loveuer/ushare
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat: add user management system with roles and permissions
Some checks failed
/ build ushare (push) Failing after 1m40s
Details
/ clean (push) Successful in 2s
Details

Browse Source 
- Introduce SQLite persistence via GORM (stored at <data>/.ushare.db)
- Add Role model with two built-in roles: admin (all perms) and user (upload only)
- Add three permissions: user_manage, upload, token_manage (reserved)
- Rewrite UserManager: DB-backed login with in-memory session tokens
- Auto-seed default roles and admin user on first startup
- Add AuthPermission middleware for fine-grained permission checks
- Add /api/uauth/me endpoint for current session info
- Add /api/admin/* CRUD routes for user and role management
- Add admin console page (/admin) with user table and role permissions view
- Show admin console link in share page for users with user_manage permission

🤖 Generated with [Qoder][https://qoder.com]
This commit is contained in:
loveuer
2026-02-27 19:40:31 -08:00
parent 909a016a44
commit 5f187bb5d6
13 changed files with 1119 additions and 93 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
internal/api/api.go
View File

@@ -9,6 +9,7 @@ import (
"github.com/loveuer/nf/nft/log"
"github.com/loveuer/nf/nft/tool"
"github.com/loveuer/ushare/internal/handler"
"github.com/loveuer/ushare/internal/model"
"github.com/loveuer/ushare/internal/opt"
)
@@ -19,11 +20,16 @@ func Start(ctx context.Context) <-chan struct{} {
return c.SendStatus(http.StatusOK)
})
app.Get("/ushare/:code", handler.Fetch())
app.Put("/api/ushare/:filename", handler.AuthVerify(), handler.ShareNew()) // 获取上传 code, 分片大小
app.Post("/api/ushare/:code", handler.ShareUpload()) // 分片上传接口
// Auth
app.Post("/api/uauth/login", handler.AuthLogin())
app.Get("/api/uauth/me", handler.AuthVerify(), handler.AuthMe())
// File sharing
app.Get("/ushare/:code", handler.Fetch())
app.Put("/api/ushare/:filename", handler.AuthVerify(), handler.AuthPermission(model.PermUpload), handler.ShareNew())
app.Post("/api/ushare/:code", handler.ShareUpload())
// Local sharing (WebRTC signaling)
{
api := app.Group("/api/ulocal")
api.Post("/register", handler.LocalRegister())
@@ -34,7 +40,17 @@ func Start(ctx context.Context) <-chan struct{} {
api.Get("/ws", handler.LocalWS())
}
// 静态文件服务 - 作为中间件处理
// Admin
{
api := app.Group("/api/admin")
api.Get("/users", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminListUsers())
api.Post("/users", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminCreateUser())
api.Put("/users/:id", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminUpdateUser())
api.Delete("/users/:id", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminDeleteUser())
api.Get("/roles", handler.AuthVerify(), handler.AuthPermission(model.PermUserManage), handler.AdminListRoles())
}
// Frontend static files
app.Use(handler.ServeFrontendMiddleware())
ready := make(chan struct{})