feat!: allow disable user (close #3241)

xhofe · xhofe · commit 3d0065bdcf20 · 2023-02-04T11:44:17.000+08:00
From this commit, the guest user will be disabled by default
diff --git a/internal/bootstrap/data/user.go b/internal/bootstrap/data/user.go
@@ -48,6 +48,7 @@ func initUser() {
 				Role:       model.GUEST,
 				BasePath:   "/",
 				Permission: 0,
+				Disabled:   true,
 			}
 			if err := db.CreateUser(guest); err != nil {
 				panic(err)
diff --git a/internal/model/user.go b/internal/model/user.go
@@ -18,6 +18,7 @@ type User struct {
 	Password string `json:"password"`                                  // password
 	BasePath string `json:"base_path"`                                 // base path
 	Role     int    `json:"role"`                                      // user's role
+	Disabled bool   `json:"disabled"`
 	// Determine permissions by bit
 	//  0: can see hidden files
 	//  1: can access without password
diff --git a/server/handles/user.go b/server/handles/user.go
@@ -67,6 +67,10 @@ func UpdateUser(c *gin.Context) {
 	if req.OtpSecret == "" {
 		req.OtpSecret = user.OtpSecret
 	}
+	if req.Disabled && req.IsAdmin() {
+		common.ErrorStrResp(c, "admin user can not be disabled", 400)
+		return
+	}
 	if err := op.UpdateUser(&req); err != nil {
 		common.ErrorResp(c, err, 500)
 	} else {
diff --git a/server/middlewares/auth.go b/server/middlewares/auth.go
@@ -33,6 +33,11 @@ func Auth(c *gin.Context) {
 			c.Abort()
 			return
 		}
+		if guest.Disabled {
+			common.ErrorStrResp(c, "Guest user is disabled, login please", 401)
+			c.Abort()
+			return
+		}
 		c.Set("user", guest)
 		log.Debugf("use empty token: %+v", guest)
 		c.Next()
@@ -50,6 +55,11 @@ func Auth(c *gin.Context) {
 		c.Abort()
 		return
 	}
+	if user.Disabled {
+		common.ErrorStrResp(c, "Current user is disabled, replace please", 401)
+		c.Abort()
+		return
+	}
 	c.Set("user", user)
 	log.Debugf("use login token: %+v", user)
 	c.Next()

Original file line number	Diff line number	Diff line change
`@@ -48,6 +48,7 @@ func initUser() {`
`48`	`48`	`Role: model.GUEST,`
`49`	`49`	`BasePath: "/",`
`50`	`50`	`Permission: 0,`
	`51`	`+ Disabled: true,`
`51`	`52`	`}`
`52`	`53`	`if err := db.CreateUser(guest); err != nil {`
`53`	`54`	`panic(err)`