Import x-panel source

2026-05-03 11:34:48 +08:00
commit e98e780360
312 changed files with 90189 additions and 0 deletions
--- a/web/service/user.go
+++ b/web/service/user.go
@@ -0,0 +1,123 @@
+package service
+
+import (
+	"errors"
+
+	"x-ui/database"
+	"x-ui/database/model"
+	"x-ui/logger"
+	"x-ui/util/crypto"
+
+	"github.com/xlzd/gotp"
+	"gorm.io/gorm"
+)
+
+type UserService struct {
+	settingService SettingService
+}
+
+func (s *UserService) GetFirstUser() (*model.User, error) {
+	db := database.GetDB()
+
+	user := &model.User{}
+	err := db.Model(model.User{}).
+		First(user).
+		Error
+	if err != nil {
+		return nil, err
+	}
+	return user, nil
+}
+
+func (s *UserService) CheckUser(username string, password string, twoFactorCode string) *model.User {
+	db := database.GetDB()
+
+	user := &model.User{}
+
+	err := db.Model(model.User{}).
+		Where("username = ?", username).
+		First(user).
+		Error
+	if err == gorm.ErrRecordNotFound {
+		return nil
+	} else if err != nil {
+		logger.Warning("check user err:", err)
+		return nil
+	}
+
+	if !crypto.CheckPasswordHash(user.Password, password) {
+		return nil
+	}
+
+	twoFactorEnable, err := s.settingService.GetTwoFactorEnable()
+	if err != nil {
+		logger.Warning("check two factor err:", err)
+		return nil
+	}
+
+	if twoFactorEnable {
+		twoFactorToken, err := s.settingService.GetTwoFactorToken()
+
+		if err != nil {
+			logger.Warning("check two factor token err:", err)
+			return nil
+		}
+
+		if gotp.NewDefaultTOTP(twoFactorToken).Now() != twoFactorCode {
+			return nil
+		}
+	}
+
+	return user
+}
+
+func (s *UserService) UpdateUser(id int, username string, password string) error {
+	db := database.GetDB()
+	hashedPassword, err := crypto.HashPasswordAsBcrypt(password)
+
+	if err != nil {
+		return err
+	}
+
+	twoFactorEnable, err := s.settingService.GetTwoFactorEnable()
+	if err != nil {
+		return err
+	}
+
+	if twoFactorEnable {
+		s.settingService.SetTwoFactorEnable(false)
+		s.settingService.SetTwoFactorToken("")
+	}
+
+	return db.Model(model.User{}).
+		Where("id = ?", id).
+		Updates(map[string]any{"username": username, "password": hashedPassword}).
+		Error
+}
+
+func (s *UserService) UpdateFirstUser(username string, password string) error {
+	if username == "" {
+		return errors.New("username can not be empty")
+	} else if password == "" {
+		return errors.New("password can not be empty")
+	}
+	hashedPassword, er := crypto.HashPasswordAsBcrypt(password)
+
+	if er != nil {
+		return er
+	}
+
+	db := database.GetDB()
+	user := &model.User{}
+	err := db.Model(model.User{}).First(user).Error
+	if database.IsNotFound(err) {
+		user.Username = username
+		user.Password = hashedPassword
+		return db.Model(model.User{}).Create(user).Error
+	} else if err != nil {
+		return err
+	}
+	user.Username = username
+	user.Password = hashedPassword
+	return db.Save(user).Error
+}