⚡ implement user authentication and database initialization, add models for user, comment, label, and OIDC configuration

2025-09-03 15:56:22 +00:00 · 2025-07-22 06:18:23 +08:00
parent 99a3f80e12
commit d1a040617f
23 changed files with 602 additions and 19 deletions
--- a/pkg/constant/constant.go
+++ b/pkg/constant/constant.go
@ -1,6 +1,10 @@
 package constant

 const (
-	ModeDev  = "dev"
-	ModeProd = "prod"
+	ModeDev   = "dev"
+	ModeProd  = "prod"
+	RoleUser  = "user"
+	RoleAdmin = "admin"
+
+	EnvVarPasswordSalt = "PASSWORD_SALT" // 环境变量：密码盐
 )
--- a/pkg/resps/resps.go
+++ b/pkg/resps/resps.go
@ -0,0 +1,38 @@
+package resps
+
+import (
+	"github.com/cloudwego/hertz/pkg/app"
+	"github.com/cloudwego/hertz/pkg/common/utils"
+)
+
+func Custom(c *app.RequestContext, status int, message string, data any) {
+	c.JSON(status, utils.H{
+		"status":  status,
+		"message": message,
+		"data":    data,
+	})
+}
+
+func Ok(c *app.RequestContext, message string, data any) {
+	Custom(c, 200, message, data)
+}
+
+func BadRequest(c *app.RequestContext, message string) {
+	Custom(c, 400, message, nil)
+}
+
+func UnAuthorized(c *app.RequestContext, message string) {
+	Custom(c, 401, message, nil)
+}
+
+func Forbidden(c *app.RequestContext, message string) {
+	Custom(c, 403, message, nil)
+}
+
+func NotFound(c *app.RequestContext, message string) {
+	Custom(c, 404, message, nil)
+}
+
+func InternalServerError(c *app.RequestContext, message string) {
+	Custom(c, 500, message, nil)
+}
--- a/pkg/resps/texts.go
+++ b/pkg/resps/texts.go
@ -0,0 +1,8 @@
+package resps
+
+const (
+	ErrParamInvalid = "invalid request parameters"
+	ErrUnauthorized = "unauthorized access"
+	ErrForbidden    = "access forbidden"
+	ErrNotFound     = "resource not found"
+)
--- a/pkg/utils/env.go
+++ b/pkg/utils/env.go
@ -10,7 +10,11 @@ func init() {
 	_ = godotenv.Load()
 }

-func Getenv(key string, defaultValue ...string) string {
+type envType struct{}
+
+var Env envType
+
+func (e *envType) Get(key string, defaultValue ...string) string {
 	value := os.Getenv(key)
 	if value == "" && len(defaultValue) > 0 {
 		return defaultValue[0]
@ -18,7 +22,7 @@ func Getenv(key string, defaultValue ...string) string {
 	return value
 }

-func GetenvAsInt(key string, defaultValue ...int) int {
+func (e *envType) GetenvAsInt(key string, defaultValue ...int) int {
 	value := os.Getenv(key)
 	if value == "" && len(defaultValue) > 0 {
 		return defaultValue[0]
@ -30,7 +34,7 @@ func GetenvAsInt(key string, defaultValue ...int) int {
 	return intValue
 }

-func GetenvAsBool(key string, defaultValue ...bool) bool {
+func (e *envType) GetenvAsBool(key string, defaultValue ...bool) bool {
 	value := os.Getenv(key)
 	if value == "" && len(defaultValue) > 0 {
 		return defaultValue[0]
--- a/pkg/utils/password.go
+++ b/pkg/utils/password.go
@ -0,0 +1,41 @@
+package utils
+
+import (
+	"crypto/sha256"
+	"encoding/hex"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type PasswordType struct {
+}
+
+var Password = PasswordType{}
+
+// HashPassword 密码哈希函数
+func (u *PasswordType) HashPassword(password string, salt string) (string, error) {
+	saltedPassword := Password.addSalt(password, salt)
+	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(saltedPassword), bcrypt.DefaultCost)
+	if err != nil {
+		return "", err
+	}
+	return string(hashedPassword), nil
+}
+
+// VerifyPassword 验证密码
+func (u *PasswordType) VerifyPassword(password, hashedPassword string, salt string) bool {
+	if len(hashedPassword) == 0 || len(salt) == 0 {
+		// 防止oidc空密码出问题
+		return false
+	}
+	saltedPassword := Password.addSalt(password, salt)
+	err := bcrypt.CompareHashAndPassword([]byte(hashedPassword), []byte(saltedPassword))
+	return err == nil
+}
+
+// addSalt 加盐函数
+func (u *PasswordType) addSalt(password string, salt string) string {
+	combined := password + salt
+	hash := sha256.New()
+	hash.Write([]byte(combined))
+	return hex.EncodeToString(hash.Sum(nil))
+}