refactor: remove GORM FK associations, handle relations in business layer (v0.6.1)

- Remove Role association field from User model - Remove User association field from Token model - controller/user.go: query Role separately after loading User - controller/token.go: query User and Role with separate DB calls - handler/admin.go: introduce userResp type, build role info manually; batch-load roles in AdminListUsers to avoid N+1 🤖 Generated with [Qoder][https://qoder.com]
2026-02-28 01:56:56 -08:00
parent ef6347a8b4
commit 62e8acf757
5 changed files with 110 additions and 40 deletions
--- a/internal/controller/token.go
+++ b/internal/controller/token.go
@@ -65,13 +65,7 @@ func (tm *tokenManager) Delete(userID uint, tokenID uint) error {
 // Verify looks up a DB API token and returns a Session if valid.
 func (tm *tokenManager) Verify(rawToken string) (*model.Session, error) {
 	var t model.Token
-	err := db.Default.Session().
-		Where("token = ?", rawToken).
-		Preload("User").
-		Preload("User.Role").
-		First(&t).Error
-
-	if err != nil {
+	if err := db.Default.Session().Where("token = ?", rawToken).First(&t).Error; err != nil {
 		return nil, errors.New("无效的 API Token")
 	}

@@ -79,16 +73,30 @@ func (tm *tokenManager) Verify(rawToken string) (*model.Session, error) {
 		return nil, errors.New("API Token 已过期")
 	}

+	var user model.User
+	if err := db.Default.Session().First(&user, t.UserID).Error; err != nil {
+		return nil, errors.New("Token 关联用户不存在")
+	}
+
+	if !user.Active {
+		return nil, errors.New("账号已被禁用")
+	}
+
+	var role model.Role
+	if err := db.Default.Session().First(&role, user.RoleID).Error; err != nil {
+		return nil, errors.New("账号角色异常")
+	}
+
 	// Update last_used_at asynchronously
 	now := time.Now()
 	go db.Default.Session().Model(&t).Update("last_used_at", now) //nolint:errcheck

 	session := &model.Session{
-		UserID:      t.User.ID,
-		Username:    t.User.Username,
-		Role:        t.User.Role.Name,
-		RoleLabel:   t.User.Role.Label,
-		Permissions: t.User.Role.PermissionList(),
+		UserID:      user.ID,
+		Username:    user.Username,
+		Role:        role.Name,
+		RoleLabel:   role.Label,
+		Permissions: role.PermissionList(),
 		LoginAt:     now.Unix(),
 		Token:       rawToken,
 	}
--- a/internal/controller/user.go
+++ b/internal/controller/user.go
@@ -89,7 +89,6 @@ func (um *userManager) Login(username, password string) (*model.Session, error)
 	user := new(model.User)
 	if err := db.Default.Session().
 		Where("username = ? AND active = ?", username, true).
-		Preload("Role").
 		First(user).Error; err != nil {
 		return nil, errors.New("账号或密码错误")
 	}
@@ -98,12 +97,17 @@ func (um *userManager) Login(username, password string) (*model.Session, error)
 		return nil, errors.New("账号或密码错误")
 	}

+	var role model.Role
+	if err := db.Default.Session().First(&role, user.RoleID).Error; err != nil {
+		return nil, errors.New("账号角色异常，请联系管理员")
+	}
+
 	session := &model.Session{
 		UserID:      user.ID,
 		Username:    user.Username,
-		Role:        user.Role.Name,
-		RoleLabel:   user.Role.Label,
-		Permissions: user.Role.PermissionList(),
+		Role:        role.Name,
+		RoleLabel:   role.Label,
+		Permissions: role.PermissionList(),
 		LoginAt:     now.Unix(),
 		Token:       tool.RandomString(32),
 	}