✨ Admin check users' auth factor
This commit is contained in:
parent
182a389180
commit
da15c72fb3
12
.idea/workspace.xml
generated
12
.idea/workspace.xml
generated
@ -4,12 +4,12 @@
|
|||||||
<option name="autoReloadType" value="ALL" />
|
<option name="autoReloadType" value="ALL" />
|
||||||
</component>
|
</component>
|
||||||
<component name="ChangeListManager">
|
<component name="ChangeListManager">
|
||||||
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":sparkles: Admin force confirm account">
|
<list default="true" id="3fefb2c4-b6f9-466b-a523-53352e8d6f95" name="更改" comment=":sparkles: Admin notify one user">
|
||||||
|
<change afterPath="$PROJECT_DIR$/pkg/internal/server/admin/factors_api.go" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/index.go" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/notify_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/notify_api.go" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/pkg/internal/server/admin/user_api.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/server/admin/users_api.go" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/services/events.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/events.go" afterDir="false" />
|
<change beforePath="$PROJECT_DIR$/settings.toml" beforeDir="false" afterPath="$PROJECT_DIR$/settings.toml" afterDir="false" />
|
||||||
<change beforePath="$PROJECT_DIR$/pkg/internal/services/notifications.go" beforeDir="false" afterPath="$PROJECT_DIR$/pkg/internal/services/notifications.go" afterDir="false" />
|
|
||||||
</list>
|
</list>
|
||||||
<option name="SHOW_DIALOG" value="false" />
|
<option name="SHOW_DIALOG" value="false" />
|
||||||
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
<option name="HIGHLIGHT_CONFLICTS" value="true" />
|
||||||
@ -155,7 +155,6 @@
|
|||||||
</option>
|
</option>
|
||||||
</component>
|
</component>
|
||||||
<component name="VcsManagerConfiguration">
|
<component name="VcsManagerConfiguration">
|
||||||
<MESSAGE value=":bug: Fix online condition" />
|
|
||||||
<MESSAGE value=":sparkles: Last seen at" />
|
<MESSAGE value=":sparkles: Last seen at" />
|
||||||
<MESSAGE value=":sparkles: Edit, delete current status" />
|
<MESSAGE value=":sparkles: Edit, delete current status" />
|
||||||
<MESSAGE value=":bug: Fix clear status affected the statutes cleared before" />
|
<MESSAGE value=":bug: Fix clear status affected the statutes cleared before" />
|
||||||
@ -180,7 +179,8 @@
|
|||||||
<MESSAGE value=":recycle: Optimized the initial permission system" />
|
<MESSAGE value=":recycle: Optimized the initial permission system" />
|
||||||
<MESSAGE value=":zap: Optimized audit, event logging system :sparkles: Audit logs :sparkles: Admin edit user permissions" />
|
<MESSAGE value=":zap: Optimized audit, event logging system :sparkles: Audit logs :sparkles: Admin edit user permissions" />
|
||||||
<MESSAGE value=":sparkles: Admin force confirm account" />
|
<MESSAGE value=":sparkles: Admin force confirm account" />
|
||||||
<option name="LAST_COMMIT_MESSAGE" value=":sparkles: Admin force confirm account" />
|
<MESSAGE value=":sparkles: Admin notify one user" />
|
||||||
|
<option name="LAST_COMMIT_MESSAGE" value=":sparkles: Admin notify one user" />
|
||||||
</component>
|
</component>
|
||||||
<component name="VgoProject">
|
<component name="VgoProject">
|
||||||
<settings-migrated>true</settings-migrated>
|
<settings-migrated>true</settings-migrated>
|
||||||
|
40
pkg/internal/server/admin/factors_api.go
Normal file
40
pkg/internal/server/admin/factors_api.go
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
package admin
|
||||||
|
|
||||||
|
import (
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/database"
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/models"
|
||||||
|
"git.solsynth.dev/hydrogen/passport/pkg/internal/server/exts"
|
||||||
|
"github.com/gofiber/fiber/v2"
|
||||||
|
jsoniter "github.com/json-iterator/go"
|
||||||
|
"github.com/samber/lo"
|
||||||
|
)
|
||||||
|
|
||||||
|
func getUserAuthFactors(c *fiber.Ctx) error {
|
||||||
|
userId, _ := c.ParamsInt("user")
|
||||||
|
|
||||||
|
if err := exts.EnsureGrantedPerm(c, "AdminAuthFactors", true); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var factors []models.AuthFactor
|
||||||
|
if err := database.C.Where("account_id = ?", userId).Find(&factors).Error; err != nil {
|
||||||
|
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
encodedResp := lo.Map(factors, func(item models.AuthFactor, idx int) map[string]any {
|
||||||
|
var encoded map[string]any
|
||||||
|
raw, _ := jsoniter.Marshal(item)
|
||||||
|
_ = jsoniter.Unmarshal(raw, &encoded)
|
||||||
|
|
||||||
|
// Blur out the secret if it isn't current rolling email one-time-password
|
||||||
|
if item.Type != models.EmailPasswordFactor && len(item.Secret) != 6 {
|
||||||
|
encoded["secret"] = "**CENSORED**"
|
||||||
|
} else {
|
||||||
|
encoded["secret"] = item.Secret
|
||||||
|
}
|
||||||
|
|
||||||
|
return encoded
|
||||||
|
})
|
||||||
|
|
||||||
|
return c.JSON(encodedResp)
|
||||||
|
}
|
@ -13,6 +13,9 @@ func MapAdminAPIs(app *fiber.App) {
|
|||||||
admin.Post("/notify/all", notifyAllUser)
|
admin.Post("/notify/all", notifyAllUser)
|
||||||
admin.Post("/notify/:user", notifyOneUser)
|
admin.Post("/notify/:user", notifyOneUser)
|
||||||
|
|
||||||
|
admin.Get("/users", listUser)
|
||||||
|
admin.Get("/users/:user", getUser)
|
||||||
|
admin.Get("/users/:user/factors", getUserAuthFactors)
|
||||||
admin.Put("/users/:user/permissions", editUserPermission)
|
admin.Put("/users/:user/permissions", editUserPermission)
|
||||||
admin.Post("/users/:user/confirm", forceConfirmAccount)
|
admin.Post("/users/:user/confirm", forceConfirmAccount)
|
||||||
}
|
}
|
||||||
|
@ -10,6 +10,44 @@ import (
|
|||||||
"github.com/gofiber/fiber/v2"
|
"github.com/gofiber/fiber/v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
func listUser(c *fiber.Ctx) error {
|
||||||
|
take := c.QueryInt("take", 0)
|
||||||
|
offset := c.QueryInt("offset", 0)
|
||||||
|
|
||||||
|
if err := exts.EnsureGrantedPerm(c, "AdminUser", true); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var count int64
|
||||||
|
if err := database.C.Model(&models.Account{}).Count(&count).Error; err != nil {
|
||||||
|
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
|
}
|
||||||
|
var items []models.Account
|
||||||
|
if err := database.C.Offset(offset).Limit(take).Find(&items).Error; err != nil {
|
||||||
|
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.JSON(fiber.Map{
|
||||||
|
"count": count,
|
||||||
|
"data": items,
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
|
func getUser(c *fiber.Ctx) error {
|
||||||
|
userId, _ := c.ParamsInt("user")
|
||||||
|
|
||||||
|
if err := exts.EnsureGrantedPerm(c, "AdminUser", true); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
var user models.Account
|
||||||
|
if err := database.C.Where("id = ?", userId).First(&user).Error; err != nil {
|
||||||
|
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("account was not found: %v", err))
|
||||||
|
}
|
||||||
|
|
||||||
|
return c.JSON(user)
|
||||||
|
}
|
||||||
|
|
||||||
func forceConfirmAccount(c *fiber.Ctx) error {
|
func forceConfirmAccount(c *fiber.Ctx) error {
|
||||||
userId, _ := c.ParamsInt("user")
|
userId, _ := c.ParamsInt("user")
|
||||||
|
|
@ -44,10 +44,10 @@ dsn = "host=localhost user=postgres password=password dbname=hy_passport port=54
|
|||||||
prefix = "passport_"
|
prefix = "passport_"
|
||||||
|
|
||||||
[permissions.default]
|
[permissions.default]
|
||||||
CreatePost = true
|
CreatePosts = true
|
||||||
CreateAttachments = 1048576
|
CreateAttachments = 1048576
|
||||||
|
|
||||||
[permissions.verified]
|
[permissions.verified]
|
||||||
CreateRealm = true
|
CreateRealms = true
|
||||||
CreateArticle = true
|
CreateArticles = true
|
||||||
CreateAttachments = 26214400
|
CreateAttachments = 26214400
|
||||||
|
Loading…
Reference in New Issue
Block a user