⚡ refactor user service methods, implement OIDC login and user management features, and enhance token handling

2025-09-05 16:56:22 +00:00 · 2025-07-22 20:45:05 +08:00
parent f07200b0b9
commit cbe73121f2
17 changed files with 655 additions and 126 deletions
--- a/internal/model/oidc_config.go
+++ b/internal/model/oidc_config.go
@ -2,6 +2,7 @@ package model

 import (
 	"fmt"
+	"github.com/snowykami/neo-blog/internal/dto"
 	"gorm.io/gorm"
 	"resty.dev/v3"
 	"time"
@ -9,14 +10,13 @@ import (

 type OidcConfig struct {
 	gorm.Model
-	Name             string  `gorm:"uniqueIndex"`
-	ClientID         string  `gorm:"column:client_id"`            // 客户端ID
-	ClientSecret     string  `gorm:"column:client_secret"`        // 客户端密钥
-	DisplayName      string  `gorm:"column:display_name"`         // 显示名称，例如：轻雪通行证
-	GroupsClaim      *string `gorm:"default:groups"`              // 组声明，默认为："groups"
-	Icon             *string `gorm:"column:icon"`                 // 图标url，为空则使用内置默认图标
-	OidcDiscoveryUrl string  `gorm:"column:oidc_discovery_url"`   // OpenID自动发现URL，例如 ：https://pass.liteyuki.icu/.well-known/openid-configuration
-	Enabled          bool    `gorm:"column:enabled;default:true"` // 是否启用
+	Name             string `gorm:"uniqueIndex"` // OIDC配置名称，唯一
+	ClientID         string // 客户端ID
+	ClientSecret     string // 客户端密钥
+	DisplayName      string // 显示名称，例如：轻雪通行证
+	Icon             string // 图标url，为空则使用内置默认图标
+	OidcDiscoveryUrl string // OpenID自动发现URL，例如 ：https://pass.liteyuki.icu/.well-known/openid-configuration
+	Enabled          bool   `gorm:"default:true"` // 是否启用
 	// 以下字段为自动获取字段，每次更新配置时自动填充
 	Issuer                string
 	AuthorizationEndpoint string
@ -68,11 +68,6 @@ func updateOidcConfigFromUrl(url string) (*oidcDiscoveryResp, error) {
 }

 func (o *OidcConfig) BeforeSave(tx *gorm.DB) (err error) {
-	// 设置默认值
-	if o.GroupsClaim == nil {
-		defaultGroupsClaim := "groups"
-		o.GroupsClaim = &defaultGroupsClaim
-	}
 	// 只有在创建新记录或更新 OidcDiscoveryUrl 字段时才更新端点信息
 	if tx.Statement.Changed("OidcDiscoveryUrl") {
 		discoveryResp, err := updateOidcConfigFromUrl(o.OidcDiscoveryUrl)
@ -87,3 +82,12 @@ func (o *OidcConfig) BeforeSave(tx *gorm.DB) (err error) {
 	}
 	return nil
 }
+
+// ToDto 不包含LoginUrl，在service层自行实现
+func (o *OidcConfig) ToDto() *dto.OidcConfigDto {
+	return &dto.OidcConfigDto{
+		Name:        o.Name,
+		DisplayName: o.DisplayName,
+		Icon:        o.Icon,
+	}
+}
--- a/internal/model/user.go
+++ b/internal/model/user.go
@ -16,8 +16,17 @@ type User struct {
 	Password  string // 密码，存储加密后的值
 }

+type UserOpenID struct {
+	gorm.Model
+	UserID uint   `gorm:"uniqueIndex"`
+	User   User   `gorm:"foreignKey:UserID;references:ID"`
+	Issuer string `gorm:"index"` // OIDC Issuer
+	Sub    string `gorm:"index"` // OIDC Sub openid
+}
+
 func (user *User) ToDto() *dto.UserDto {
 	return &dto.UserDto{
+		ID:        user.ID,
 		Username:  user.Username,
 		Nickname:  user.Nickname,
 		AvatarUrl: user.AvatarUrl,