feat: 门户网站初始提交
- Go + Gin + html/template 服务端渲染 - 主页:Google 风格搜索框 + 导航卡片 - 后台:卡片 CRUD、搜索引擎配置、主页背景/标题配置 - 图片上传:支持 jpg/jpeg/png/gif,自动压缩,缩略图参数 ?thumb=1 - 安全:登录日志、修改密码、IP 自动封禁、IP 白名单 - 访问统计:主页访问/卡片点击/搜索追踪、实时流量、IP 统计 - SQLite 存储(modernc.org/sqlite,纯 Go) - 内存 Session + bcrypt 密码哈希
This commit is contained in:
@@ -0,0 +1,75 @@
|
||||
package models
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"fmt"
|
||||
|
||||
"simple_portal/database"
|
||||
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
// Admin represents an administrator account.
|
||||
type Admin struct {
|
||||
ID int `json:"id"`
|
||||
Username string `json:"username"`
|
||||
Password string `json:"-"` // Never expose password hash in JSON
|
||||
}
|
||||
|
||||
// GetAdminByUsername returns an admin by username. Returns nil if not found.
|
||||
func GetAdminByUsername(username string) (*Admin, error) {
|
||||
var a Admin
|
||||
err := database.DB.QueryRow(
|
||||
"SELECT id, username, password FROM admins WHERE username = ?",
|
||||
username,
|
||||
).Scan(&a.ID, &a.Username, &a.Password)
|
||||
if err == sql.ErrNoRows {
|
||||
return nil, nil
|
||||
}
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to get admin by username: %w", err)
|
||||
}
|
||||
return &a, nil
|
||||
}
|
||||
|
||||
// CreateAdmin inserts a new admin with a bcrypt-hashed password.
|
||||
func CreateAdmin(username, hashedPassword string) error {
|
||||
_, err := database.DB.Exec(
|
||||
"INSERT INTO admins (username, password) VALUES (?, ?)",
|
||||
username, hashedPassword,
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create admin: %w", err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// VerifyPassword checks if the given plain-text password matches the stored bcrypt hash.
|
||||
// Returns (matched, admin, error).
|
||||
func VerifyPassword(username, password string) (bool, *Admin, error) {
|
||||
admin, err := GetAdminByUsername(username)
|
||||
if err != nil {
|
||||
return false, nil, err
|
||||
}
|
||||
if admin == nil {
|
||||
return false, nil, nil
|
||||
}
|
||||
|
||||
err = bcrypt.CompareHashAndPassword([]byte(admin.Password), []byte(password))
|
||||
if err != nil {
|
||||
return false, nil, nil
|
||||
}
|
||||
return true, admin, nil
|
||||
}
|
||||
|
||||
// ChangePassword updates the password hash for an admin by ID.
|
||||
func ChangePassword(adminID int, newHashedPassword string) error {
|
||||
_, err := database.DB.Exec(
|
||||
"UPDATE admins SET password = ? WHERE id = ?",
|
||||
newHashedPassword, adminID,
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to change password: %w", err)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
Reference in New Issue
Block a user