From 2c92815ac06722adec5b9e8c8d5e004fa4c47008 Mon Sep 17 00:00:00 2001
From: Jrohy <euvkzx@gmail.com>
Date: Mon, 6 Apr 2020 23:28:48 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E4=BF=AE=E6=94=B9=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E5=90=8D=E5=92=8C=E5=AF=86=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/mysql.go          | 19 +++++++++++++++++++
 web/controller/user.go | 39 +++++++++++++++++++++++++++++++++++++--
 web/web.go             |  7 +++++++
 3 files changed, 63 insertions(+), 2 deletions(-)

diff --git a/core/mysql.go b/core/mysql.go
index 97c6cd4b..af6f1634 100644
--- a/core/mysql.go
+++ b/core/mysql.go
@@ -87,6 +87,25 @@ func (mysql *Mysql) CreateUser(username string, password string) error {
 	return nil
 }
 
+// UpdateUser 更新Trojan用户名和密码
+func (mysql *Mysql) UpdateUser(id uint, username string, password string) error {
+	db := mysql.GetDB()
+	if db == nil {
+		return errors.New("can't connect mysql")
+	}
+	defer db.Close()
+	encryPass := sha256.Sum224([]byte(password))
+	if _, err := db.Exec(fmt.Sprintf("UPDATE users SET username='%s', password='%x' WHERE id=%d;", username, encryPass, id)); err != nil {
+		fmt.Println(err)
+		return err
+	}
+	if err := SetValue(username+"_pass", password); err != nil {
+		fmt.Println(err)
+		return err
+	}
+	return nil
+}
+
 // DeleteUser 删除用户
 func (mysql *Mysql) DeleteUser(id uint) error {
 	db := mysql.GetDB()
diff --git a/web/controller/user.go b/web/controller/user.go
index a76cf8ed..eae0104e 100644
--- a/web/controller/user.go
+++ b/web/controller/user.go
@@ -2,6 +2,7 @@ package controller
 
 import (
 	"encoding/base64"
+	"strconv"
 	"time"
 	"trojan/core"
 )
@@ -43,11 +44,11 @@ func CreateUser(username string, password string) *ResponseBody {
 		responseBody.Msg = "不能创建用户名为admin的用户!"
 		return &responseBody
 	}
-	if _, err := core.GetValue(username + "_pass"); err == nil {
+	mysql := core.GetMysql()
+	if user := mysql.GetUserByName(username); user != nil {
 		responseBody.Msg = "已存在用户名为: " + username + " 的用户!"
 		return &responseBody
 	}
-	mysql := core.GetMysql()
 	pass, err := base64.StdEncoding.DecodeString(password)
 	if err != nil {
 		responseBody.Msg = "Base64解码失败: " + err.Error()
@@ -59,6 +60,40 @@ func CreateUser(username string, password string) *ResponseBody {
 	return &responseBody
 }
 
+// UpdateUser 更新用户
+func UpdateUser(id uint, username string, password string) *ResponseBody {
+	responseBody := ResponseBody{Msg: "success"}
+	defer TimeCost(time.Now(), &responseBody)
+	if username == "admin" {
+		responseBody.Msg = "不能更改用户名为admin的用户!"
+		return &responseBody
+	}
+	mysql := core.GetMysql()
+	userList := mysql.GetData(strconv.Itoa(int(id)))
+	if userList == nil {
+		responseBody.Msg = "can't connect mysql"
+		return &responseBody
+	}
+	if userList[0].Username != username {
+		if user := mysql.GetUserByName(username); user != nil {
+			responseBody.Msg = "已存在用户名为: " + username + " 的用户!"
+			return &responseBody
+		}
+	}
+	if userList[0].Username != "admin" {
+		_ = core.DelValue(userList[0].Username + "_pass")
+	}
+	pass, err := base64.StdEncoding.DecodeString(password)
+	if err != nil {
+		responseBody.Msg = "Base64解码失败: " + err.Error()
+		return &responseBody
+	}
+	if err := mysql.UpdateUser(id, username, string(pass)); err != nil {
+		responseBody.Msg = err.Error()
+	}
+	return &responseBody
+}
+
 // DelUser 删除用户
 func DelUser(id uint) *ResponseBody {
 	responseBody := ResponseBody{Msg: "success"}
diff --git a/web/web.go b/web/web.go
index bf6648f4..9eb1a226 100644
--- a/web/web.go
+++ b/web/web.go
@@ -28,6 +28,13 @@ func userRouter(router *gin.Engine) {
 			password := c.PostForm("password")
 			c.JSON(200, controller.CreateUser(username, password))
 		})
+		user.POST("/update", func(c *gin.Context) {
+			sid := c.PostForm("id")
+			username := c.PostForm("username")
+			password := c.PostForm("password")
+			id, _ := strconv.Atoi(sid)
+			c.JSON(200, controller.UpdateUser(uint(id), username, password))
+		})
 		user.DELETE("", func(c *gin.Context) {
 			stringId := c.Query("id")
 			id, _ := strconv.Atoi(stringId)