
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <https://www.gnu.org/licenses/>.
package controller
import (
 "encoding/json"
 "errors"
 "fmt"
 "net/http"
 "net/url"
 "strconv"
 "strings"
 "veloera/common"
 "veloera/model"
 "veloera/setting"
"veloera/constant"
 "veloera/middleware"
"github.com/gin-contrib/sessions"
 "github.com/gin-gonic/gin"
)
type LoginRequest struct {
 Username string `json:"username"`
 Password string `json:"password"`
}
func Login(c *gin.Context) {
 if !common.PasswordLoginEnabled {
 c.JSON(http.StatusOK, gin.H{
 "message": "管理员关闭了密码登录",
 "success": false,
 })
 return
 }
 var loginRequest LoginRequest
 err := json.NewDecoder(c.Request.Body).Decode(&loginRequest)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "message": "无效的参数",
 "success": false,
 })
 return
 }
 username := loginRequest.Username
 password := loginRequest.Password
 if username == "" || password == "" {
 c.JSON(http.StatusOK, gin.H{
 "message": "无效的参数",
 "success": false,
 })
 return
 }
 user := model.User{
 Username: username,
 Password: password,
 }
 err = user.ValidateAndFill()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "message": err.Error(),
 "success": false,
 })
 return
 }
 setupLogin(&user, c)
}
// setup session & cookies and then return user info
func setupLogin(user *model.User, c *gin.Context) {
 session := sessions.Default(c)
// Clear any existing session data first
 session.Clear()
 err := session.Save()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "message": "无法清除旧会话信息,请重试",
 "success": false,
 })
 return
 }
// Set new session data
 session.Set("id", user.Id)
 session.Set("username", user.Username)
 session.Set("role", user.Role)
 session.Set("status", user.Status)
 session.Set("group", user.Group)
err = session.Save()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "message": "无法保存会话信息,请重试",
 "success": false,
 })
 return
 }
cleanUser := model.User{
 Id: user.Id,
 Username: user.Username,
 DisplayName: user.DisplayName,
 Role: user.Role,
 Status: user.Status,
 Group: user.Group,
 }
c.JSON(http.StatusOK, gin.H{
 "message": "",
 "success": true,
 "data": cleanUser,
 })
}
func Logout(c *gin.Context) {
 session := sessions.Default(c)
 session.Clear()
 err := session.Save()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "message": err.Error(),
 "success": false,
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "message": "",
 "success": true,
 })
}
func Register(c *gin.Context) {
 if !common.RegisterEnabled {
 c.JSON(http.StatusOK, gin.H{
 "message": "管理员关闭了新用户注册",
 "success": false,
 })
 return
 }
 if !common.PasswordRegisterEnabled {
 c.JSON(http.StatusOK, gin.H{
 "message": "管理员关闭了通过密码进行注册,请使用第三方账户验证的形式进行注册",
 "success": false,
 })
 return
 }
 var user model.User
 err := json.NewDecoder(c.Request.Body).Decode(&user)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的参数",
 })
 return
 }
if err := common.Validate.Struct(&user); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "输入不合法 " + err.Error(),
 })
 return
 }
 if common.EmailVerificationEnabled {
 if user.Email == "" || user.VerificationCode == "" {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "管理员开启了邮箱验证,请输入邮箱地址和验证码",
 })
 return
 }
 if !common.VerifyCodeWithKey(user.Email, user.VerificationCode, common.EmailVerificationPurpose) {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "验证码错误或已过期",
 })
 return
 }
 }
 exist, err := model.CheckUserExistOrDeleted(user.Username, user.Email)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "数据库错误,请稍后重试",
 })
 common.SysError(fmt.Sprintf("CheckUserExistOrDeleted error: %v", err))
 return
 }
 if exist {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "用户名已存在,或已注销",
 })
 return
 }
 affCode := user.AffCode // this code is the inviter's code, not the user's own code
 inviterId, err := model.GetUserIdByAffCode(affCode)
 cleanUser := model.User{
 Username: user.Username,
 Password: user.Password,
 DisplayName: user.Username,
 InviterId: inviterId,
 }
 if common.EmailVerificationEnabled {
 cleanUser.Email = user.Email
 }
 if err := cleanUser.Insert(inviterId); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
// 获取插入后的用户ID
 var insertedUser model.User
 if err := model.DB.Where("username = ?", cleanUser.Username).First(&insertedUser).Error; err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "用户注册失败或用户ID获取失败",
 })
 return
 }
 // 生成默认令牌
 if constant.GenerateDefaultToken {
 key, err := common.GenerateKey()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "生成默认令牌失败",
 })
 common.SysError("failed to generate token key: " + err.Error())
 return
 }
 // 生成默认令牌
 token := model.Token{
 UserId: insertedUser.Id, // 使用插入后的用户ID
 Name: cleanUser.Username + "的初始令牌",
 Key: key,
 CreatedTime: common.GetTimestamp(),
 AccessedTime: common.GetTimestamp(),
 ExpiredTime: -1, // 永不过期
 RemainQuota: 500000, // 示例额度
 UnlimitedQuota: true,
 ModelLimitsEnabled: false,
 }
 if err := token.Insert(); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "创建默认令牌失败",
 })
 return
 }
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
}
func GetAllUsers(c *gin.Context) {
 p, _ := strconv.Atoi(c.Query("p"))
 pageSize, _ := strconv.Atoi(c.Query("page_size"))
 if p < 1 {
 p = 1
 }
 if pageSize < 0 {
 pageSize = common.ItemsPerPage
 }
 users, total, err := model.GetAllUsers((p-1)*pageSize, pageSize)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": gin.H{
 "items": users,
 "total": total,
 "page": p,
 "page_size": pageSize,
 },
 })
 return
}
func SearchUsers(c *gin.Context) {
 keyword := c.Query("keyword")
 group := c.Query("group")
 p, _ := strconv.Atoi(c.Query("p"))
 pageSize, _ := strconv.Atoi(c.Query("page_size"))
 if p < 1 {
 p = 1
 }
 if pageSize < 0 {
 pageSize = common.ItemsPerPage
 }
 startIdx := (p - 1) * pageSize
 users, total, err := model.SearchUsers(keyword, group, startIdx, pageSize)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": gin.H{
 "items": users,
 "total": total,
 "page": p,
 "page_size": pageSize,
 },
 })
 return
}
func GetUser(c *gin.Context) {
 id, err := strconv.Atoi(c.Param("id"))
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 user, err := model.GetUserById(id, false)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 myRole := c.GetInt("role")
 if myRole <= user.Role && myRole != common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无权获取同级或更高等级用户的信息",
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": user,
 })
 return
}
func GenerateAccessToken(c *gin.Context) {
 id := c.GetInt("id")
 user, err := model.GetUserById(id, true)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 // get rand int 28-32
 randI := common.GetRandomInt(4)
 key, err := common.GenerateRandomKey(29 + randI)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "生成失败",
 })
 common.SysError("failed to generate key: " + err.Error())
 return
 }
 user.SetAccessToken(key)
if model.DB.Where("access_token = ?", user.AccessToken).First(user).RowsAffected != 0 {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "请重试,系统生成的 UUID 竟然重复了!",
 })
 return
 }
if err := user.Update(false); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": user.AccessToken,
 })
 return
}
type TransferAffQuotaRequest struct {
 Quota int `json:"quota" binding:"required"`
}
func TransferAffQuota(c *gin.Context) {
 id := c.GetInt("id")
 user, err := model.GetUserById(id, true)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 tran := TransferAffQuotaRequest{}
 if err := c.ShouldBindJSON(&tran); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 err = user.TransferAffQuotaToQuota(tran.Quota)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "划转失败 " + err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "划转成功",
 })
}
func GetAffCode(c *gin.Context) {
 id := c.GetInt("id")
 user, err := model.GetUserById(id, true)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 if user.AffCode == "" {
 user.AffCode = common.GetRandomString(4)
 if err := user.Update(false); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": user.AffCode,
 })
 return
}
func GetSelf(c *gin.Context) {
 id := c.GetInt("id")
 user, err := model.GetUserById(id, false)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": user,
 })
 return
}
func GetUserModels(c *gin.Context) {
 id, err := strconv.Atoi(c.Param("id"))
 if err != nil {
 id = c.GetInt("id")
 }
 user, err := model.GetUserCache(id)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 groups := setting.GetUserUsableGroups(user.Group)
 var models []string
 addedModels := make(map[string]bool) // Track added models to avoid duplicates
// Get prefix channels for the user's group
 prefixChannels := middleware.GetPrefixChannels(user.Group)
 modelPrefixMap := make(map[string][]string) // Map base model to all prefixed versions
for prefix, channels := range prefixChannels {
 if prefix == "" {
 continue // Skip channels without prefixes
 }
 for _, channel := range channels {
 for _, modelName := range channel.GetModels() {
 prefixedModel := prefix + modelName
 // Check if this prefixed model already exists to avoid duplicates
 exists := false
 for _, existing := range modelPrefixMap[modelName] {
 if existing == prefixedModel {
 exists = true
 break
 }
 }
 if !exists {
 modelPrefixMap[modelName] = append(modelPrefixMap[modelName], prefixedModel)
 }
 }
 }
 }
// First add all models with prefixes that are allowed for the user's group
 for group := range groups {
 groupModels := model.GetGroupModels(group)
 for _, baseModel := range groupModels {
 if prefixedModels, ok := modelPrefixMap[baseModel]; ok {
 for _, prefixedModel := range prefixedModels {
 if !addedModels[prefixedModel] {
 models = append(models, prefixedModel)
 addedModels[prefixedModel] = true
 }
 }
 }
 }
 }
// Then add remaining models without prefixes that are allowed for the user's group
 // Only add base models that don't have any prefixed versions already added
 for group := range groups {
 groupModels := model.GetGroupModels(group)
 for _, baseModel := range groupModels {
 // Skip if this base model was already added
 if addedModels[baseModel] {
 continue
 }
// Check if any prefixed version of this base model was already added
 hasAddedPrefixedVersion := false
 if prefixedModels, ok := modelPrefixMap[baseModel]; ok {
 for _, prefixedName := range prefixedModels {
 if addedModels[prefixedName] {
 hasAddedPrefixedVersion = true
 break
 }
 }
 }
// Only add the base model if no prefixed version was added
 if !hasAddedPrefixedVersion {
 models = append(models, baseModel)
 addedModels[baseModel] = true
 }
 }
 }
// 添加虚拟模型到返回列表中
 virtualModels := model.GetAllVirtualModels()
 for _, virtualModel := range virtualModels {
 if !addedModels[virtualModel] {
 models = append(models, virtualModel)
 addedModels[virtualModel] = true
 }
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": models,
 })
 return
}
func UpdateUser(c *gin.Context) {
 var updatedUser model.User
 err := json.NewDecoder(c.Request.Body).Decode(&updatedUser)
 if err != nil || updatedUser.Id == 0 {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的参数",
 })
 return
 }
 if updatedUser.Password == "" {
 updatedUser.Password = "$I_LOVE_U" // make Validator happy :)
 }
 if err := common.Validate.Struct(&updatedUser); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "输入不合法 " + err.Error(),
 })
 return
 }
 originUser, err := model.GetUserById(updatedUser.Id, false)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 myRole := c.GetInt("role")
 if myRole <= originUser.Role && myRole != common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无权更新同权限等级或更高权限等级的用户信息",
 })
 return
 }
 if myRole <= updatedUser.Role && myRole != common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无权将其他用户权限等级提升到大于等于自己的权限等级",
 })
 return
 }
 if updatedUser.Password == "$I_LOVE_U" {
 updatedUser.Password = "" // rollback to what it should be
 }
 updatePassword := updatedUser.Password != ""
 if err := updatedUser.Edit(updatePassword); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 if originUser.Quota != updatedUser.Quota {
 model.RecordLog(originUser.Id, model.LogTypeManage, fmt.Sprintf("管理员将用户额度从 %s修改为 %s", common.LogQuota(originUser.Quota), common.LogQuota(updatedUser.Quota)))
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
}
func UpdateSelf(c *gin.Context) {
 var user model.User
 err := json.NewDecoder(c.Request.Body).Decode(&user)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的参数",
 })
 return
 }
 if user.Password == "" {
 user.Password = "$I_LOVE_U" // make Validator happy :)
 }
 if err := common.Validate.Struct(&user); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "输入不合法 " + err.Error(),
 })
 return
 }
cleanUser := model.User{
 Id: c.GetInt("id"),
 Username: user.Username,
 Password: user.Password,
 DisplayName: user.DisplayName,
 }
 if user.Password == "$I_LOVE_U" {
 user.Password = "" // rollback to what it should be
 cleanUser.Password = ""
 }
 updatePassword := user.Password != ""
 if err := cleanUser.Update(updatePassword); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
}
func DeleteUser(c *gin.Context) {
 id, err := strconv.Atoi(c.Param("id"))
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 originUser, err := model.GetUserById(id, false)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 myRole := c.GetInt("role")
 if myRole <= originUser.Role {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无权删除同权限等级或更高权限等级的用户",
 })
 return
 }
 err = model.HardDeleteUserById(id)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
 }
}
func DeleteSelf(c *gin.Context) {
 id := c.GetInt("id")
 user, _ := model.GetUserById(id, false)
if user.Role == common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "不能删除超级管理员账户",
 })
 return
 }
err := model.DeleteUserById(id)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
}
func CreateUser(c *gin.Context) {
 var user model.User
 err := json.NewDecoder(c.Request.Body).Decode(&user)
 user.Username = strings.TrimSpace(user.Username)
 if err != nil || user.Username == "" || user.Password == "" {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的参数",
 })
 return
 }
 if err := common.Validate.Struct(&user); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "输入不合法 " + err.Error(),
 })
 return
 }
 if user.DisplayName == "" {
 user.DisplayName = user.Username
 }
 myRole := c.GetInt("role")
 if user.Role >= myRole {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无法创建权限大于等于自己的用户",
 })
 return
 }
 // Even for admin users, we cannot fully trust them!
 cleanUser := model.User{
 Username: user.Username,
 Password: user.Password,
 DisplayName: user.DisplayName,
 }
 if err := cleanUser.Insert(0); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
}
type ManageRequest struct {
 Id int `json:"id"`
 Action string `json:"action"`
}
// ManageUser Only admin user can do this
func ManageUser(c *gin.Context) {
 var req ManageRequest
 err := json.NewDecoder(c.Request.Body).Decode(&req)
if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的参数",
 })
 return
 }
 user := model.User{
 Id: req.Id,
 }
 // Fill attributes
 model.DB.Unscoped().Where(&user).First(&user)
 if user.Id == 0 {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "用户不存在",
 })
 return
 }
 myRole := c.GetInt("role")
 if myRole <= user.Role && myRole != common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无权更新同权限等级或更高权限等级的用户信息",
 })
 return
 }
 switch req.Action {
 case "disable":
 user.Status = common.UserStatusDisabled
 if user.Role == common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无法禁用超级管理员用户",
 })
 return
 }
 case "enable":
 user.Status = common.UserStatusEnabled
 case "delete":
 if user.Role == common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无法删除超级管理员用户",
 })
 return
 }
 if err := user.Delete(); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 case "promote":
 if myRole != common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "普通管理员用户无法提升其他用户为管理员",
 })
 return
 }
 if user.Role >= common.RoleAdminUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "该用户已经是管理员",
 })
 return
 }
 user.Role = common.RoleAdminUser
 case "demote":
 if user.Role == common.RoleRootUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无法降级超级管理员用户",
 })
 return
 }
 if user.Role == common.RoleCommonUser {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "该用户已经是普通用户",
 })
 return
 }
 user.Role = common.RoleCommonUser
 }
if err := user.Update(false); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 clearUser := model.User{
 Role: user.Role,
 Status: user.Status,
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": clearUser,
 })
 return
}
func EmailBind(c *gin.Context) {
 email := c.Query("email")
 code := c.Query("code")
 if !common.VerifyCodeWithKey(email, code, common.EmailVerificationPurpose) {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "验证码错误或已过期",
 })
 return
 }
 session := sessions.Default(c)
 id := session.Get("id")
 user := model.User{
 Id: id.(int),
 }
 err := user.FillUserById()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 user.Email = email
 // no need to check if this email already taken, because we have used verification code to check it
 err = user.Update(false)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 })
 return
}
type topUpRequest struct {
 Key string `json:"key"`
}
func TopUp(c *gin.Context) {
 req := topUpRequest{}
 err := c.ShouldBindJSON(&req)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
// Validate turnstile if enabled
 if common.TurnstileCheckEnabled {
 response := c.Query("turnstile")
 if response == "" {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "Turnstile token 为空",
 })
 return
 }
rawRes, err := http.PostForm("https://challenges.cloudflare.com/turnstile/v0/siteverify", url.Values{
 "secret": {common.TurnstileSecretKey},
 "response": {response},
 "remoteip": {c.ClientIP()},
 })
 if err != nil {
 common.SysError(err.Error())
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 defer rawRes.Body.Close()
var res struct {
 Success bool `json:"success"`
 }
 err = json.NewDecoder(rawRes.Body).Decode(&res)
 if err != nil {
 common.SysError(err.Error())
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
if !res.Success {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "Turnstile 校验失败,请刷新重试!",
 })
 return
 }
 }
id := c.GetInt("id")
 quota, isGift, err := model.Redeem(req.Key, id) // 修改这里,接收所有三个返回值
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": gin.H{
 "quota": quota,
 "is_gift": isGift, // 可以选择返回给前端,用于显示不同的提示信息
 },
 })
 return
}
type UpdateUserSettingRequest struct {
 QuotaWarningType string `json:"notify_type"`
 QuotaWarningThreshold float64 `json:"quota_warning_threshold"`
 WebhookUrl string `json:"webhook_url,omitempty"`
 WebhookSecret string `json:"webhook_secret,omitempty"`
 NotificationEmail string `json:"notification_email,omitempty"`
 AcceptUnsetModelRatioModel bool `json:"accept_unset_model_ratio_model"`
 ShowIPInLogs bool `json:"show_ip_in_logs"`
}
func UpdateUserSetting(c *gin.Context) {
 var req UpdateUserSettingRequest
 if err := c.ShouldBindJSON(&req); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的参数",
 })
 return
 }
// 验证预警类型
 if req.QuotaWarningType != constant.NotifyTypeEmail && req.QuotaWarningType != constant.NotifyTypeWebhook {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的预警类型",
 })
 return
 }
// 验证预警阈值
 if req.QuotaWarningThreshold <= 0 {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "预警阈值必须大于0",
 })
 return
 }
// 验证IP日志设置 (布尔值无需额外验证,但可以添加业务逻辑检查)
 // ShowIPInLogs 是布尔类型,Go会自动处理true/false值
// 如果是webhook类型,验证webhook地址
 if req.QuotaWarningType == constant.NotifyTypeWebhook {
 if req.WebhookUrl == "" {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "Webhook地址不能为空",
 })
 return
 }
 // 验证URL格式
 if _, err := url.ParseRequestURI(req.WebhookUrl); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的Webhook地址",
 })
 return
 }
 }
// 如果提供了通知邮箱,添加到设置中
 if req.QuotaWarningType == constant.NotifyTypeEmail && req.NotificationEmail != "" {
 // 验证邮箱格式
 if !strings.Contains(req.NotificationEmail, "@") {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "无效的邮箱地址",
 })
 return
 }
 }
userId := c.GetInt("id")
 user, err := model.GetUserById(userId, true)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
// 构建设置
 settings := map[string]interface{}{
 constant.UserSettingNotifyType: req.QuotaWarningType,
 constant.UserSettingQuotaWarningThreshold: req.QuotaWarningThreshold,
 constant.UserAcceptUnsetRatioModel: req.AcceptUnsetModelRatioModel,
 constant.UserSettingShowIPInLogs: req.ShowIPInLogs,
 }
// 如果是webhook类型,添加webhook相关设置
 if req.QuotaWarningType == constant.NotifyTypeWebhook {
 settings[constant.UserSettingWebhookUrl] = req.WebhookUrl
 if req.WebhookSecret != "" {
 settings[constant.UserSettingWebhookSecret] = req.WebhookSecret
 }
 }
// 如果提供了通知邮箱,添加到设置中
 if req.QuotaWarningType == constant.NotifyTypeEmail && req.NotificationEmail != "" {
 settings[constant.UserSettingNotificationEmail] = req.NotificationEmail
 }
// 更新用户设置
 user.SetSetting(settings)
 if err := user.Update(false); err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "更新设置失败: " + err.Error(),
 })
 return
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "设置已更新",
 })
}
// CheckInStatus returns whether a user can check in today
func CheckInStatus(c *gin.Context) {
 id := c.GetInt("id")
 user, err := model.GetUserById(id, true)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "",
 "data": gin.H{
 "can_check_in": user.CanCheckInToday(),
 },
 })
}
// CheckIn performs a daily check-in for the user
func CheckIn(c *gin.Context) {
 // Get check-in settings and validate them
 checkInQuota, checkInMaxQuota, err := getAndValidateCheckInSettings()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
// Validate turnstile if enabled
 if common.TurnstileCheckEnabled {
 session := sessions.Default(c)
 turnstileChecked := session.Get("turnstile")
 if turnstileChecked == nil {
 response := c.Query("turnstile")
 if response == "" {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "Turnstile token 为空",
 })
 return
 }
rawRes, err := http.PostForm("https://challenges.cloudflare.com/turnstile/v0/siteverify", url.Values{
 "secret": {common.TurnstileSecretKey},
 "response": {response},
 "remoteip": {c.ClientIP()},
 })
 if err != nil {
 common.SysError(err.Error())
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
 defer rawRes.Body.Close()
var res struct {
 Success bool `json:"success"`
 }
 err = json.NewDecoder(rawRes.Body).Decode(&res)
 if err != nil {
 common.SysError(err.Error())
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
if !res.Success {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": "Turnstile 校验失败,请刷新重试!",
 })
 return
 }
session.Set("turnstile", true)
 err = session.Save()
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "message": "无法保存会话信息,请重试",
 "success": false,
 })
 return
 }
 }
 }
// Get user and perform check-in
 id := c.GetInt("id")
 user, err := model.GetUserById(id, true)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
reward, err := user.CheckIn(checkInQuota, checkInMaxQuota)
 if err != nil {
 c.JSON(http.StatusOK, gin.H{
 "success": false,
 "message": err.Error(),
 })
 return
 }
c.JSON(http.StatusOK, gin.H{
 "success": true,
 "message": "签到成功",
 "data": gin.H{
 "quota": reward,
 },
 })
}
// getAndValidateCheckInSettings retrieves and validates check-in settings
func getAndValidateCheckInSettings() (checkInQuota, checkInMaxQuota int, err error) {
 common.OptionMapRWMutex.RLock()
 checkInEnabled := common.OptionMap["CheckInEnabled"] == "true"
 checkInQuotaStr := common.OptionMap["CheckInQuota"]
 checkInMaxQuotaStr := common.OptionMap["CheckInMaxQuota"]
 common.OptionMapRWMutex.RUnlock()
if !checkInEnabled {
 return 0, 0, errors.New("签到功能未启用")
 }
checkInQuota, err = strconv.Atoi(checkInQuotaStr)
 if err != nil || checkInQuota <= 0 {
 return 0, 0, errors.New("签到额度配置错误")
 }
checkInMaxQuota = checkInQuota
 if checkInMaxQuotaStr != "" {
 maxQuota, err := strconv.Atoi(checkInMaxQuotaStr)
 if err == nil && maxQuota > checkInQuota {
 checkInMaxQuota = maxQuota
 }
 }
return checkInQuota, checkInMaxQuota, nil
}