beta

2025-05-23 18:57:11 +08:00 · 2025-05-23 18:57:11 +08:00 · bcd986e3f7
commit bcd986e3f7
parent a45ddf13d5
46 changed files with 6166 additions and 454 deletions
--- a/models/otp.go
+++ b/models/otp.go
@ -0,0 +1,195 @@
+package models
+
+import (
+	"context"
+	"database/sql"
+	"fmt"
+	"time"
+
+	"github.com/jmoiron/sqlx"
+)
+
+// OTP represents a TOTP configuration
+type OTP struct {
+	ID        string    `db:"id" json:"id"`
+	UserID    string    `db:"user_id" json:"user_id"`
+	Name      string    `db:"name" json:"name"`
+	Issuer    string    `db:"issuer" json:"issuer"`
+	Secret    string    `db:"secret" json:"-"` // Never expose secret in JSON
+	Algorithm string    `db:"algorithm" json:"algorithm"`
+	Digits    int       `db:"digits" json:"digits"`
+	Period    int       `db:"period" json:"period"`
+	CreatedAt time.Time `db:"created_at" json:"created_at"`
+	UpdatedAt time.Time `db:"updated_at" json:"updated_at"`
+}
+
+// OTPParams represents common OTP parameters used in creation and update
+type OTPParams struct {
+	Name      string
+	Issuer    string
+	Secret    string
+	Algorithm string
+	Digits    int
+	Period    int
+}
+
+// OTPRepository handles OTP data operations
+type OTPRepository struct {
+	db *sqlx.DB
+}
+
+// NewOTPRepository creates a new OTPRepository
+func NewOTPRepository(db *sqlx.DB) *OTPRepository {
+	return &OTPRepository{db: db}
+}
+
+// FindByID finds an OTP by ID and user ID
+func (r *OTPRepository) FindByID(ctx context.Context, id, userID string) (*OTP, error) {
+	var otp OTP
+	query := `SELECT * FROM otps WHERE id = ? AND user_id = ?`
+	err := r.db.GetContext(ctx, &otp, query, id, userID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, fmt.Errorf("otp not found: %w", err)
+		}
+		return nil, fmt.Errorf("failed to find otp: %w", err)
+	}
+	return &otp, nil
+}
+
+// FindAllByUserID finds all OTPs for a user
+func (r *OTPRepository) FindAllByUserID(ctx context.Context, userID string) ([]*OTP, error) {
+	var otps []*OTP
+	query := `SELECT * FROM otps WHERE user_id = ? ORDER BY created_at DESC`
+	err := r.db.SelectContext(ctx, &otps, query, userID)
+	if err != nil {
+		return nil, fmt.Errorf("failed to find otps: %w", err)
+	}
+	return otps, nil
+}
+
+// Create creates a new OTP
+func (r *OTPRepository) Create(ctx context.Context, otp *OTP) error {
+	query := `
+		INSERT INTO otps (id, user_id, name, issuer, secret, algorithm, digits, period, created_at, updated_at)
+		VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
+	`
+	now := time.Now()
+	otp.CreatedAt = now
+	otp.UpdatedAt = now
+
+	_, err := r.db.ExecContext(
+		ctx,
+		query,
+		otp.ID,
+		otp.UserID,
+		otp.Name,
+		otp.Issuer,
+		otp.Secret,
+		otp.Algorithm,
+		otp.Digits,
+		otp.Period,
+		otp.CreatedAt,
+		otp.UpdatedAt,
+	)
+	if err != nil {
+		return fmt.Errorf("failed to create otp: %w", err)
+	}
+	return nil
+}
+
+// Update updates an existing OTP
+func (r *OTPRepository) Update(ctx context.Context, otp *OTP) error {
+	query := `
+		UPDATE otps
+		SET name = ?, issuer = ?, algorithm = ?, digits = ?, period = ?, updated_at = ?
+		WHERE id = ? AND user_id = ?
+	`
+	otp.UpdatedAt = time.Now()
+
+	result, err := r.db.ExecContext(
+		ctx,
+		query,
+		otp.Name,
+		otp.Issuer,
+		otp.Algorithm,
+		otp.Digits,
+		otp.Period,
+		otp.UpdatedAt,
+		otp.ID,
+		otp.UserID,
+	)
+	if err != nil {
+		return fmt.Errorf("failed to update otp: %w", err)
+	}
+
+	rows, err := result.RowsAffected()
+	if err != nil {
+		return fmt.Errorf("failed to get affected rows: %w", err)
+	}
+
+	if rows == 0 {
+		return fmt.Errorf("otp not found or not owned by user")
+	}
+
+	return nil
+}
+
+// Delete deletes an OTP
+func (r *OTPRepository) Delete(ctx context.Context, id, userID string) error {
+	query := `DELETE FROM otps WHERE id = ? AND user_id = ?`
+	result, err := r.db.ExecContext(ctx, query, id, userID)
+	if err != nil {
+		return fmt.Errorf("failed to delete otp: %w", err)
+	}
+
+	rows, err := result.RowsAffected()
+	if err != nil {
+		return fmt.Errorf("failed to get affected rows: %w", err)
+	}
+
+	if rows == 0 {
+		return fmt.Errorf("otp not found or not owned by user")
+	}
+
+	return nil
+}
+
+// CountByUserID counts the number of OTPs for a user
+func (r *OTPRepository) CountByUserID(ctx context.Context, userID string) (int, error) {
+	var count int
+	query := `SELECT COUNT(*) FROM otps WHERE user_id = ?`
+	err := r.db.GetContext(ctx, &count, query, userID)
+	if err != nil {
+		return 0, fmt.Errorf("failed to count otps: %w", err)
+	}
+	return count, nil
+}
+
+// Transaction executes a function within a transaction
+func (r *OTPRepository) Transaction(ctx context.Context, fn func(*sqlx.Tx) error) error {
+	tx, err := r.db.BeginTxx(ctx, nil)
+	if err != nil {
+		return fmt.Errorf("failed to begin transaction: %w", err)
+	}
+
+	defer func() {
+		if p := recover(); p != nil {
+			tx.Rollback()
+			panic(p)
+		}
+	}()
+
+	if err := fn(tx); err != nil {
+		if rbErr := tx.Rollback(); rbErr != nil {
+			return fmt.Errorf("tx failed: %v, rollback failed: %v", err, rbErr)
+		}
+		return err
+	}
+
+	if err := tx.Commit(); err != nil {
+		return fmt.Errorf("failed to commit transaction: %w", err)
+	}
+
+	return nil
+}
--- a/models/user.go
+++ b/models/user.go
@ -0,0 +1,114 @@
+package models
+
+import (
+	"context"
+	"database/sql"
+	"fmt"
+	"time"
+
+	"github.com/jmoiron/sqlx"
+)
+
+// User represents a user in the system
+type User struct {
+	ID         string    `db:"id" json:"id"`
+	OpenID     string    `db:"openid" json:"openid"`
+	SessionKey string    `db:"session_key" json:"-"`
+	CreatedAt  time.Time `db:"created_at" json:"created_at"`
+	UpdatedAt  time.Time `db:"updated_at" json:"updated_at"`
+}
+
+// UserRepository handles user data operations
+type UserRepository struct {
+	db *sqlx.DB
+}
+
+// NewUserRepository creates a new UserRepository
+func NewUserRepository(db *sqlx.DB) *UserRepository {
+	return &UserRepository{db: db}
+}
+
+// FindByID finds a user by ID
+func (r *UserRepository) FindByID(ctx context.Context, id string) (*User, error) {
+	var user User
+	query := `SELECT * FROM users WHERE id = ?`
+	err := r.db.GetContext(ctx, &user, query, id)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, fmt.Errorf("user not found: %w", err)
+		}
+		return nil, fmt.Errorf("failed to find user: %w", err)
+	}
+	return &user, nil
+}
+
+// FindByOpenID finds a user by OpenID
+func (r *UserRepository) FindByOpenID(ctx context.Context, openID string) (*User, error) {
+	var user User
+	query := `SELECT * FROM users WHERE openid = ?`
+	err := r.db.GetContext(ctx, &user, query, openID)
+	if err != nil {
+		if err == sql.ErrNoRows {
+			return nil, nil // User not found, but not an error
+		}
+		return nil, fmt.Errorf("failed to find user: %w", err)
+	}
+	return &user, nil
+}
+
+// Create creates a new user
+func (r *UserRepository) Create(ctx context.Context, user *User) error {
+	query := `
+		INSERT INTO users (id, openid, session_key, created_at, updated_at)
+		VALUES (?, ?, ?, ?, ?)
+	`
+	now := time.Now()
+	user.CreatedAt = now
+	user.UpdatedAt = now
+
+	_, err := r.db.ExecContext(
+		ctx,
+		query,
+		user.ID,
+		user.OpenID,
+		user.SessionKey,
+		user.CreatedAt,
+		user.UpdatedAt,
+	)
+	if err != nil {
+		return fmt.Errorf("failed to create user: %w", err)
+	}
+	return nil
+}
+
+// Update updates an existing user
+func (r *UserRepository) Update(ctx context.Context, user *User) error {
+	query := `
+		UPDATE users
+		SET session_key = ?, updated_at = ?
+		WHERE id = ?
+	`
+	user.UpdatedAt = time.Now()
+
+	_, err := r.db.ExecContext(
+		ctx,
+		query,
+		user.SessionKey,
+		user.UpdatedAt,
+		user.ID,
+	)
+	if err != nil {
+		return fmt.Errorf("failed to update user: %w", err)
+	}
+	return nil
+}
+
+// Delete deletes a user
+func (r *UserRepository) Delete(ctx context.Context, id string) error {
+	query := `DELETE FROM users WHERE id = ?`
+	_, err := r.db.ExecContext(ctx, query, id)
+	if err != nil {
+		return fmt.Errorf("failed to delete user: %w", err)
+	}
+	return nil
+}