diff --git a/.gitignore b/.gitignore index 65fc9459..50fd818d 100644 --- a/.gitignore +++ b/.gitignore @@ -18,4 +18,6 @@ run_rproxy_local.sh run_server_local.sh run_user_local.sh cmd/csghub-server/__debug_* +run_dataviewer_local.sh + */*/_api_test/ diff --git a/common/types/jwt.go b/common/types/jwt.go index 3b62010f..f9555c75 100644 --- a/common/types/jwt.go +++ b/common/types/jwt.go @@ -8,7 +8,6 @@ import ( type CreateJWTReq struct { UUID string `json:"uuid" binding:"required"` - CurrentUser string `json:"current_user" binding:"required"` Organizations []string `json:"-"` } diff --git a/user/component/jwt.go b/user/component/jwt.go index 3733010b..72df74f7 100644 --- a/user/component/jwt.go +++ b/user/component/jwt.go @@ -30,9 +30,6 @@ func (c *JwtComponent) GenerateToken(ctx context.Context, req types.CreateJWTReq if err != nil { return nil, "", fmt.Errorf("failed to find user by uuid '%s',error: %w", req.UUID, err) } - if u.Username != req.CurrentUser { - return nil, "", fmt.Errorf("user uuid '%s' does not match current user '%s'", req.UUID, req.CurrentUser) - } expireAt := jwt.NewNumericDate(time.Now().Add(c.ValidTime)) claims = &types.JWTClaims{ UUID: u.UUID, diff --git a/user/component/user.go b/user/component/user.go index 2e33bc20..15cf6dfb 100644 --- a/user/component/user.go +++ b/user/component/user.go @@ -344,6 +344,23 @@ func (c *UserComponent) CanAdmin(ctx context.Context, username string) (bool, er return user.CanAdmin(), nil } +// GetInternal get *full* user info by username or uuid +// +// should only be called by other *internal* services +func (c *UserComponent) GetInternal(ctx context.Context, userNameOrUUID string, useUUID bool) (*types.User, error) { + var dbuser = new(database.User) + var err error + if useUUID { + dbuser, err = c.us.FindByUUID(ctx, userNameOrUUID) + } else { + *dbuser, err = c.us.FindByUsername(ctx, userNameOrUUID) + } + if err != nil { + return nil, fmt.Errorf("failed to find user by name or uuid '%s' in db,error:%w", userNameOrUUID, err) + } + return c.buildUserInfo(ctx, dbuser, false) +} + func (c *UserComponent) Get(ctx context.Context, userNameOrUUID, visitorName string, useUUID bool) (*types.User, error) { var dbuser = new(database.User) var err error @@ -371,6 +388,10 @@ func (c *UserComponent) Get(ctx context.Context, userNameOrUUID, visitorName str } } + return c.buildUserInfo(ctx, dbuser, onlyBasicInfo) +} + +func (c *UserComponent) buildUserInfo(ctx context.Context, dbuser *database.User, onlyBasicInfo bool) (*types.User, error) { u := types.User{ Username: dbuser.Username, Nickname: dbuser.NickName, @@ -503,8 +524,7 @@ func (c *UserComponent) Signin(ctx context.Context, code, state string) (*types. }() } hubToken, signed, err := c.jwtc.GenerateToken(ctx, types.CreateJWTReq{ - UUID: dbu.UUID, - CurrentUser: dbu.Username, + UUID: dbu.UUID, }) if err != nil { return nil, "", fmt.Errorf("failed to generate jwt token,error:%w", err) diff --git a/user/handler/user.go b/user/handler/user.go index 7af3f307..0f103a07 100644 --- a/user/handler/user.go +++ b/user/handler/user.go @@ -163,9 +163,16 @@ func (h *UserHandler) Delete(ctx *gin.Context) { // @Router /user/{username} [get] func (h *UserHandler) Get(ctx *gin.Context) { visitorName := httpbase.GetCurrentUser(ctx) + authType := httpbase.GetAuthType(ctx) userNameOrUUID := ctx.Param("username") useUUID := ctx.Query("type") == "uuid" - user, err := h.c.Get(ctx, userNameOrUUID, visitorName, useUUID) + var user *types.User + var err error + if authType == httpbase.AuthTypeApiKey { + user, err = h.c.GetInternal(ctx, userNameOrUUID, useUUID) + } else { + user, err = h.c.Get(ctx, userNameOrUUID, visitorName, useUUID) + } if err != nil { slog.Error("Failed to get user", slog.Any("error", err)) httpbase.ServerError(ctx, err)