feat: 新增全局操作密码功能,将线下充值验证从登录密码改为统一操作密码
Some checks failed
构建并部署到测试环境(无 SSH) / build-and-deploy (push) Has been cancelled

- 新增 RedisSystemOperationPasswordKey 常量函数(pkg/constants/redis.go)
- 新增 operation_password Service(Set/IsSet/Verify,bcrypt 哈希存 Redis)
- 新增 SuperAdminHandler 及两个接口:
  - POST /api/admin/super-admin/operation-password(设置/重置,仅超级管理员)
  - GET /api/admin/super-admin/operation-password/status(查询是否已设置)
- AgentRecharge.OfflinePay 操作密码验证从"查当前用户登录密码"改为"全局操作密码 Verify"
- Bootstrap/路由/文档生成器同步注册
This commit is contained in:
2026-04-18 09:06:33 +08:00
parent 6e15e1b853
commit 6caf0f6141
17 changed files with 568 additions and 30 deletions

View File

@@ -0,0 +1,71 @@
package admin
import (
"github.com/gofiber/fiber/v2"
"github.com/break/junhong_cmp_fiber/internal/model/dto"
"github.com/break/junhong_cmp_fiber/internal/service/operation_password"
"github.com/break/junhong_cmp_fiber/pkg/constants"
"github.com/break/junhong_cmp_fiber/pkg/errors"
"github.com/break/junhong_cmp_fiber/pkg/middleware"
"github.com/break/junhong_cmp_fiber/pkg/response"
)
// SuperAdminHandler 超级管理员专属操作处理器
type SuperAdminHandler struct {
operationPasswordService *operation_password.Service
}
// NewSuperAdminHandler 创建超级管理员处理器
func NewSuperAdminHandler(operationPasswordService *operation_password.Service) *SuperAdminHandler {
return &SuperAdminHandler{
operationPasswordService: operationPasswordService,
}
}
// SetOperationPassword 设置/修改全局操作密码(仅超级管理员)
// POST /api/admin/super-admin/operation-password
func (h *SuperAdminHandler) SetOperationPassword(c *fiber.Ctx) error {
userType := middleware.GetUserTypeFromContext(c.UserContext())
if userType != constants.UserTypeSuperAdmin {
return errors.New(errors.CodeForbidden, "无权限操作该资源或资源不存在")
}
var req dto.SetOperationPasswordRequest
if err := c.BodyParser(&req); err != nil {
return errors.New(errors.CodeInvalidParam, "请求参数解析失败")
}
if req.Password == "" || req.ConfirmPassword == "" {
return errors.New(errors.CodeInvalidParam)
}
if req.Password != req.ConfirmPassword {
return errors.New(errors.CodeInvalidParam, "两次输入的密码不一致")
}
if len(req.Password) < 6 || len(req.Password) > 50 {
return errors.New(errors.CodeInvalidParam, "密码长度必须在 6~50 位之间")
}
ctx := c.UserContext()
if err := h.operationPasswordService.Set(ctx, req.Password); err != nil {
return err
}
return response.Success(c, nil)
}
// GetOperationPasswordStatus 查询操作密码是否已设置(仅超级管理员)
// GET /api/admin/super-admin/operation-password/status
func (h *SuperAdminHandler) GetOperationPasswordStatus(c *fiber.Ctx) error {
userType := middleware.GetUserTypeFromContext(c.UserContext())
if userType != constants.UserTypeSuperAdmin {
return errors.New(errors.CodeForbidden, "无权限操作该资源或资源不存在")
}
ctx := c.UserContext()
isSet := h.operationPasswordService.IsSet(ctx)
return response.Success(c, &dto.OperationPasswordStatusResponse{IsSet: isSet})
}