backend/internal/handler/helpers.go

package handler

import (
	"carrotskin/internal/errors"
	"carrotskin/internal/model"
	"carrotskin/internal/types"
	"net/http"
	"strconv"

	"github.com/gin-gonic/gin"
)

// parseIntWithDefault 将字符串解析为整数，解析失败返回默认值
func parseIntWithDefault(s string, defaultVal int) int {
	val, err := strconv.Atoi(s)
	if err != nil {
		return defaultVal
	}
	return val
}

// GetUserIDFromContext 从上下文获取用户ID，如果不存在返回未授权响应
// 返回值: userID, ok (如果ok为false，已经发送了错误响应)
func GetUserIDFromContext(c *gin.Context) (int64, bool) {
	userIDValue, exists := c.Get("user_id")
	if !exists {
		c.JSON(http.StatusUnauthorized, model.NewErrorResponse(
			model.CodeUnauthorized,
			model.MsgUnauthorized,
			nil,
		))
		return 0, false
	}

	// 安全的类型断言
	userID, ok := userIDValue.(int64)
	if !ok {
		c.JSON(http.StatusInternalServerError, model.NewErrorResponse(
			model.CodeServerError,
			"用户ID类型错误",
			nil,
		))
		return 0, false
	}

	return userID, true
}

// UserToUserInfo 将 User 模型转换为 UserInfo 响应
func UserToUserInfo(user *model.User) *types.UserInfo {
	return &types.UserInfo{
		ID:          user.ID,
		Username:    user.Username,
		Email:       user.Email,
		Avatar:      user.Avatar,
		Points:      user.Points,
		Role:        user.Role,
		Status:      user.Status,
		LastLoginAt: user.LastLoginAt,
		CreatedAt:   user.CreatedAt,
		UpdatedAt:   user.UpdatedAt,
	}
}

// UserToPublicUserInfo 将 User 模型转换为 PublicUserInfo 响应
func UserToPublicUserInfo(user *model.User) *types.PublicUserInfo {
	return &types.PublicUserInfo{
		ID:        user.ID,
		Username:  user.Username,
		Avatar:    user.Avatar,
		Points:    user.Points,
		Role:      user.Role,
		Status:    user.Status,
		CreatedAt: user.CreatedAt,
	}
}

// ProfileToProfileInfo 将 Profile 模型转换为 ProfileInfo 响应
func ProfileToProfileInfo(profile *model.Profile) *types.ProfileInfo {
	return &types.ProfileInfo{
		UUID:       profile.UUID,
		UserID:     profile.UserID,
		Name:       profile.Name,
		SkinID:     profile.SkinID,
		CapeID:     profile.CapeID,
		LastUsedAt: profile.LastUsedAt,
		CreatedAt:  profile.CreatedAt,
		UpdatedAt:  profile.UpdatedAt,
	}
}

// ProfilesToProfileInfos 批量转换 Profile 模型为 ProfileInfo 响应
func ProfilesToProfileInfos(profiles []*model.Profile) []*types.ProfileInfo {
	result := make([]*types.ProfileInfo, 0, len(profiles))
	for _, profile := range profiles {
		result = append(result, ProfileToProfileInfo(profile))
	}
	return result
}

// TextureToTextureInfo 将 Texture 模型转换为 TextureInfo 响应
func TextureToTextureInfo(texture *model.Texture) *types.TextureInfo {
	uploaderUsername := ""
	if texture.Uploader != nil {
		uploaderUsername = texture.Uploader.Username
	}

	return &types.TextureInfo{
		ID:               texture.ID,
		UploaderID:       texture.UploaderID,
		UploaderUsername: uploaderUsername,
		Name:             texture.Name,
		Description:      texture.Description,
		Type:             types.TextureType(texture.Type),
		URL:              texture.URL,
		Hash:             texture.Hash,
		Size:             texture.Size,
		IsPublic:         texture.IsPublic,
		DownloadCount:    texture.DownloadCount,
		FavoriteCount:    texture.FavoriteCount,
		IsSlim:           texture.IsSlim,
		Status:           texture.Status,
		CreatedAt:        texture.CreatedAt,
		UpdatedAt:        texture.UpdatedAt,
	}
}

// TexturesToTextureInfos 批量转换 Texture 模型为 TextureInfo 响应
func TexturesToTextureInfos(textures []*model.Texture) []*types.TextureInfo {
	result := make([]*types.TextureInfo, len(textures))
	for i, texture := range textures {
		result[i] = TextureToTextureInfo(texture)
	}
	return result
}

// RespondBadRequest 返回400错误响应
func RespondBadRequest(c *gin.Context, message string, err error) {
	c.JSON(http.StatusBadRequest, model.NewErrorResponse(
		model.CodeBadRequest,
		message,
		err,
	))
}

// RespondUnauthorized 返回401错误响应
func RespondUnauthorized(c *gin.Context, message string) {
	c.JSON(http.StatusUnauthorized, model.NewErrorResponse(
		model.CodeUnauthorized,
		message,
		nil,
	))
}

// RespondForbidden 返回403错误响应
func RespondForbidden(c *gin.Context, message string) {
	c.JSON(http.StatusForbidden, model.NewErrorResponse(
		model.CodeForbidden,
		message,
		nil,
	))
}

// RespondNotFound 返回404错误响应
func RespondNotFound(c *gin.Context, message string) {
	c.JSON(http.StatusNotFound, model.NewErrorResponse(
		model.CodeNotFound,
		message,
		nil,
	))
}

// RespondServerError 返回500错误响应
func RespondServerError(c *gin.Context, message string, err error) {
	c.JSON(http.StatusInternalServerError, model.NewErrorResponse(
		model.CodeServerError,
		message,
		err,
	))
}

// RespondSuccess 返回成功响应
func RespondSuccess(c *gin.Context, data interface{}) {
	c.JSON(http.StatusOK, model.NewSuccessResponse(data))
}

// RespondWithError 根据错误类型自动选择状态码
func RespondWithError(c *gin.Context, err error) {
	if err == nil {
		return
	}

	// 使用errors.Is检查预定义错误
	if errors.Is(err, errors.ErrUserNotFound) ||
		errors.Is(err, errors.ErrProfileNotFound) ||
		errors.Is(err, errors.ErrTextureNotFound) ||
		errors.Is(err, errors.ErrNotFound) {
		RespondNotFound(c, err.Error())
		return
	}

	if errors.Is(err, errors.ErrProfileNoPermission) ||
		errors.Is(err, errors.ErrTextureNoPermission) ||
		errors.Is(err, errors.ErrForbidden) {
		RespondForbidden(c, err.Error())
		return
	}

	if errors.Is(err, errors.ErrUnauthorized) ||
		errors.Is(err, errors.ErrInvalidToken) ||
		errors.Is(err, errors.ErrTokenExpired) {
		RespondUnauthorized(c, err.Error())
		return
	}

	// 检查AppError类型
	var appErr *errors.AppError
	if errors.As(err, &appErr) {
		c.JSON(appErr.Code, model.NewErrorResponse(
			appErr.Code,
			appErr.Message,
			appErr.Err,
		))
		return
	}

	// 默认返回500错误
	RespondServerError(c, err.Error(), err)
}
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+								package handler
 								import (
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
+									"carrotskin/internal/errors"
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+									"carrotskin/internal/model"
 									"carrotskin/internal/types"
 									"net/http"
-												feat: 引入依赖注入模式

- 创建Repository接口定义（UserRepository、ProfileRepository、TextureRepository等）
- 创建Repository接口实现
- 创建依赖注入容器（container.Container）
- 改造Handler层使用依赖注入（AuthHandler、UserHandler、TextureHandler）
- 创建新的路由注册方式（RegisterRoutesWithDI）
- 提供main.go示例文件展示如何使用依赖注入

同时包含之前的安全修复：
- CORS配置安全加固
- 头像URL验证安全修复
- JWT algorithm confusion漏洞修复
- Recovery中间件增强
- 敏感错误信息泄露修复
- 类型断言安全修复

											
										
										
											2025-12-02 17:40:39 +08:00
+									"strconv"
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
 									"github.com/gin-gonic/gin"
 								)
-												feat: 引入依赖注入模式

- 创建Repository接口定义（UserRepository、ProfileRepository、TextureRepository等）
- 创建Repository接口实现
- 创建依赖注入容器（container.Container）
- 改造Handler层使用依赖注入（AuthHandler、UserHandler、TextureHandler）
- 创建新的路由注册方式（RegisterRoutesWithDI）
- 提供main.go示例文件展示如何使用依赖注入

同时包含之前的安全修复：
- CORS配置安全加固
- 头像URL验证安全修复
- JWT algorithm confusion漏洞修复
- Recovery中间件增强
- 敏感错误信息泄露修复
- 类型断言安全修复

											
										
										
											2025-12-02 17:40:39 +08:00
+								// parseIntWithDefault 将字符串解析为整数，解析失败返回默认值
 								func parseIntWithDefault(s string, defaultVal int) int {
 									val, err := strconv.Atoi(s)
 									if err != nil {
 										return defaultVal
 									}
 									return val
 								}
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+								// GetUserIDFromContext 从上下文获取用户ID，如果不存在返回未授权响应
 								// 返回值: userID, ok (如果ok为false，已经发送了错误响应)
 								func GetUserIDFromContext(c *gin.Context) (int64, bool) {
-												feat: 引入依赖注入模式

- 创建Repository接口定义（UserRepository、ProfileRepository、TextureRepository等）
- 创建Repository接口实现
- 创建依赖注入容器（container.Container）
- 改造Handler层使用依赖注入（AuthHandler、UserHandler、TextureHandler）
- 创建新的路由注册方式（RegisterRoutesWithDI）
- 提供main.go示例文件展示如何使用依赖注入

同时包含之前的安全修复：
- CORS配置安全加固
- 头像URL验证安全修复
- JWT algorithm confusion漏洞修复
- Recovery中间件增强
- 敏感错误信息泄露修复
- 类型断言安全修复

											
										
										
											2025-12-02 17:40:39 +08:00
+									userIDValue, exists := c.Get("user_id")
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+									if !exists {
 										c.JSON(http.StatusUnauthorized, model.NewErrorResponse(
 											model.CodeUnauthorized,
 											model.MsgUnauthorized,
 											nil,
 										))
 										return 0, false
 									}
-												feat: 引入依赖注入模式

- 创建Repository接口定义（UserRepository、ProfileRepository、TextureRepository等）
- 创建Repository接口实现
- 创建依赖注入容器（container.Container）
- 改造Handler层使用依赖注入（AuthHandler、UserHandler、TextureHandler）
- 创建新的路由注册方式（RegisterRoutesWithDI）
- 提供main.go示例文件展示如何使用依赖注入

同时包含之前的安全修复：
- CORS配置安全加固
- 头像URL验证安全修复
- JWT algorithm confusion漏洞修复
- Recovery中间件增强
- 敏感错误信息泄露修复
- 类型断言安全修复

											
										
										
											2025-12-02 17:40:39 +08:00
 									// 安全的类型断言
 									userID, ok := userIDValue.(int64)
 									if !ok {
 										c.JSON(http.StatusInternalServerError, model.NewErrorResponse(
 											model.CodeServerError,
 											"用户ID类型错误",
 											nil,
 										))
 										return 0, false
 									}
 									return userID, true
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+								}
 								// UserToUserInfo 将 User 模型转换为 UserInfo 响应
 								func UserToUserInfo(user *model.User) *types.UserInfo {
 									return &types.UserInfo{
 										ID:          user.ID,
 										Username:    user.Username,
 										Email:       user.Email,
 										Avatar:      user.Avatar,
 										Points:      user.Points,
 										Role:        user.Role,
 										Status:      user.Status,
 										LastLoginAt: user.LastLoginAt,
 										CreatedAt:   user.CreatedAt,
 										UpdatedAt:   user.UpdatedAt,
 									}
 								}
-												feat: Add public user information retrieval endpoint

- Introduced a new endpoint to fetch public user information without authentication.
- Implemented UserToPublicUserInfo function to format user data for the response.
- Updated UserService interface and user service implementation to support fetching users by username.
- Enhanced user handler to validate input parameters and check user status before responding.

											
										
										
											2026-01-10 03:52:35 +08:00
+								// UserToPublicUserInfo 将 User 模型转换为 PublicUserInfo 响应
 								func UserToPublicUserInfo(user *model.User) *types.PublicUserInfo {
 									return &types.PublicUserInfo{
 										ID:        user.ID,
 										Username:  user.Username,
 										Avatar:    user.Avatar,
 										Points:    user.Points,
 										Role:      user.Role,
 										Status:    user.Status,
 										CreatedAt: user.CreatedAt,
 									}
 								}
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+								// ProfileToProfileInfo 将 Profile 模型转换为 ProfileInfo 响应
 								func ProfileToProfileInfo(profile *model.Profile) *types.ProfileInfo {
 									return &types.ProfileInfo{
 										UUID:       profile.UUID,
 										UserID:     profile.UserID,
 										Name:       profile.Name,
 										SkinID:     profile.SkinID,
 										CapeID:     profile.CapeID,
 										LastUsedAt: profile.LastUsedAt,
 										CreatedAt:  profile.CreatedAt,
 										UpdatedAt:  profile.UpdatedAt,
 									}
 								}
 								// ProfilesToProfileInfos 批量转换 Profile 模型为 ProfileInfo 响应
 								func ProfilesToProfileInfos(profiles []*model.Profile) []*types.ProfileInfo {
 									result := make([]*types.ProfileInfo, 0, len(profiles))
 									for _, profile := range profiles {
 										result = append(result, ProfileToProfileInfo(profile))
 									}
 									return result
 								}
 								// TextureToTextureInfo 将 Texture 模型转换为 TextureInfo 响应
 								func TextureToTextureInfo(texture *model.Texture) *types.TextureInfo {
-												refactor: Enhance texture handling and configuration

- Removed Swagger documentation import from the main server file.
- Updated TextureInfo struct to include UploaderUsername for better texture metadata.
- Modified texture repository methods to preload Uploader information when fetching textures by hash.
- Improved texture service to handle cases where Uploader information is missing, ensuring proper caching and retrieval.
- Added Redis configuration options in the environment variable setup for better flexibility.

											
										
										
											2026-01-10 03:15:27 +08:00
+									uploaderUsername := ""
 									if texture.Uploader != nil {
 										uploaderUsername = texture.Uploader.Username
 									}
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+									return &types.TextureInfo{
-												refactor: Enhance texture handling and configuration

- Removed Swagger documentation import from the main server file.
- Updated TextureInfo struct to include UploaderUsername for better texture metadata.
- Modified texture repository methods to preload Uploader information when fetching textures by hash.
- Improved texture service to handle cases where Uploader information is missing, ensuring proper caching and retrieval.
- Added Redis configuration options in the environment variable setup for better flexibility.

											
										
										
											2026-01-10 03:15:27 +08:00
+										ID:               texture.ID,
 										UploaderID:       texture.UploaderID,
 										UploaderUsername: uploaderUsername,
 										Name:             texture.Name,
 										Description:      texture.Description,
 										Type:             types.TextureType(texture.Type),
 										URL:              texture.URL,
 										Hash:             texture.Hash,
 										Size:             texture.Size,
 										IsPublic:         texture.IsPublic,
 										DownloadCount:    texture.DownloadCount,
 										FavoriteCount:    texture.FavoriteCount,
 										IsSlim:           texture.IsSlim,
 										Status:           texture.Status,
 										CreatedAt:        texture.CreatedAt,
 										UpdatedAt:        texture.UpdatedAt,
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+									}
 								}
 								// TexturesToTextureInfos 批量转换 Texture 模型为 TextureInfo 响应
 								func TexturesToTextureInfos(textures []*model.Texture) []*types.TextureInfo {
 									result := make([]*types.TextureInfo, len(textures))
 									for i, texture := range textures {
 										result[i] = TextureToTextureInfo(texture)
 									}
 									return result
 								}
 								// RespondBadRequest 返回400错误响应
 								func RespondBadRequest(c *gin.Context, message string, err error) {
 									c.JSON(http.StatusBadRequest, model.NewErrorResponse(
 										model.CodeBadRequest,
 										message,
 										err,
 									))
 								}
 								// RespondUnauthorized 返回401错误响应
 								func RespondUnauthorized(c *gin.Context, message string) {
 									c.JSON(http.StatusUnauthorized, model.NewErrorResponse(
 										model.CodeUnauthorized,
 										message,
 										nil,
 									))
 								}
 								// RespondForbidden 返回403错误响应
 								func RespondForbidden(c *gin.Context, message string) {
 									c.JSON(http.StatusForbidden, model.NewErrorResponse(
 										model.CodeForbidden,
 										message,
 										nil,
 									))
 								}
 								// RespondNotFound 返回404错误响应
 								func RespondNotFound(c *gin.Context, message string) {
 									c.JSON(http.StatusNotFound, model.NewErrorResponse(
 										model.CodeNotFound,
 										message,
 										nil,
 									))
 								}
 								// RespondServerError 返回500错误响应
 								func RespondServerError(c *gin.Context, message string, err error) {
 									c.JSON(http.StatusInternalServerError, model.NewErrorResponse(
 										model.CodeServerError,
 										message,
 										err,
 									))
 								}
 								// RespondSuccess 返回成功响应
 								func RespondSuccess(c *gin.Context, data interface{}) {
 									c.JSON(http.StatusOK, model.NewSuccessResponse(data))
 								}
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
+								// RespondWithError 根据错误类型自动选择状态码
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+								func RespondWithError(c *gin.Context, err error) {
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
+									if err == nil {
 										return
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+									}
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
 									// 使用errors.Is检查预定义错误
-												完善服务端材质渲染（未测试），删除profile表中不必要的isActive字段及相关接口

											
										
										
											2025-12-07 20:51:20 +08:00
+									if errors.Is(err, errors.ErrUserNotFound) ||
 										errors.Is(err, errors.ErrProfileNotFound) ||
 										errors.Is(err, errors.ErrTextureNotFound) ||
 										errors.Is(err, errors.ErrNotFound) {
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
+										RespondNotFound(c, err.Error())
 										return
 									}
-												完善服务端材质渲染（未测试），删除profile表中不必要的isActive字段及相关接口

											
										
										
											2025-12-07 20:51:20 +08:00
+									if errors.Is(err, errors.ErrProfileNoPermission) ||
 										errors.Is(err, errors.ErrTextureNoPermission) ||
 										errors.Is(err, errors.ErrForbidden) {
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
+										RespondForbidden(c, err.Error())
 										return
 									}
-												完善服务端材质渲染（未测试），删除profile表中不必要的isActive字段及相关接口

											
										
										
											2025-12-07 20:51:20 +08:00
+									if errors.Is(err, errors.ErrUnauthorized) ||
 										errors.Is(err, errors.ErrInvalidToken) ||
 										errors.Is(err, errors.ErrTokenExpired) {
-												refactor: Update service and repository methods to use context

- Refactored multiple service and repository methods to accept context as a parameter, enhancing consistency and enabling better control over request lifecycles.
- Updated handlers to utilize context in method calls, improving error handling and performance.
- Cleaned up Dockerfile by removing unnecessary whitespace.

											
										
										
											2025-12-03 15:27:12 +08:00
+										RespondUnauthorized(c, err.Error())
 										return
 									}
 									// 检查AppError类型
 									var appErr *errors.AppError
 									if errors.As(err, &appErr) {
 										c.JSON(appErr.Code, model.NewErrorResponse(
 											appErr.Code,
 											appErr.Message,
 											appErr.Err,
 										))
 										return
 									}
 									// 默认返回500错误
 									RespondServerError(c, err.Error(), err)
-												feat: 添加种子数据初始化功能，重构多个处理程序以简化错误响应和用户验证

											
										
										
											2025-12-02 10:33:19 +08:00
+								}