Finish the transfiguration feature.

code/rest/preference_controller.go

@@ -75,6 +75,8 @@ func (this *PreferenceController) Edit(writer http.ResponseWriter, request *http
 	record := request.FormValue("record")
 	downloadDirMaxSizeStr := request.FormValue("downloadDirMaxSize")
 	downloadDirMaxNumStr := request.FormValue("downloadDirMaxNum")
+	defaultTotalSizeLimitStr := request.FormValue("defaultTotalSizeLimit")
+	allowRegisterStr := request.FormValue("allowRegister")
 
 	var downloadDirMaxSize int64 = 0
 	if downloadDirMaxSizeStr == "" {
@@ -94,6 +96,20 @@ func (this *PreferenceController) Edit(writer http.ResponseWriter, request *http
 		downloadDirMaxNum = int64(intDownloadDirMaxNum)
 	}
 
+	var defaultTotalSizeLimit int64 = 0
+	if defaultTotalSizeLimitStr == "" {
+		panic("用户默认总限制！")
+	} else {
+		intDefaultTotalSizeLimit, err := strconv.Atoi(defaultTotalSizeLimitStr)
+		this.PanicError(err)
+		defaultTotalSizeLimit = int64(intDefaultTotalSizeLimit)
+	}
+
+	var allowRegister = false
+	if allowRegisterStr == TRUE {
+		allowRegister = true
+	}
+
 	preference := this.preferenceDao.Fetch()
 	preference.Name = name
 	preference.LogoUrl = logoUrl
@@ -102,6 +118,8 @@ func (this *PreferenceController) Edit(writer http.ResponseWriter, request *http
 	preference.Record = record
 	preference.DownloadDirMaxSize = downloadDirMaxSize
 	preference.DownloadDirMaxNum = downloadDirMaxNum
+	preference.DefaultTotalSizeLimit = defaultTotalSizeLimit
+	preference.AllowRegister = allowRegister
 
 	preference = this.preferenceDao.Save(preference)
 

code/rest/preference_dao.go

@@ -21,7 +21,7 @@ func (this *PreferenceDao) Fetch() *Preference {
 
 		if db.Error.Error() == result.DB_ERROR_NOT_FOUND {
 			preference.Name = "蓝眼云盘"
-
+			preference.Version = core.VERSION
 			this.Create(preference)
 			return preference
 		} else {
@@ -29,6 +29,7 @@ func (this *PreferenceDao) Fetch() *Preference {
 		}
 	}
 
+	preference.Version = core.VERSION
 	return preference
 }
 

code/rest/preference_model.go

@@ -13,6 +13,7 @@ type Preference struct {
 	DownloadDirMaxNum     int64  `json:"downloadDirMaxNum" gorm:"type:bigint(20) not null;default:-1"`
 	DefaultTotalSizeLimit int64  `json:"defaultTotalSizeLimit" gorm:"type:bigint(20) not null;default:-1"`
 	AllowRegister         bool   `json:"allowRegister" gorm:"type:tinyint(1) not null;default:0"`
+	Version               string `json:"version" gorm:"-"`
 }
 
 // set File's table name to be `profiles`

code/rest/user_controller.go

@@ -33,6 +33,7 @@ func (this *UserController) RegisterRoutes() map[string]func(writer http.Respons
 
 	//每个Controller需要主动注册自己的路由。
 	routeMap["/api/user/login"] = this.Wrap(this.Login, USER_ROLE_GUEST)
+	routeMap["/api/user/authentication/login"] = this.Wrap(this.AuthenticationLogin, USER_ROLE_GUEST)
 	routeMap["/api/user/register"] = this.Wrap(this.Register, USER_ROLE_GUEST)
 	routeMap["/api/user/edit"] = this.Wrap(this.Edit, USER_ROLE_USER)
 	routeMap["/api/user/detail"] = this.Wrap(this.Detail, USER_ROLE_USER)
@@ -41,10 +42,41 @@ func (this *UserController) RegisterRoutes() map[string]func(writer http.Respons
 	routeMap["/api/user/reset/password"] = this.Wrap(this.ResetPassword, USER_ROLE_ADMINISTRATOR)
 	routeMap["/api/user/page"] = this.Wrap(this.Page, USER_ROLE_ADMINISTRATOR)
 	routeMap["/api/user/toggle/status"] = this.Wrap(this.ToggleStatus, USER_ROLE_ADMINISTRATOR)
+	routeMap["/api/user/transfiguration"] = this.Wrap(this.Transfiguration, USER_ROLE_ADMINISTRATOR)
 
 	return routeMap
 }
 
+func (this *UserController) innerLogin(writer http.ResponseWriter, request *http.Request, user *User) {
+
+	//登录成功，设置Cookie。有效期30天。
+	expiration := time.Now()
+	expiration = expiration.AddDate(0, 0, 30)
+
+	//持久化用户的session.
+	session := &Session{
+		UserUuid:   user.Uuid,
+		Ip:         util.GetIpAddress(request),
+		ExpireTime: expiration,
+	}
+	session.UpdateTime = time.Now()
+	session.CreateTime = time.Now()
+	session = this.sessionDao.Create(session)
+
+	//设置用户的cookie.
+	cookie := http.Cookie{
+		Name:    core.COOKIE_AUTH_KEY,
+		Path:    "/",
+		Value:   session.Uuid,
+		Expires: expiration}
+	http.SetCookie(writer, &cookie)
+
+	//更新用户上次登录时间和ip
+	user.LastTime = time.Now()
+	user.LastIp = util.GetIpAddress(request)
+	this.userDao.Save(user)
+}
+
 //使用用户名和密码进行登录。
 //参数：
 // @username:用户名
@@ -69,33 +101,29 @@ func (this *UserController) Login(writer http.ResponseWriter, request *http.Requ
 		panic(result.BadRequest("用户名或密码错误"))
 	}
 
-	//登录成功，设置Cookie。有效期30天。
+	this.innerLogin(writer, request, user)
-	expiration := time.Now()
-	expiration = expiration.AddDate(0, 0, 30)
 
-	//持久化用户的session.
+	return this.Success(user)
-	session := &Session{
-		UserUuid:   user.Uuid,
-		Ip:         util.GetIpAddress(request),
-		ExpireTime: expiration,
 }
-	session.UpdateTime = time.Now()
-	session.CreateTime = time.Now()
-	session = this.sessionDao.Create(session)
 
-	//设置用户的cookie.
+//使用Authentication进行登录。
-	cookie := http.Cookie{
+func (this *UserController) AuthenticationLogin(writer http.ResponseWriter, request *http.Request) *result.WebResult {
-		Name:    core.COOKIE_AUTH_KEY,
-		Path:    "/",
-		Value:   session.Uuid,
-		Expires: expiration}
-	http.SetCookie(writer, &cookie)
 
-	//更新用户上次登录时间和ip
+	authentication := request.FormValue("authentication")
-	user.LastTime = time.Now()
+	if authentication == "" {
-	user.LastIp = util.GetIpAddress(request)
+		panic(result.BadRequest("authentication 必填"))
-	this.userDao.Save(user)
+	}
+	session := this.sessionDao.FindByUuid(authentication)
+	if session == nil {
+		panic(result.BadRequest("authentication 错误"))
+	}
+	duration := session.ExpireTime.Sub(time.Now())
+	if duration <= 0 {
+		panic(result.BadRequest("登录信息已过期"))
+	}
 
+	user := this.userDao.CheckByUuid(session.UserUuid)
+	this.innerLogin(writer, request, user)
 	return this.Success(user)
 }
 
@@ -105,6 +133,11 @@ func (this *UserController) Register(writer http.ResponseWriter, request *http.R
 	username := request.FormValue("username")
 	password := request.FormValue("password")
 
+	preference := this.preferenceService.Fetch()
+	if !preference.AllowRegister {
+		panic(result.Unauthorized("管理员已禁用自主注册！"))
+	}
+
 	if m, _ := regexp.MatchString(`^[0-9a-zA-Z_]+$`, username); !m {
 		panic(`用户名必填，且只能包含字母，数字和'_''`)
 	}
@@ -115,11 +148,9 @@ func (this *UserController) Register(writer http.ResponseWriter, request *http.R
 
 	//判断重名。
 	if this.userDao.CountByUsername(username) > 0 {
-		panic(result.BadRequest("%s已经被其他用户占用。", username))
+		panic(result.BadRequest("%s已经被使用，请更换。", username))
 	}
 
-	preference := this.preferenceService.Fetch()
-
 	user := &User{
 		Role:      USER_ROLE_USER,
 		Username:  username,
@@ -130,6 +161,9 @@ func (this *UserController) Register(writer http.ResponseWriter, request *http.R
 
 	user = this.userDao.Create(user)
 
+	//做一次登录操作
+	this.innerLogin(writer, request, user)
+
 	return this.Success(user)
 }
 
@@ -291,6 +325,29 @@ func (this *UserController) ToggleStatus(writer http.ResponseWriter, request *ht
 
 }
 
+//变身为指定用户。
+func (this *UserController) Transfiguration(writer http.ResponseWriter, request *http.Request) *result.WebResult {
+
+	uuid := request.FormValue("uuid")
+	currentUser := this.userDao.CheckByUuid(uuid)
+
+	//有效期10分钟
+	expiration := time.Now()
+	expiration = expiration.Add(10 * time.Minute)
+
+	//持久化用户的session.
+	session := &Session{
+		UserUuid:   currentUser.Uuid,
+		Ip:         util.GetIpAddress(request),
+		ExpireTime: expiration,
+	}
+	session.UpdateTime = time.Now()
+	session.CreateTime = time.Now()
+	session = this.sessionDao.Create(session)
+
+	return this.Success(session.Uuid)
+}
+
 //用户修改密码
 func (this *UserController) ChangePassword(writer http.ResponseWriter, request *http.Request) *result.WebResult {