faba565c66
用 Go (Gin + GORM + SQLite) 重写整个后端: - 单二进制部署,不依赖 Python/pip/SDK - net/http 原生客户端,无 Cloudflare TLS 指纹问题 - 多阶段 Dockerfile:Node 构建前端 + Go 构建后端 + Alpine 运行 - 内存占用从 ~95MB 降至 ~3MB - 完整保留所有 API 路由、JWT 认证、API Key 权限、审计日志
68 lines
1.6 KiB
Go
68 lines
1.6 KiB
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"golang.org/x/crypto/bcrypt"
|
|
|
|
"airwallex-admin/config"
|
|
"airwallex-admin/middleware"
|
|
"airwallex-admin/models"
|
|
)
|
|
|
|
type loginRequest struct {
|
|
Username string `json:"username" binding:"required"`
|
|
Password string `json:"password" binding:"required"`
|
|
}
|
|
|
|
func Login(c *gin.Context) {
|
|
var req loginRequest
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"detail": "Invalid request body"})
|
|
return
|
|
}
|
|
|
|
if req.Username != config.Cfg.AdminUsername {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"detail": "Invalid username or password"})
|
|
return
|
|
}
|
|
|
|
passwordHash := models.GetSetting(models.DB, "admin_password_hash")
|
|
if passwordHash == "" {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"detail": "Invalid username or password"})
|
|
return
|
|
}
|
|
|
|
if err := bcrypt.CompareHashAndPassword([]byte(passwordHash), []byte(req.Password)); err != nil {
|
|
c.JSON(http.StatusUnauthorized, gin.H{"detail": "Invalid username or password"})
|
|
return
|
|
}
|
|
|
|
token, err := middleware.GenerateToken(req.Username)
|
|
if err != nil {
|
|
c.JSON(http.StatusInternalServerError, gin.H{"detail": "Failed to generate token"})
|
|
return
|
|
}
|
|
|
|
// Create audit log
|
|
models.DB.Create(&models.AuditLog{
|
|
Action: "login",
|
|
ResourceType: "auth",
|
|
Operator: req.Username,
|
|
IPAddress: c.ClientIP(),
|
|
})
|
|
|
|
c.JSON(http.StatusOK, gin.H{
|
|
"access_token": token,
|
|
"token_type": "bearer",
|
|
})
|
|
}
|
|
|
|
func GetMe(c *gin.Context) {
|
|
username, _ := c.Get("username")
|
|
c.JSON(http.StatusOK, gin.H{
|
|
"username": username,
|
|
})
|
|
}
|