feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
package handler
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
|
|
|
|
|
"github.com/user-management-system/internal/service"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// PasswordResetHandler handles password reset requests
|
|
|
|
|
type PasswordResetHandler struct {
|
|
|
|
|
passwordResetService *service.PasswordResetService
|
|
|
|
|
smsService *service.SMSCodeService
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewPasswordResetHandler creates a new PasswordResetHandler
|
|
|
|
|
func NewPasswordResetHandler(passwordResetService *service.PasswordResetService) *PasswordResetHandler {
|
|
|
|
|
return &PasswordResetHandler{passwordResetService: passwordResetService}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewPasswordResetHandlerWithSMS creates a new PasswordResetHandler with SMS support
|
|
|
|
|
func NewPasswordResetHandlerWithSMS(passwordResetService *service.PasswordResetService, smsService *service.SMSCodeService) *PasswordResetHandler {
|
|
|
|
|
return &PasswordResetHandler{
|
|
|
|
|
passwordResetService: passwordResetService,
|
|
|
|
|
smsService: smsService,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-11 21:23:52 +08:00
|
|
|
// ForgotPassword 忘记密码
|
|
|
|
|
// @Summary 忘记密码
|
|
|
|
|
// @Description 请求密码重置邮件
|
|
|
|
|
// @Tags 密码重置
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body ForgotPasswordRequest true "邮箱地址"
|
|
|
|
|
// @Success 200 {object} Response "密码重置邮件已发送"
|
|
|
|
|
// @Failure 400 {object} Response "请求参数错误"
|
|
|
|
|
// @Router /api/v1/auth/password/forgot [post]
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
func (h *PasswordResetHandler) ForgotPassword(c *gin.Context) {
|
|
|
|
|
var req struct {
|
|
|
|
|
Email string `json:"email" binding:"required"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := h.passwordResetService.ForgotPassword(c.Request.Context(), req.Email); err != nil {
|
|
|
|
|
handleError(c, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "password reset email sent"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
}
|
|
|
|
|
|
2026-04-11 23:38:43 +08:00
|
|
|
// ValidateResetToken 验证密码重置 Token
|
|
|
|
|
// @Summary 验证密码重置 Token
|
|
|
|
|
// @Description 验证密码重置链接中的 Token 是否有效
|
|
|
|
|
// @Tags 密码重置
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param token query string true "重置 Token"
|
|
|
|
|
// @Success 200 {object} Response{data=ValidateTokenResponse} "Token验证结果"
|
|
|
|
|
// @Failure 400 {object} Response "请求参数错误"
|
|
|
|
|
// @Router /api/v1/auth/password/validate [get]
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
func (h *PasswordResetHandler) ValidateResetToken(c *gin.Context) {
|
|
|
|
|
token := c.Query("token")
|
|
|
|
|
if token == "" {
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": "token is required"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
valid, err := h.passwordResetService.ValidateResetToken(c.Request.Context(), token)
|
|
|
|
|
if err != nil {
|
|
|
|
|
handleError(c, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "success", "data": gin.H{"valid": valid}})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
}
|
|
|
|
|
|
2026-04-11 23:38:43 +08:00
|
|
|
// ResetPassword 重置密码
|
|
|
|
|
// @Summary 重置密码
|
|
|
|
|
// @Description 使用 Token 重置密码
|
|
|
|
|
// @Tags 密码重置
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body ResetPasswordRequest true "重置请求"
|
|
|
|
|
// @Success 200 {object} Response "密码重置成功"
|
|
|
|
|
// @Failure 400 {object} Response "请求参数错误"
|
|
|
|
|
// @Router /api/v1/auth/password/reset [post]
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
func (h *PasswordResetHandler) ResetPassword(c *gin.Context) {
|
|
|
|
|
var req struct {
|
|
|
|
|
Token string `json:"token" binding:"required"`
|
|
|
|
|
NewPassword string `json:"new_password" binding:"required"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := h.passwordResetService.ResetPassword(c.Request.Context(), req.Token, req.NewPassword); err != nil {
|
|
|
|
|
handleError(c, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "password reset successful"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ForgotPasswordByPhoneRequest 短信密码重置请求
|
|
|
|
|
type ForgotPasswordByPhoneRequest struct {
|
|
|
|
|
Phone string `json:"phone" binding:"required"`
|
|
|
|
|
}
|
|
|
|
|
|
2026-04-11 23:38:43 +08:00
|
|
|
// ForgotPasswordByPhone 发送短信验证码(忘记密码)
|
|
|
|
|
// @Summary 发送短信验证码(忘记密码)
|
|
|
|
|
// @Description 向绑定的手机号发送短信验证码用于重置密码
|
|
|
|
|
// @Tags 密码重置
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body ForgotPasswordByPhoneRequest true "手机号"
|
|
|
|
|
// @Success 200 {object} Response "验证码发送成功"
|
|
|
|
|
// @Failure 400 {object} Response "请求参数错误"
|
|
|
|
|
// @Failure 503 {object} Response "短信服务未配置"
|
|
|
|
|
// @Router /api/v1/auth/password/sms/forgot [post]
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
func (h *PasswordResetHandler) ForgotPasswordByPhone(c *gin.Context) {
|
|
|
|
|
if h.smsService == nil {
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusServiceUnavailable, gin.H{"code": 503, "message": "SMS service not configured"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var req ForgotPasswordByPhoneRequest
|
|
|
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 获取验证码(不发送,由调用方通过其他渠道发送)
|
|
|
|
|
code, err := h.passwordResetService.ForgotPasswordByPhone(c.Request.Context(), req.Phone)
|
|
|
|
|
if err != nil {
|
|
|
|
|
handleError(c, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if code == "" {
|
|
|
|
|
// 用户不存在,不提示
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "success"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 通过SMS服务发送验证码
|
|
|
|
|
sendReq := &service.SendCodeRequest{
|
|
|
|
|
Phone: req.Phone,
|
|
|
|
|
Purpose: "password_reset",
|
|
|
|
|
}
|
|
|
|
|
_, err = h.smsService.SendCode(c.Request.Context(), sendReq)
|
|
|
|
|
if err != nil {
|
|
|
|
|
handleError(c, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "success"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ResetPasswordByPhoneRequest 短信验证码重置密码请求
|
|
|
|
|
type ResetPasswordByPhoneRequest struct {
|
|
|
|
|
Phone string `json:"phone" binding:"required"`
|
|
|
|
|
Code string `json:"code" binding:"required"`
|
|
|
|
|
NewPassword string `json:"new_password" binding:"required"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ResetPasswordByPhone 通过短信验证码重置密码
|
2026-04-11 23:38:43 +08:00
|
|
|
// @Summary 通过短信验证码重置密码
|
|
|
|
|
// @Description 使用短信验证码重置登录密码
|
|
|
|
|
// @Tags 密码重置
|
|
|
|
|
// @Accept json
|
|
|
|
|
// @Produce json
|
|
|
|
|
// @Param request body ResetPasswordByPhoneRequest true "重置请求"
|
|
|
|
|
// @Success 200 {object} Response "密码重置成功"
|
|
|
|
|
// @Failure 400 {object} Response "请求参数错误"
|
|
|
|
|
// @Failure 401 {object} Response "验证码错误"
|
|
|
|
|
// @Failure 503 {object} Response "短信服务未配置"
|
|
|
|
|
// @Router /api/v1/auth/password/sms/reset [post]
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
func (h *PasswordResetHandler) ResetPasswordByPhone(c *gin.Context) {
|
|
|
|
|
var req ResetPasswordByPhoneRequest
|
|
|
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusBadRequest, gin.H{"code": 400, "message": err.Error()})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err := h.passwordResetService.ResetPasswordByPhone(c.Request.Context(), &service.ResetPasswordByPhoneRequest{
|
|
|
|
|
Phone: req.Phone,
|
|
|
|
|
Code: req.Code,
|
|
|
|
|
NewPassword: req.NewPassword,
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
handleError(c, err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
fix: unify handler response format in multiple handlers
- captcha_handler.go: Fix GenerateCaptcha/VerifyCaptcha to use {code, message, data}
- password_reset_handler.go: Fix all error responses to use {code, message}
- settings_handler.go: Add missing "code" and "message" fields
- sms_handler.go: Fix error responses to use {code, message}
- sso_handler.go: Fix all error responses to use {code, message, data}
- stats_handler.go: Add missing "message" field in success responses
- theme_handler.go: Fix error responses to use {code, message}
- totp_handler.go: Fix all responses to use {code, message, data}
Standardize all JSON responses to {code: 0, message: "success", data: ...} for success
and {code: XXX, message: "..."} for errors.
2026-04-11 13:06:58 +08:00
|
|
|
c.JSON(http.StatusOK, gin.H{"code": 0, "message": "password reset successful"})
|
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers
2026-04-02 11:19:50 +08:00
|
|
|
}
|
