feat(admin): add super admin initialization endpoint
Add POST /api/v1/admin/setup-super-admin endpoint to initialize the first super admin. The endpoint can only be used once - after a super admin exists, subsequent requests are rejected. Requires valid setup_secret configured via APP_SETUP_SECRET environment variable or setup_secret in config file.
This commit is contained in:
@@ -42,6 +42,7 @@ type Router struct {
|
||||
verificationHandler *handler.VerificationHandler
|
||||
adminVerificationHandler *handler.AdminVerificationHandler
|
||||
adminProfileAuditHandler *handler.AdminProfileAuditHandler
|
||||
setupHandler *handler.SetupHandler
|
||||
wsHandler *handler.WSHandler
|
||||
logService *service.LogService
|
||||
jwtService *service.JWTService
|
||||
@@ -80,6 +81,7 @@ func New(
|
||||
verificationHandler *handler.VerificationHandler,
|
||||
adminVerificationHandler *handler.AdminVerificationHandler,
|
||||
adminProfileAuditHandler *handler.AdminProfileAuditHandler,
|
||||
setupHandler *handler.SetupHandler,
|
||||
logService *service.LogService,
|
||||
activityService service.UserActivityService,
|
||||
casbinService service.CasbinService,
|
||||
@@ -121,6 +123,7 @@ func New(
|
||||
verificationHandler: verificationHandler,
|
||||
adminVerificationHandler: adminVerificationHandler,
|
||||
adminProfileAuditHandler: adminProfileAuditHandler,
|
||||
setupHandler: setupHandler,
|
||||
logService: logService,
|
||||
jwtService: jwtService,
|
||||
casbinService: casbinService,
|
||||
@@ -157,6 +160,11 @@ func (r *Router) setupRoutes() {
|
||||
auth.POST("/refresh", r.userHandler.RefreshToken)
|
||||
}
|
||||
|
||||
// 初始化超级管理员(公开接口,只能使用一次)
|
||||
if r.setupHandler != nil {
|
||||
v1.POST("/admin/setup-super-admin", r.setupHandler.SetupSuperAdmin)
|
||||
}
|
||||
|
||||
// 需要认证的路由
|
||||
authMiddleware := middleware.Auth(r.jwtService)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user