evan/evanpage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f9499c07958eb0a1b268c99760dc99a98199e936
evanpage/backend/internal/service/user.go
evan b0b85f4d3a Initial fullstack project setup with Next.js 15, Gin, PostgreSQL and Docker Compose 
- Frontend: Next.js 15 (App Router), Auth.js v5, shadcn/ui, MagicUI
- Backend: Go + Gin + GORM with layered architecture
- Auth: Local credentials login with optional Keycloak OAuth binding
- Admin: RBAC user management for admin role
- Dev: Docker Compose with hot reload for both frontend and backend
- Docker: 3-service orchestration (frontend, backend, postgres)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-04-16 15:11:20 +00:00

107 lines
2.5 KiB
Go
Raw Blame History

package service
import (
"errors"
"evanpage-backend/internal/domain"
"evanpage-backend/internal/repository"
"golang.org/x/crypto/bcrypt"
"gorm.io/gorm"
)
type UserService struct {
repo *repository.UserRepository
}
func NewUserService(repo *repository.UserRepository) *UserService {
return &UserService{repo: repo}
}
func (s *UserService) Register(username, email, password, role string) (*domain.User, error) {
_, err := s.repo.FindByUsername(username)
if err == nil {
return nil, errors.New("username already exists")
}
_, err = s.repo.FindByEmail(email)
if err == nil {
return nil, errors.New("email already exists")
}
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
if err != nil {
return nil, err
}
if role == "" {
role = "user"
}
user := &domain.User{
Username: username,
Email: email,
PasswordHash: string(hash),
Role: role,
}
if err := s.repo.Create(user); err != nil {
return nil, err
}
return user, nil
}
func (s *UserService) ValidateLocalLogin(username, password string) (*domain.User, error) {
user, err := s.repo.FindByUsername(username)
if err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
return nil, errors.New("invalid credentials")
}
return nil, err
}
if err := bcrypt.CompareHashAndPassword([]byte(user.PasswordHash), []byte(password)); err != nil {
return nil, errors.New("invalid credentials")
}
return user, nil
}
func (s *UserService) LookupKeycloakBinding(keycloakID string) (*domain.User, error) {
return s.repo.FindByKeycloakID(keycloakID)
}
func (s *UserService) BindKeycloak(username, password, keycloakID, keycloakEmail string) (*domain.User, error) {
user, err := s.ValidateLocalLogin(username, password)
if err != nil {
return nil, err
}
if user.KeycloakID != nil && *user.KeycloakID != "" && *user.KeycloakID != keycloakID {
return nil, errors.New("user already bound to another keycloak account")
}
existing, err := s.repo.FindByKeycloakID(keycloakID)
if err == nil && existing.ID != user.ID {
return nil, errors.New("keycloak account already bound to another user")
}
user.KeycloakID = &keycloakID
user.KeycloakEmail = keycloakEmail
if err := s.repo.Update(user); err != nil {
return nil, err
}
return user, nil
}
func (s *UserService) ListUsers() ([]domain.User, error) {
return s.repo.ListAll()
}
func (s *UserService) DeleteUser(id uint) error {
return s.repo.Delete(id)
}
func (s *UserService) CountUsers() (int64, error) {
return s.repo.Count()
}
Reference in New Issue View Git Blame Copy Permalink