refactor: improve error handling and database transactions in 2FA model methods
This commit is contained in:
Seefs
@@ -1,12 +1,12 @@
|
|||||||
package controller
|
package controller
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
"one-api/common"
|
"one-api/common"
|
||||||
"one-api/model"
|
"one-api/model"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
|
||||||
|
|
||||||
"github.com/gin-contrib/sessions"
|
"github.com/gin-contrib/sessions"
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
@@ -530,7 +530,7 @@ func AdminDisable2FA(c *gin.Context) {
|
|||||||
|
|
||||||
// 禁用2FA
|
// 禁用2FA
|
||||||
if err := model.DisableTwoFA(userId); err != nil {
|
if err := model.DisableTwoFA(userId); err != nil {
|
||||||
if strings.Contains(err.Error(), "未启用2FA") {
|
if errors.Is(err, model.ErrTwoFANotEnabled) {
|
||||||
c.JSON(http.StatusOK, gin.H{
|
c.JSON(http.StatusOK, gin.H{
|
||||||
"success": false,
|
"success": false,
|
||||||
"message": "用户未启用2FA",
|
"message": "用户未启用2FA",
|
||||||
|
|||||||
@@ -100,13 +100,16 @@ func (t *TwoFA) Delete() error {
|
|||||||
return errors.New("2FA记录ID不能为空")
|
return errors.New("2FA记录ID不能为空")
|
||||||
}
|
}
|
||||||
|
|
||||||
// 同时删除相关的备用码记录(硬删除)
|
// 使用事务确保原子性
|
||||||
if err := DB.Unscoped().Where("user_id = ?", t.UserId).Delete(&TwoFABackupCode{}).Error; err != nil {
|
return DB.Transaction(func(tx *gorm.DB) error {
|
||||||
return err
|
// 同时删除相关的备用码记录(硬删除)
|
||||||
}
|
if err := tx.Unscoped().Where("user_id = ?", t.UserId).Delete(&TwoFABackupCode{}).Error; err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
// 硬删除2FA记录
|
// 硬删除2FA记录
|
||||||
return DB.Unscoped().Delete(t).Error
|
return tx.Unscoped().Delete(t).Error
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// ResetFailedAttempts 重置失败尝试次数
|
// ResetFailedAttempts 重置失败尝试次数
|
||||||
@@ -139,30 +142,32 @@ func (t *TwoFA) IsLocked() bool {
|
|||||||
|
|
||||||
// CreateBackupCodes 创建备用码
|
// CreateBackupCodes 创建备用码
|
||||||
func CreateBackupCodes(userId int, codes []string) error {
|
func CreateBackupCodes(userId int, codes []string) error {
|
||||||
// 先删除现有的备用码
|
return DB.Transaction(func(tx *gorm.DB) error {
|
||||||
if err := DB.Where("user_id = ?", userId).Delete(&TwoFABackupCode{}).Error; err != nil {
|
// 先删除现有的备用码
|
||||||
return err
|
if err := tx.Where("user_id = ?", userId).Delete(&TwoFABackupCode{}).Error; err != nil {
|
||||||
}
|
|
||||||
|
|
||||||
// 创建新的备用码记录
|
|
||||||
for _, code := range codes {
|
|
||||||
hashedCode, err := common.HashBackupCode(code)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
backupCode := TwoFABackupCode{
|
// 创建新的备用码记录
|
||||||
UserId: userId,
|
for _, code := range codes {
|
||||||
CodeHash: hashedCode,
|
hashedCode, err := common.HashBackupCode(code)
|
||||||
IsUsed: false,
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
backupCode := TwoFABackupCode{
|
||||||
|
UserId: userId,
|
||||||
|
CodeHash: hashedCode,
|
||||||
|
IsUsed: false,
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := tx.Create(&backupCode).Error; err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := DB.Create(&backupCode).Error; err != nil {
|
return nil
|
||||||
return err
|
})
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// ValidateBackupCode 验证并使用备用码
|
// ValidateBackupCode 验证并使用备用码
|
||||||
|
|||||||
Reference in New Issue
Block a user