feat(user_np): 更新用户认证接口路径与实现

- 修改登录接口路径为 /auth/user/{username}/login，并更新对应处理函数 - 修改注册接口路径为 /auth/user/{username}，并更新对应处理函数 - 将修改密码接口从 PUT /auth/password 改为 PATCH /auth/user/{username} - 新增删除用户接口 DELETE /auth/user/{username} - 新增获取用户信息接口 GET /auth/user/{username}/info - 更新请求体结构，移除冗余的 username 字段，使用路径参数传递用户名 - 实现 DeleteUser、UpdatePassword 等新接口逻辑 - 调整 OpenAPI 文档中各接口的 operationId 和参数定义
2025-09-27 16:25:37 +08:00
parent 9cab95c0f7
commit cf47ef66c3
2 changed files with 81 additions and 30 deletions
--- a/config/user_np/user_np.yaml
+++ b/config/user_np/user_np.yaml
@ -12,10 +12,18 @@ security:
  - ApiKeyAuth: []

 paths:
-  /auth/login:
+  /auth/user/{username}/login:
+    parameters:
+      - name: username
+        in: path
+        example: user_name
+        required: true
+        schema:
+          type: string
    post:
      summary: 用户登录
      description: 使用用户名和密码进行登录
+      operationId: UserLogin
      requestBody:
        required: true
        content:
@ -34,10 +42,19 @@ paths:
        '401':
          description: 认证失败

-  /auth/register:
+  /auth/user/{username}:
+    parameters:
+      - name: username
+        in: path
+        example: user_name
+        required: true
+        schema:
+          type: string
+
    post:
      summary: 用户注册
      description: 创建新用户账户
+      operationId: UserRegister
      requestBody:
        required: true
        content:
@ -52,10 +69,10 @@ paths:
        '409':
          description: 用户名已存在

-  /auth/password:
-    put:
+    patch:
      summary: 修改密码
      description: 修改已登录用户的密码
+      operationId: updatePassword
      security:
        - ApiKeyAuth: []
      requestBody:
@ -72,7 +89,26 @@ paths:
        '401':
          description: 认证失败
    
-  /auth/info:
+    delete:
+      summary: 删除用户
+      description: 删除用户
+      operationId: deleteUser
+      security:
+        - ApiKeyAuth: []
+      responses:
+        '200':
+          description: 用户注销成功
+        '401':
+          description: 认证失败
+    
+  /auth/user/{username}/info:
+    parameters:
+      - name: username
+        in: path
+        example: user_name
+        required: true
+        schema:
+          type: string
    get:
      summary: 获取用户信息
      description: 获取用户信息 json object
@ -116,11 +152,8 @@ components:
    LoginRequest:
      type: object
      required:
-        - username
        - password
      properties:
-        username:
-          type: string
        password:
          type: string

@ -136,11 +169,8 @@ components:
    RegisterRequest:
      type: object
      required:
-        - username
        - password
      properties:
-        username:
-          type: string
        password:
          type: string
        email:
@ -151,14 +181,11 @@ components:
      required:
        - old_password
        - new_password
-        - user_name
      properties:
        old_password:
          type: string
        new_password:
          type: string
-        user_name:
-          type: string

    Error:
      type: object
--- a/internal/bookmarks/user_np.go
+++ b/internal/bookmarks/user_np.go
@ -92,9 +92,9 @@ func (u *UserNPImpl) UnregisterVFSService(username, token string) error {
 	return fmt.Errorf("未知错误")
 }

-// PostAuthLogin 用户登录
-func (u *UserNPImpl) PostAuthLogin(c *gin.Context) {
-	var req api.PostAuthLoginJSONRequestBody
+// UserLogin implements server.ServerInterface.
+func (u *UserNPImpl) UserLogin(c *gin.Context, username string) {
+	var req api.UserLoginJSONRequestBody
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
@ -102,7 +102,7 @@ func (u *UserNPImpl) PostAuthLogin(c *gin.Context) {

 	// 查找用户
 	var user models.UserNP
-	if err := u.db.Where("username = ?", req.Username).First(&user).Error; err != nil {
+	if err := u.db.Where("username = ?", username).First(&user).Error; err != nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": "用户名或密码错误"})
 		return
 	}
@ -119,9 +119,9 @@ func (u *UserNPImpl) PostAuthLogin(c *gin.Context) {
 	})
 }

-// PostAuthRegister 用户注册
-func (u *UserNPImpl) PostAuthRegister(c *gin.Context) {
-	var req api.PostAuthRegisterJSONRequestBody
+// UserRegister implements server.ServerInterface.
+func (u *UserNPImpl) UserRegister(c *gin.Context, username string) {
+	var req api.UserRegisterJSONRequestBody
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
@ -129,14 +129,14 @@ func (u *UserNPImpl) PostAuthRegister(c *gin.Context) {

 	// 检查用户名是否已存在
 	var existingUser models.UserNP
-	if err := u.db.Where("username = ?", req.Username).First(&existingUser).Error; err == nil {
+	if err := u.db.Where("username = ?", username).First(&existingUser).Error; err == nil {
 		c.JSON(http.StatusConflict, gin.H{"error": "用户名已存在"})
 		return
 	}

 	// 创建新用户
 	user := models.UserNP{
-		Username: req.Username,
+		Username: username,
 		Email:    req.Email,
 	}

@ -151,7 +151,7 @@ func (u *UserNPImpl) PostAuthRegister(c *gin.Context) {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": "用户创建失败"})
 	}

-	if token, err := u.RegisterVFSService(req.Username, u.vfsToken); err != nil {
+	if token, err := u.RegisterVFSService(username, u.vfsToken); err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": "无法生成访问令牌"})
 		u.db.Delete(&user)
 	} else {
@ -162,8 +162,32 @@ func (u *UserNPImpl) PostAuthRegister(c *gin.Context) {
 	c.JSON(http.StatusCreated, nil)
 }

-// PutAuthPassword 修改密码
-func (u *UserNPImpl) PutAuthPassword(c *gin.Context) {
+// DeleteUser implements server.ServerInterface.
+func (u *UserNPImpl) DeleteUser(c *gin.Context, username string) {
+	authHeader := c.GetHeader("Authorization")
+	if authHeader == "" {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "缺少访问令牌"})
+		return
+	}
+
+	// 查找用户
+	var user models.UserNP
+	if err := u.db.Where("username = ?", username).First(&user).Error; err != nil {
+		c.JSON(http.StatusNoContent, nil)
+		return
+	}
+
+	if user.Token == nil || *user.Token != authHeader {
+		c.JSON(http.StatusUnauthorized, gin.H{"error": "访问令牌错误"})
+		return
+	}
+
+	u.db.Delete(&user)
+	c.JSON(http.StatusNoContent, nil)
+}
+
+// UpdatePassword implements server.ServerInterface.
+func (u *UserNPImpl) UpdatePassword(c *gin.Context, username string) {
 	// 获取Authorization头中的token
 	authHeader := c.GetHeader("Authorization")
 	if authHeader == "" {
@ -171,7 +195,7 @@ func (u *UserNPImpl) PutAuthPassword(c *gin.Context) {
 		return
 	}

-	var req api.PutAuthPasswordJSONRequestBody
+	var req api.UpdatePasswordJSONRequestBody
 	if err := c.ShouldBindJSON(&req); err != nil {
 		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
 		return
@ -179,7 +203,7 @@ func (u *UserNPImpl) PutAuthPassword(c *gin.Context) {

 	// 查找用户
 	var user models.UserNP
-	if err := u.db.Where("username = ?", req.UserName).First(&user).Error; err != nil {
+	if err := u.db.Where("username = ?", username).First(&user).Error; err != nil {
 		c.JSON(http.StatusUnauthorized, gin.H{"error": "用户不存在"})
 		return
 	}
@ -206,12 +230,12 @@ func (u *UserNPImpl) PutAuthPassword(c *gin.Context) {
 }

 // GetUserInfo implements server.ServerInterface.
-func (u *UserNPImpl) GetUserInfo(c *gin.Context) {
+func (u *UserNPImpl) GetUserInfo(c *gin.Context, username string) {
 	panic("unimplemented")
 }

 // SaveUserInfo implements server.ServerInterface.
-func (u *UserNPImpl) SaveUserInfo(c *gin.Context) {
+func (u *UserNPImpl) SaveUserInfo(c *gin.Context, username string) {
 	panic("unimplemented")
 }