Compare commits
2 Commits
9b12895199
...
0bca35d015
| Author | SHA1 | Date | |
|---|---|---|---|
| 0bca35d015 | |||
| 7cc1ff9555 |
Binary file not shown.
|
Before Width: | Height: | Size: 4.2 KiB After Width: | Height: | Size: 17 KiB |
@@ -146,4 +146,9 @@ onMounted(async () => {
|
||||
const userInitials = computed(() => {
|
||||
return (userName.value[0] || 'U').toUpperCase()
|
||||
})
|
||||
|
||||
async function logout() {
|
||||
await fetch('/api/logout', { method: 'POST' })
|
||||
router.push('/login')
|
||||
}
|
||||
</script>
|
||||
|
||||
@@ -24,15 +24,26 @@
|
||||
<td class="px-6 py-4 whitespace-nowrap text-sm">{{ user.login }}</td>
|
||||
<td class="px-6 py-4 whitespace-nowrap text-sm">{{ user.email }}</td>
|
||||
<td class="px-6 py-4 whitespace-nowrap text-sm">
|
||||
<button @click="toggleActive(user)" :class="user.active ? 'text-green-600' : 'text-red-600'">
|
||||
<button
|
||||
v-if="user.id !== currentUserId"
|
||||
@click="toggleActive(user)"
|
||||
:class="user.active ? 'text-green-600' : 'text-red-600'"
|
||||
>
|
||||
{{ user.active ? 'Active' : 'Inactive' }}
|
||||
</button>
|
||||
<span v-else class="text-gray-400 text-sm">(You)</span>
|
||||
</td>
|
||||
<td class="px-6 py-4 whitespace-nowrap text-sm">{{ user.ip || '-' }}</td>
|
||||
<td class="px-6 py-4 whitespace-nowrap text-sm">{{ formatDate(user.created) }}</td>
|
||||
<td class="px-6 py-4 whitespace-nowrap text-sm space-x-2">
|
||||
<button @click="openModal('edit', user)" class="text-blue-600">Edit</button>
|
||||
<button @click="deleteUser(user.id)" class="text-red-600">Delete</button>
|
||||
<button
|
||||
v-if="user.id !== currentUserId"
|
||||
@click="deleteUser(user.id)"
|
||||
class="text-red-600"
|
||||
>
|
||||
Delete
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
@@ -71,10 +82,24 @@
|
||||
import { ref, onMounted } from 'vue';
|
||||
import AppLayout from '../components/Layout/AppLayout.vue';
|
||||
|
||||
const currentUserId = ref<number | null>(null);
|
||||
|
||||
async function loadCurrentUser() {
|
||||
try {
|
||||
const res = await fetch('/api/admin/me');
|
||||
if (res.ok) {
|
||||
const data = await res.json();
|
||||
currentUserId.value = data.id;
|
||||
}
|
||||
} catch (e) {
|
||||
console.error('Failed to load current user', e);
|
||||
}
|
||||
}
|
||||
|
||||
const users = ref([]);
|
||||
const modalOpen = ref(false);
|
||||
const modalMode = ref<'create' | 'edit'>('create');
|
||||
const form = ref({ id: null, login: '', password: '' });
|
||||
const form = ref({ id: null, login: '', email: '', password: '' });
|
||||
const modalTitle = ref('');
|
||||
|
||||
async function loadUsers() {
|
||||
@@ -95,10 +120,10 @@ async function toggleActive(user: any) {
|
||||
function openModal(mode: 'create' | 'edit', user: any = null) {
|
||||
modalMode.value = mode;
|
||||
if (mode === 'create') {
|
||||
form.value = { id: null, login: '', password: '' };
|
||||
form.value = { id: null, login: '', email: '', password: '' };
|
||||
modalTitle.value = 'Create User';
|
||||
} else {
|
||||
form.value = { id: user.id, login: user.login, password: '' };
|
||||
form.value = { id: user.id, login: user.login, email: user.email, password: '' }; // добавлен email
|
||||
modalTitle.value = 'Edit User';
|
||||
}
|
||||
modalOpen.value = true;
|
||||
@@ -110,23 +135,36 @@ function closeModal() {
|
||||
|
||||
async function submitUser() {
|
||||
try {
|
||||
const payload: any = {
|
||||
login: form.value.login,
|
||||
email: form.value.email,
|
||||
};
|
||||
if (form.value.password) {
|
||||
payload.password = form.value.password;
|
||||
}
|
||||
if (modalMode.value === 'create') {
|
||||
await fetch('/api/admin/users', {
|
||||
if (!form.value.password) {
|
||||
alert('Password is required');
|
||||
return;
|
||||
}
|
||||
const res = await fetch('/api/admin/users', {
|
||||
method: 'POST',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ login: form.value.login, password: form.value.password })
|
||||
body: JSON.stringify(payload),
|
||||
});
|
||||
if (!res.ok) throw new Error('Create failed');
|
||||
} else {
|
||||
await fetch(`/api/admin/users/${form.value.id}`, {
|
||||
const res = await fetch(`/api/admin/users/${form.value.id}`, {
|
||||
method: 'PUT',
|
||||
headers: { 'Content-Type': 'application/json' },
|
||||
body: JSON.stringify({ login: form.value.login, password: form.value.password || undefined })
|
||||
body: JSON.stringify(payload),
|
||||
});
|
||||
if (!res.ok) throw new Error('Update failed');
|
||||
}
|
||||
await loadUsers();
|
||||
closeModal();
|
||||
} catch (e) {
|
||||
alert('Operation failed');
|
||||
alert('Operation failed: ' + e.message);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -137,5 +175,8 @@ async function deleteUser(id: number) {
|
||||
}
|
||||
}
|
||||
|
||||
onMounted(loadUsers);
|
||||
onMounted(async () => {
|
||||
await loadCurrentUser();
|
||||
await loadUsers();
|
||||
});
|
||||
</script>
|
||||
|
||||
@@ -16,7 +16,7 @@
|
||||
<div class="bg-white rounded-2xl shadow-xl p-8">
|
||||
<form @submit.prevent="handleLogin" class="space-y-6">
|
||||
<div>
|
||||
<label class="block text-sm font-medium text-gray-700 mb-2">Username</label>
|
||||
<label class="block text-sm font-medium text-gray-700 mb-2">Username or Email</label>
|
||||
<div class="relative">
|
||||
<div class="absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none">
|
||||
<svg class="h-5 w-5 text-gray-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
|
||||
@@ -28,7 +28,7 @@
|
||||
type="text"
|
||||
required
|
||||
class="input-field pl-10"
|
||||
placeholder="Enter your username"
|
||||
placeholder="Enter your username or email"
|
||||
/>
|
||||
</div>
|
||||
</div>
|
||||
@@ -119,9 +119,15 @@ async function handleLogin() {
|
||||
|
||||
if (res.ok) {
|
||||
router.push('/dashboard')
|
||||
} else {
|
||||
// Пытаемся получить текст ошибки от сервера
|
||||
const text = await res.text()
|
||||
if (text && text.trim()) {
|
||||
error.value = text
|
||||
} else {
|
||||
error.value = 'Invalid username or password'
|
||||
}
|
||||
}
|
||||
} catch (e) {
|
||||
error.value = 'Network error. Please try again.'
|
||||
} finally {
|
||||
|
||||
@@ -21,10 +21,26 @@ public class AuthHandler {
|
||||
return;
|
||||
}
|
||||
|
||||
userService.findByLogin(login).onComplete(ar -> {
|
||||
userService.findByLoginOrEmail(login).onComplete(ar -> {
|
||||
if (ar.succeeded() && ar.result() != null) {
|
||||
JsonObject user = ar.result();
|
||||
if (userService.checkPassword(password, user.getString("password"))) {
|
||||
|
||||
boolean passwordOk = userService.checkPassword(password, user.getString("password"));
|
||||
|
||||
if (passwordOk) {
|
||||
// Надёжное получение флага активности
|
||||
Boolean active = user.getBoolean("active");
|
||||
if (active == null) {
|
||||
// Если поле отсутствует, пробуем получить как Integer (на случай TINYINT)
|
||||
Integer activeInt = user.getInteger("active");
|
||||
active = activeInt != null && activeInt == 1;
|
||||
}
|
||||
|
||||
if (!active) {
|
||||
ctx.response().setStatusCode(401).end("Account not activated");
|
||||
return;
|
||||
}
|
||||
|
||||
Session session = ctx.session();
|
||||
session.put("userId", user.getInteger("id"));
|
||||
session.put("login", user.getString("login"));
|
||||
@@ -39,7 +55,12 @@ public class AuthHandler {
|
||||
}
|
||||
|
||||
public void handleLogout(RoutingContext ctx) {
|
||||
ctx.session().destroy();
|
||||
Session session = ctx.session();
|
||||
if (session != null) {
|
||||
session.destroy();
|
||||
}
|
||||
// Явное удаление cookie сессии
|
||||
ctx.response().removeCookie("admin.session");
|
||||
ctx.response().end(new JsonObject().put("success", true).encode());
|
||||
}
|
||||
|
||||
@@ -50,5 +71,5 @@ public class AuthHandler {
|
||||
} else {
|
||||
ctx.next();
|
||||
}
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
@@ -186,6 +186,7 @@ public class MainVerticle extends AbstractVerticle {
|
||||
rc.response().setStatusCode(400).end("Missing login, email or password");
|
||||
return;
|
||||
}
|
||||
// Создаём активного пользователя (active = true)
|
||||
userService.createUser(login, email, password, ip, true)
|
||||
.onSuccess(v -> rc.response().setStatusCode(201).end())
|
||||
.onFailure(err -> rc.response().setStatusCode(500).end(err.getMessage()));
|
||||
@@ -209,6 +210,15 @@ public class MainVerticle extends AbstractVerticle {
|
||||
|
||||
router.delete("/api/admin/users/:id").handler(rc -> {
|
||||
int id = Integer.parseInt(rc.pathParam("id"));
|
||||
Integer currentUserId = rc.session().get("userId");
|
||||
|
||||
if (currentUserId != null && currentUserId == id) {
|
||||
rc.response().setStatusCode(403).end(new JsonObject()
|
||||
.put("error", "You cannot delete your own account")
|
||||
.encode());
|
||||
return;
|
||||
}
|
||||
|
||||
userService.deleteUser(id)
|
||||
.onSuccess(v -> rc.response().end())
|
||||
.onFailure(err -> rc.response().setStatusCode(500).end(err.getMessage()));
|
||||
@@ -217,6 +227,13 @@ public class MainVerticle extends AbstractVerticle {
|
||||
router.put("/api/admin/users/:id/activate").handler(rc -> {
|
||||
int id = Integer.parseInt(rc.pathParam("id"));
|
||||
boolean active = Boolean.parseBoolean(rc.queryParam("active").get(0));
|
||||
Integer currentUserId = rc.session().get("userId");
|
||||
|
||||
if (currentUserId != null && currentUserId == id) {
|
||||
rc.response().setStatusCode(403).end(new JsonObject().put("error", "You cannot deactivate yourself").encode());
|
||||
return;
|
||||
}
|
||||
|
||||
userService.setActive(id, active)
|
||||
.onSuccess(v -> rc.response().end())
|
||||
.onFailure(err -> rc.response().setStatusCode(500).end(err.getMessage()));
|
||||
|
||||
@@ -5,6 +5,7 @@ import io.vertx.core.json.JsonArray;
|
||||
import io.vertx.core.json.JsonObject;
|
||||
import io.vertx.sqlclient.Pool;
|
||||
import io.vertx.sqlclient.Row;
|
||||
import io.vertx.sqlclient.Tuple;
|
||||
import io.vertx.sqlclient.templates.SqlTemplate;
|
||||
import org.mindrot.jbcrypt.BCrypt;
|
||||
|
||||
@@ -66,6 +67,19 @@ public class UserService {
|
||||
.execute(Map.of("id", id, "active", active)).mapEmpty();
|
||||
}
|
||||
|
||||
public Future<JsonObject> findByLoginOrEmail(String loginOrEmail) {
|
||||
String sql = "SELECT id, login, email, password, active, ip, created, updated FROM users WHERE login = ? OR email = ?";
|
||||
return pool.preparedQuery(sql)
|
||||
.execute(Tuple.of(loginOrEmail, loginOrEmail))
|
||||
.map(rows -> {
|
||||
if (rows.size() == 0) {
|
||||
return null;
|
||||
}
|
||||
Row row = rows.iterator().next();
|
||||
return toJson(row);
|
||||
});
|
||||
}
|
||||
|
||||
public Future<JsonObject> findByEmail(String email) {
|
||||
return SqlTemplate.forQuery(pool, "SELECT id, login, email, password, active, ip, created, updated FROM users WHERE email = #{email}")
|
||||
.mapTo(this::toJson)
|
||||
@@ -94,7 +108,16 @@ public class UserService {
|
||||
.execute()
|
||||
.map(rows -> {
|
||||
JsonArray array = new JsonArray();
|
||||
rows.forEach(row -> array.add(toJson(row)));
|
||||
for (Row row : rows) {
|
||||
array.add(new JsonObject()
|
||||
.put("id", row.getInteger("id"))
|
||||
.put("login", row.getString("login"))
|
||||
.put("email", row.getString("email"))
|
||||
.put("active", row.getBoolean("active"))
|
||||
.put("ip", row.getString("ip"))
|
||||
.put("created", row.getLocalDateTime("created") != null ? row.getLocalDateTime("created").toString() : null)
|
||||
.put("updated", row.getLocalDateTime("updated") != null ? row.getLocalDateTime("updated").toString() : null));
|
||||
}
|
||||
return array;
|
||||
});
|
||||
}
|
||||
@@ -135,6 +158,7 @@ public class UserService {
|
||||
.put("id", row.getInteger("id"))
|
||||
.put("login", row.getString("login"))
|
||||
.put("email", row.getString("email"))
|
||||
.put("password", row.getString("password")) // ← ДОБАВИТЬ ЭТУ СТРОКУ
|
||||
.put("active", row.getBoolean("active"))
|
||||
.put("ip", row.getString("ip"))
|
||||
.put("created", row.getLocalDateTime("created") != null ? row.getLocalDateTime("created").toString() : null)
|
||||
|
||||
Reference in New Issue
Block a user