feat(auth): add Casbin RBAC and user activity tracking

Integrate Casbin for role-based access control with admin routes for role management. Add user activity logging service to track login and refresh events. Refactor audit service to use AI-based content moderation.
This commit is contained in:
2026-03-14 02:09:38 +08:00
parent c561a0bb0c
commit ae5b997924
27 changed files with 2197 additions and 691 deletions

View File

@@ -141,6 +141,15 @@ func autoMigrate(db *gorm.DB) error {
// 课表
&ScheduleCourse{},
// 用户活跃相关
&UserActiveLog{},
&UserActivityStat{},
// 角色和权限相关
&Role{},
&UserRole{},
&CasbinRule{},
)
if err != nil {
return err

57
internal/model/role.go Normal file
View File

@@ -0,0 +1,57 @@
package model
import "time"
// Role 角色定义
type Role struct {
ID uint `gorm:"primaryKey" json:"id"`
Name string `gorm:"uniqueIndex;size:64;not null" json:"name"`
DisplayName string `gorm:"size:128;not null" json:"display_name"`
Description string `json:"description"`
ParentRole *string `gorm:"size:64" json:"parent_role"`
Priority int `gorm:"default:0" json:"priority"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
func (Role) TableName() string {
return "roles"
}
// UserRole 用户角色关联
type UserRole struct {
ID uint `gorm:"primaryKey" json:"id"`
UserID string `gorm:"index;size:64;not null" json:"user_id"`
Role string `gorm:"index;size:64;not null" json:"role"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}
func (UserRole) TableName() string {
return "user_roles"
}
// CasbinRule Casbin 策略规则 (对应 casbin_rule 表)
type CasbinRule struct {
ID uint `gorm:"primaryKey;autoIncrement"`
Ptype string `gorm:"size:255;not null;index"`
V0 string `gorm:"size:255;not null;index"`
V1 string `gorm:"size:255;not null;index"`
V2 string `gorm:"size:255;default:''"`
V3 string `gorm:"size:255;default:''"`
V4 string `gorm:"size:255;default:''"`
V5 string `gorm:"size:255;default:''"`
}
func (CasbinRule) TableName() string {
return "casbin_rule"
}
// 预定义角色常量
const (
RoleSuperAdmin = "super_admin"
RoleAdmin = "admin"
RoleModerator = "moderator"
RoleUser = "user"
RoleBanned = "banned"
)

View File

@@ -0,0 +1,49 @@
package model
import (
"time"
)
// 登录类型常量
const (
LoginTypeLogin = "login" // 登录
LoginTypeRefresh = "refresh" // 刷新Token
)
// UserActiveLog 用户活跃日志
type UserActiveLog struct {
ID uint `gorm:"primaryKey;autoIncrement" json:"id"`
UserID string `gorm:"type:varchar(36);not null;index:idx_user_date,priority:1;index" json:"user_id"` // 用户ID (UUID)
ActiveDate time.Time `gorm:"type:date;not null;index:idx_user_date,priority:2;index" json:"active_date"` // 活跃日期
LoginType string `gorm:"type:varchar(20);not null" json:"login_type"` // 登录类型: login/refresh
LoginIP string `gorm:"type:varchar(45)" json:"login_ip"` // 登录IP
UserAgent string `gorm:"type:varchar(500)" json:"user_agent"` // 用户代理
CreatedAt time.Time `gorm:"autoCreateTime" json:"created_at"`
// 关联
User User `gorm:"foreignKey:UserID" json:"user,omitempty"`
}
// TableName 指定表名
func (UserActiveLog) TableName() string {
return "user_active_logs"
}
// UserActivityStat 用户活跃统计快照
type UserActivityStat struct {
ID uint `gorm:"primaryKey;autoIncrement" json:"id"`
StatType string `gorm:"type:varchar(10);not null;uniqueIndex:idx_type_date" json:"stat_type"` // dau/wau/mau
StatDate time.Time `gorm:"type:date;not null;uniqueIndex:idx_type_date" json:"stat_date"` // 统计日期
ActiveCount int64 `gorm:"not null" json:"active_count"` // 活跃用户数
NewCount int64 `gorm:"default:0" json:"new_count"` // 新增用户数
Retention1 float64 `gorm:"type:decimal(5,2)" json:"retention_1"` // 次日留存率
Retention7 float64 `gorm:"type:decimal(5,2)" json:"retention_7"` // 7日留存率
Retention30 float64 `gorm:"type:decimal(5,2)" json:"retention_30"` // 30日留存率
CreatedAt time.Time `gorm:"autoCreateTime" json:"created_at"`
UpdatedAt time.Time `gorm:"autoUpdateTime" json:"updated_at"`
}
// TableName 指定表名
func (UserActivityStat) TableName() string {
return "user_activity_stats"
}