7f238a3168
- Add Workspace domain (entity, repository, service, handler, DTO) - Add multi-tenant K8s client with tenant binding and quota management - Add K8s diagnostics client (instance diagnostics) - Add authorization middleware (authz package) - Restructure frontend to feature-based architecture (features/) - Add User Management page in configuration - Add AccessDenied page and route guards - Refactor shared components (form inputs, layout, UI) - Update Tailwind config for new design system - Add comprehensive documentation (docs/, tasks/, plans) - Improve cluster service with better kubeconfig handling - Add tests for crypto, config, helm client, tenant binding
67 lines
1.5 KiB
Go
67 lines
1.5 KiB
Go
package entity
|
||
|
||
import (
|
||
"time"
|
||
)
|
||
|
||
// User 用户领域实体
|
||
type User struct {
|
||
ID string
|
||
Username string
|
||
PasswordHash string
|
||
Email string
|
||
Role string
|
||
WorkspaceID string
|
||
IsActive bool
|
||
MustChangePassword bool
|
||
RevokedAfter time.Time // 全局 Token 撤销时间
|
||
CreatedAt time.Time
|
||
UpdatedAt time.Time
|
||
}
|
||
|
||
// NewUser 创建新用户
|
||
func NewUser(username, passwordHash, email string) *User {
|
||
now := time.Now()
|
||
return &User{
|
||
Username: username,
|
||
PasswordHash: passwordHash,
|
||
Email: email,
|
||
Role: "user",
|
||
WorkspaceID: DefaultWorkspaceID,
|
||
IsActive: true,
|
||
RevokedAfter: time.Unix(0, 0), // 初始值:1970-01-01
|
||
CreatedAt: now,
|
||
UpdatedAt: now,
|
||
}
|
||
}
|
||
|
||
// UpdatePassword 更新密码(会触发全局登出)
|
||
func (u *User) UpdatePassword(newPasswordHash string) {
|
||
u.PasswordHash = newPasswordHash
|
||
u.RevokedAfter = time.Now() // 撤销所有旧 Token
|
||
u.UpdatedAt = time.Now()
|
||
}
|
||
|
||
// RevokeAllTokens 撤销所有 Token(强制全局登出)
|
||
func (u *User) RevokeAllTokens() {
|
||
u.RevokedAfter = time.Now()
|
||
u.UpdatedAt = time.Now()
|
||
}
|
||
|
||
// Validate 验证用户数据
|
||
func (u *User) Validate() error {
|
||
if u.Username == "" {
|
||
return ErrInvalidUsername
|
||
}
|
||
if u.PasswordHash == "" {
|
||
return ErrInvalidPassword
|
||
}
|
||
if u.Role == "" {
|
||
u.Role = "user"
|
||
}
|
||
if u.WorkspaceID == "" && u.Role != "admin" {
|
||
u.WorkspaceID = DefaultWorkspaceID
|
||
}
|
||
return nil
|
||
}
|