d96a9f384a
## Merged Features from sub2apipro - Sora video generation integration (OpenAI Sora API) - Group management enhancements - Usage log improvements - Security headers middleware ## Chinese Model Pricing Updates - GLM-5, GLM-5-Turbo, GLM-5.1, GLM-4.7, GLM-4.5-Air - Baichuan4, Baichuan4-Turbo, Baichuan4-Air, Baichuan-M3-Plus - DeepSeek-V3, DeepSeek-V3.2, DeepSeek-R1 - Qwen3-8B (free), Qwen2.5-72B-Instruct ## URL Whitelist Additions - api.baichuan-ai.com (百川智能) - api.siliconflow.cn (硅基流动) - api.z.ai (智谱国际) - api.groq.com (Groq加速推理) ## Documentation - Added merge guide (docs/MERGE_GUIDE.md) - Added quick reference (docs/MERGE_QUICKREF.md) - Added review reports (docs/reviews/)
79 lines
1.9 KiB
Go
79 lines
1.9 KiB
Go
package service
|
|
|
|
import (
|
|
"time"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
type User struct {
|
|
ID int64
|
|
Email string
|
|
Username string
|
|
Notes string
|
|
PasswordHash string
|
|
Role string
|
|
Balance float64
|
|
Concurrency int
|
|
Status string
|
|
AllowedGroups []int64
|
|
TokenVersion int64 // Incremented on password change to invalidate existing tokens
|
|
CreatedAt time.Time
|
|
UpdatedAt time.Time
|
|
|
|
// GroupRates 用户专属分组倍率配置
|
|
// map[groupID]rateMultiplier
|
|
GroupRates map[int64]float64
|
|
|
|
// TOTP 双因素认证字段
|
|
TotpSecretEncrypted *string // AES-256-GCM 加密的 TOTP 密钥
|
|
TotpEnabled bool // 是否启用 TOTP
|
|
TotpEnabledAt *time.Time // TOTP 启用时间
|
|
|
|
// Sora 存储配额 (从本地版本合并)
|
|
SoraStorageQuotaBytes int64
|
|
SoraStorageUsedBytes int64
|
|
|
|
APIKeys []APIKey
|
|
Subscriptions []UserSubscription
|
|
}
|
|
|
|
func (u *User) IsAdmin() bool {
|
|
return u.Role == RoleAdmin
|
|
}
|
|
|
|
func (u *User) IsActive() bool {
|
|
return u.Status == StatusActive
|
|
}
|
|
|
|
// CanBindGroup checks whether a user can bind to a given group.
|
|
// For standard groups:
|
|
// - Public groups (non-exclusive): all users can bind
|
|
// - Exclusive groups: only users with the group in AllowedGroups can bind
|
|
func (u *User) CanBindGroup(groupID int64, isExclusive bool) bool {
|
|
// 公开分组(非专属):所有用户都可以绑定
|
|
if !isExclusive {
|
|
return true
|
|
}
|
|
// 专属分组:需要在 AllowedGroups 中
|
|
for _, id := range u.AllowedGroups {
|
|
if id == groupID {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
func (u *User) SetPassword(password string) error {
|
|
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
u.PasswordHash = string(hash)
|
|
return nil
|
|
}
|
|
|
|
func (u *User) CheckPassword(password string) bool {
|
|
return bcrypt.CompareHashAndPassword([]byte(u.PasswordHash), []byte(password)) == nil
|
|
}
|