新增：ldap用户OTP认证(同步ldap用户到本地【仅作为管理otp秘钥，支持ldap用户下发客户端证书】)

新增：支持用户批量发送邮件，批量删除
2025-09-18 17:37:11 +08:00 · 2025-08-29 15:11:38 +08:00
parent 861b07a47d
commit efdcd236f5
9 changed files with 649 additions and 13928 deletions
--- a/server/admin/api_group.go
+++ b/server/admin/api_group.go
@@ -6,6 +6,7 @@ import (
 	"net/http"
 	"strconv"

+	"github.com/bjdgyc/anylink/base"
 	"github.com/bjdgyc/anylink/dbdata"
 )

@@ -149,3 +150,35 @@ func GroupAuthLogin(w http.ResponseWriter, r *http.Request) {
 	}
 	RespSucess(w, "ok")
 }
+func SaveLdapUsers(w http.ResponseWriter, r *http.Request) {
+	body, err := io.ReadAll(r.Body)
+	if err != nil {
+		RespError(w, RespInternalErr, err)
+		return
+	}
+	defer r.Body.Close()
+
+	v := &dbdata.Group{}
+	err = json.Unmarshal(body, v)
+	if err != nil {
+		RespError(w, RespParamErr, "参数错误")
+		return
+	}
+
+	// 保存LDAP用户
+	if v.Auth["type"] == "ldap" {
+		authLdap := dbdata.AuthLdap{}
+		if err := authLdap.ParseGroup(v); err != nil {
+			RespError(w, RespInternalErr, err)
+			return
+		}
+		go func() {
+			if err := authLdap.SaveUsers(v); err != nil {
+				base.Error("LDAP用户同步失败:", err)
+			} else {
+				base.Info("LDAP用户同步成功")
+			}
+		}()
+	}
+	RespSucess(w, "LDAP用户同步成功")
+}
--- a/server/admin/api_user.go
+++ b/server/admin/api_user.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"encoding/base64"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -41,10 +42,10 @@ func UserList(w http.ResponseWriter, r *http.Request) {
 	// 查询前缀匹配
 	if len(prefix) > 0 {
 		fuzzy := "%" + prefix + "%"
-		where := "username LIKE ? OR nickname LIKE ? OR email LIKE ?"
+		where := "username LIKE ? OR nickname LIKE ? OR email LIKE ? OR type LIKE ?"

-		count = dbdata.FindWhereCount(&dbdata.User{}, where, fuzzy, fuzzy, fuzzy)
-		err = dbdata.FindWhere(&datas, pageSize, page, where, fuzzy, fuzzy, fuzzy)
+		count = dbdata.FindWhereCount(&dbdata.User{}, where, fuzzy, fuzzy, fuzzy, fuzzy)
+		err = dbdata.FindWhere(&datas, pageSize, page, where, fuzzy, fuzzy, fuzzy, fuzzy)
 	} else {
 		count = dbdata.CountAll(&dbdata.User{})
 		err = dbdata.Find(&datas, pageSize, page)
@@ -220,6 +221,97 @@ func UserReline(w http.ResponseWriter, r *http.Request) {
 	RespSucess(w, nil)
 }

+// 批量发送邮件
+func UserBatchSendEmail(w http.ResponseWriter, r *http.Request) {
+	var req struct {
+		UserIds []int `json:"user_ids"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		RespError(w, RespInternalErr, err)
+		return
+	}
+
+	if len(req.UserIds) == 0 {
+		RespError(w, RespInternalErr, errors.New("用户ID列表不能为空"))
+		return
+	}
+
+	successCount := 0
+	failCount := 0
+
+	for _, userId := range req.UserIds {
+		user := &dbdata.User{}
+		err := dbdata.One("Id", userId, user)
+		if err != nil {
+			failCount++
+			continue
+		}
+
+		// 发送邮件
+		err = userAccountMail(user)
+		if err != nil {
+			base.Error("批量发送邮件失败:", user.Username, err)
+			failCount++
+		} else {
+			successCount++
+		}
+	}
+
+	msg := fmt.Sprintf("批量发送邮件完成，成功：%d，失败：%d", successCount, failCount)
+
+	if successCount > 0 {
+		RespSucess(w, msg)
+	} else {
+		RespError(w, RespInternalErr, errors.New(msg))
+	}
+}
+
+// 批量删除用户
+func UserBatchDelete(w http.ResponseWriter, r *http.Request) {
+	var req struct {
+		UserIds []int `json:"user_ids"`
+	}
+
+	if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
+		RespError(w, RespInternalErr, err)
+		return
+	}
+
+	if len(req.UserIds) == 0 {
+		RespError(w, RespInternalErr, errors.New("用户ID列表不能为空"))
+		return
+	}
+
+	successCount := 0
+	failCount := 0
+
+	for _, userId := range req.UserIds {
+		user := &dbdata.User{}
+		err := dbdata.One("Id", userId, user)
+		if err != nil {
+			failCount++
+			continue
+		}
+
+		err = dbdata.Del(user)
+		if err != nil {
+			base.Error("批量删除用户失败:", user.Username, err)
+			failCount++
+		} else {
+			successCount++
+		}
+	}
+
+	msg := fmt.Sprintf("批量删除完成，成功：%d，失败：%d", successCount, failCount)
+
+	if successCount > 0 {
+		RespSucess(w, msg)
+	} else {
+		RespError(w, RespInternalErr, errors.New(msg))
+	}
+}
+
 type userAccountMailData struct {
 	Issuer       string
 	LinkAddr     string
@@ -285,6 +377,10 @@ func userAccountMail(user *dbdata.User) error {
 		DisableOtp:   user.DisableOtp,
 	}

+	if user.Type == "ldap" {
+		data.PinCode = "同ldap密码"
+	}
+
 	if user.LimitTime == nil {
 		data.LimitTime = "无限制"
 	} else {
--- a/server/admin/server.go
+++ b/server/admin/server.go
@@ -87,6 +87,8 @@ func StartAdmin() {
 	r.HandleFunc("/user/policy/del", PolicyDel)
 	r.HandleFunc("/user/reset/forgotPassword", ForgotPassword).Name("forgot_password")
 	r.HandleFunc("/user/reset/resetPassword", ResetPassword).Name("reset_password")
+	r.HandleFunc("/user/batch/send_email", UserBatchSendEmail).Methods(http.MethodPost)
+	r.HandleFunc("/user/batch/delete", UserBatchDelete).Methods(http.MethodPost)

 	r.HandleFunc("/group/list", GroupList)
 	r.HandleFunc("/group/names", GroupNames)
@@ -95,6 +97,7 @@ func StartAdmin() {
 	r.HandleFunc("/group/set", GroupSet)
 	r.HandleFunc("/group/del", GroupDel)
 	r.HandleFunc("/group/auth_login", GroupAuthLogin)
+	r.HandleFunc("/group/saveldapusers", SaveLdapUsers)

 	r.HandleFunc("/statsinfo/list", StatsInfoList)
 	r.HandleFunc("/locksinfo/list", GetLocksInfo)