添加后台管理功能

super-coffee · May 17, 2020 · 4244b23 · 4244b23
1 parent 5cd1c94
commit 4244b23
Show file tree

Hide file tree

Showing 8 changed files with 709 additions and 30 deletions.
diff --git a/go.mod b/go.mod
@@ -27,6 +27,7 @@ require (
 	github.com/onsi/ginkgo v1.12.0 // indirect
 	github.com/onsi/gomega v1.10.0 // indirect
 	github.com/peterh/liner v1.2.0 // indirect
+	github.com/revel/revel v0.21.0
 	github.com/sergi/go-diff v1.1.0 // indirect
 	github.com/sirupsen/logrus v1.6.0 // indirect
 	github.com/snowlyg/IrisAdminApi/backend v0.0.0-20200430125255-66139b78ce02

diff --git a/go.sum b/go.sum
@@ -170,6 +170,7 @@ github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/imkira/go-interpol v1.1.0 h1:KIiKr0VSG2CUW1hl1jpiyuzuJeKUUpC8iM1AIE7N1Vk=
 github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA=
+github.com/inconshreveable/log15 v0.0.0-20180818164646-67afb5ed74ec h1:CGkYB1Q7DSsH/ku+to+foV4agt2F2miquaLUgF6L178=
 github.com/inconshreveable/log15 v0.0.0-20180818164646-67afb5ed74ec/go.mod h1:cOaXtrgN4ScfRrD9Bre7U1thNq5RtJ8ZoP4iXVGRj6o=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
@@ -370,9 +371,12 @@ github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R
 github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
+github.com/revel/config v0.21.0 h1:Bw4iXLGAuD/Di2HEhPSOyDywrTlFIXUMbds91lXTtTU=
 github.com/revel/config v0.21.0/go.mod h1:GT4a9px5kDGRqLizcw/md0QFErrhen76toz4qS3oIoI=
+github.com/revel/log15 v2.11.20+incompatible h1:JkA4tbwIo/UGEMumY50zndKq816RQW3LQ0wIpRc+32U=
 github.com/revel/log15 v2.11.20+incompatible/go.mod h1:l0WmLRs+IM1hBl4noJiBc2tZQiOgZyXzS1mdmFt+5Gc=
 github.com/revel/pathtree v0.0.0-20140121041023-41257a1839e9/go.mod h1:TmlwoRLDvgRjoTe6rbsxIaka/CulzYrgfef7iNJcEWY=
+github.com/revel/revel v0.21.0 h1:E6kDJmpJSDb0F8XwbyG5h4ayzpZ+8Wcw2IiPZW/2qSc=
 github.com/revel/revel v0.21.0/go.mod h1:VZWJnHjpDEtuGUuZJ2NO42XryitrtwsdVaJxfDeo5yc=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/russross/blackfriday v0.0.0-20180428102519-11635eb403ff/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
@@ -425,6 +429,7 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
+github.com/twinj/uuid v1.0.0 h1:fzz7COZnDrXGTAOHGuUGYd6sG+JMq+AoE7+Jlu0przk=
 github.com/twinj/uuid v1.0.0/go.mod h1:mMgcE1RHFUFqe5AfiwlINXisXfDGro23fWdPUfOMjRY=
 github.com/ugorji/go v1.1.2/go.mod h1:hnLbHMwcvSihnDhEfx2/BzKp2xb0Y+ErdfYcrs9tkJQ=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
@@ -588,8 +593,10 @@ gopkg.in/ini.v1 v1.51.1 h1:GyboHr4UqMiLUybYjd22ZjQIKEJEpgtLXtuGbR21Oho=
 gopkg.in/ini.v1 v1.51.1/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce h1:xcEWjVhvbDy+nHP67nPDDpbYrY+ILlfndk4bRioVHaU=
 gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
+gopkg.in/natefinch/lumberjack.v2 v2.0.0 h1:1Lc07Kr7qY4U2YPouBjpCLxpiyxIVoxqXgkXLknAOE8=
 gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k=
 gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
+gopkg.in/stack.v0 v0.0.0-20141108040640-9b43fcefddd0 h1:lMH45EKqD8Nf6LwoF+43YOKjOAEEHQRVgDyG8RCV4MU=
 gopkg.in/stack.v0 v0.0.0-20141108040640-9b43fcefddd0/go.mod h1:kl/bNzW/jgTgUOCGDj3XPn9/Hbfhw6pjfBRUnaTioFQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=

diff --git a/main.go b/main.go
@@ -14,7 +14,9 @@ import (
 	"github.com/kataras/iris/v12/middleware/recover"
 	"github.com/kataras/iris/v12/mvc"
 	"github.com/kataras/iris/v12/sessions"
+	"html"
 	"regexp"
+	"strconv"
 	"time"
 )
 
@@ -23,6 +25,9 @@ var (
 	protectUrl = []string{
 		"^/admin",
 	}
+	adminUrl = []string{
+		"^/admin/cf",
+	}
 	Client = netutil.Client(time.Duration(20 * time.Second))
 )
 
@@ -34,7 +39,9 @@ func main() {
 	protect := csrf.Protect([]byte(conf.Sysconfig.CsrfKey), csrf.Secure(false), csrf.ErrorHandler(csrfError))
 	user := mvc.New(app.Party("/", protect))
 	user.Handle(new(RootController))
-	app.RegisterView(iris.Django("./templates", ".html"))
+	temple := iris.Django("./templates", ".html")
+	temple.Reload(conf.Sysconfig.Debug)
+	app.RegisterView(temple)
 	app.OnErrorCode(iris.StatusNotFound, notFound)
 	app.HandleDir("/static", "static")
 	iris.RegisterOnInterrupt(func() {
@@ -76,6 +83,24 @@ func before(ctx iris.Context) {
 			return
 		}
 	}
+	adminProtect := false
+	for i := range adminUrl {
+		match, _ := regexp.MatchString(adminUrl[i], ctx.Path())
+		if match {
+			adminProtect = true
+			break
+		}
+	}
+	if adminProtect {
+		session := sess.Start(ctx)
+		if session.Get("role") != 1 {
+			ctx.ViewData("code", "401 Error")
+			ctx.ViewData("error", `您的用户权限不够<a href="/admin">首页</a>`)
+			ctx.StatusCode(401)
+			ctx.View("error.html")
+			return
+		}
+	}
 	ctx.Next()
 }
 func csrfError(ctx iris.Context) {
@@ -165,7 +190,7 @@ func (c *RootController) PostApiRegister() iris.Map {
 		return iris.Map{"status": false, "data": "请进行行为验证!"}
 	}
 	mail := c.Ctx.FormValue("mail")
-	err := models.Register(c.Ctx.FormValue("name"), mail, c.Ctx.FormValue("password"), c.Ctx.FormValue("repeat-password"))
+	err := models.Register(c.Ctx.FormValue("name"), mail, c.Ctx.FormValue("password"), c.Ctx.FormValue("repeat-password"), c.Ctx.RemoteAddr())
 	if err != nil {
 		return iris.Map{"status": false, "data": err.Error()}
 	}
@@ -185,13 +210,16 @@ func (c *RootController) PostApiVerifypassword() iris.Map {
 	if !result.Success {
 		return iris.Map{"status": false, "data": "请进行行为验证!"}
 	}
-	user, err := models.VerifyPassword(c.Ctx.FormValue("mail"), c.Ctx.FormValue("password"))
+	user, err := models.VerifyPassword(c.Ctx.FormValue("mail"), c.Ctx.FormValue("password"), c.Ctx.RemoteAddr())
 	if err != nil {
 		if conf.Sysconfig.Debug {
 			return iris.Map{"status": false, "data": err.Error()}
 		}
 		return iris.Map{"status": false, "data": "邮箱或密码错误"}
 	}
+	if user.Role == -1 {
+		return iris.Map{"status": false, "data": "用户已被封禁"}
+	}
 	session := sess.Start(c.Ctx)
 	session.Set("name", user.Name)
 	session.Set("role", user.Role)
@@ -303,3 +331,85 @@ func (c *RootController) PostAdminEditUser() iris.Map {
 		"data":   "修改成功",
 	}
 }
+func (c *RootController) GetAdminCf() mvc.Result {
+	session := sess.Start(c.Ctx)
+	keys, err := models.GetKeyByMail(session.GetString("mail"))
+	if err != nil {
+		keys = nil
+	}
+	notice, err := models.ReadSetting("notice")
+	if err != nil {
+		notice = ""
+	}
+
+	return mvc.View{
+		Name: "cf.html",
+		Data: iris.Map{"uid": session.Get("uid"), "csrf": csrf.TemplateField(c.Ctx), "notice": notice, "name": session.Get("name"), "mail": session.Get("mail"), "keys": keys, "role": session.Get("role"), "key": csrf.Token(c.Ctx)},
+	}
+}
+func (c *RootController) GetAdminCfUsersBy(fun, page, pagesize int) iris.Map {
+	if fun == 0 {
+		count, err := models.GetUserCount()
+		if err != nil {
+			return iris.Map{"status": false, "data": err.Error()}
+		}
+		return iris.Map{"status": true, "data": count}
+	}
+	users, err := models.GetPageUsers(page, pagesize)
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	return iris.Map{"status": true, "data": users}
+
+}
+func (c *RootController) PostAdminCfUpset() iris.Map {
+	err := models.WriteSetting("notice", html.UnescapeString(c.Ctx.FormValue("notice")))
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	return iris.Map{"status": true, "data": "修改成功!"}
+}
+func (c *RootController) PostAdminCfBan() iris.Map {
+	id, err := strconv.Atoi(c.Ctx.FormValueDefault("id", "-1"))
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	err = models.BanUser(id)
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	return iris.Map{"status": true, "data": "封禁成功"}
+}
+func (c *RootController) PostAdminCfUnban() iris.Map {
+	id, err := strconv.Atoi(c.Ctx.FormValueDefault("id", "-1"))
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	err = models.UnBanUser(id)
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	return iris.Map{"status": true, "data": "解除封禁成功"}
+}
+func (c *RootController) PostAdminCfRemove() iris.Map {
+	id, err := strconv.Atoi(c.Ctx.FormValueDefault("id", "-1"))
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	err = models.RemoveUser(id)
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	return iris.Map{"status": true, "data": "删除账号成功"}
+}
+func (c *RootController) PostAdminCfReset() iris.Map {
+	id, err := strconv.Atoi(c.Ctx.FormValueDefault("id", "-1"))
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	newPassword, err := models.ResetPasswordById(id)
+	if err != nil {
+		return iris.Map{"status": false, "data": err.Error()}
+	}
+	return iris.Map{"status": true, "data": newPassword}
+}