web/service/user.go

package service

import (
	"errors"

	"github.com/mhsanaei/3x-ui/v2/database"
	"github.com/mhsanaei/3x-ui/v2/database/model"
	"github.com/mhsanaei/3x-ui/v2/logger"
	"github.com/mhsanaei/3x-ui/v2/util/crypto"

	"github.com/xlzd/gotp"
	"gorm.io/gorm"
)

type UserService struct {
	settingService SettingService
}

func (s *UserService) GetFirstUser() (*model.User, error) {
	db := database.GetDB()

	user := &model.User{}
	err := db.Model(model.User{}).
		First(user).
		Error
	if err != nil {
		return nil, err
	}
	return user, nil
}

func (s *UserService) CheckUser(username string, password string, twoFactorCode string) *model.User {
	db := database.GetDB()

	user := &model.User{}

	err := db.Model(model.User{}).
		Where("username = ?", username).
		First(user).
		Error
	if err == gorm.ErrRecordNotFound {
		return nil
	} else if err != nil {
		logger.Warning("check user err:", err)
		return nil
	}

	if !crypto.CheckPasswordHash(user.Password, password) {
		return nil
	}

	twoFactorEnable, err := s.settingService.GetTwoFactorEnable()
	if err != nil {
		logger.Warning("check two factor err:", err)
		return nil
	}

	if twoFactorEnable {
		twoFactorToken, err := s.settingService.GetTwoFactorToken()

		if err != nil {
			logger.Warning("check two factor token err:", err)
			return nil
		}

		if gotp.NewDefaultTOTP(twoFactorToken).Now() != twoFactorCode {
			return nil
		}
	}

	return user
}

func (s *UserService) UpdateUser(id int, username string, password string) error {
	db := database.GetDB()
	hashedPassword, err := crypto.HashPasswordAsBcrypt(password)

	if err != nil {
		return err
	}

	twoFactorEnable, err := s.settingService.GetTwoFactorEnable()
	if err != nil {
		return err
	}

	if twoFactorEnable {
		s.settingService.SetTwoFactorEnable(false)
		s.settingService.SetTwoFactorToken("")
	}

	return db.Model(model.User{}).
		Where("id = ?", id).
		Updates(map[string]any{"username": username, "password": hashedPassword}).
		Error
}

func (s *UserService) UpdateFirstUser(username string, password string) error {
	if username == "" {
		return errors.New("username can not be empty")
	} else if password == "" {
		return errors.New("password can not be empty")
	}
	hashedPassword, er := crypto.HashPasswordAsBcrypt(password)

	if er != nil {
		return er
	}

	db := database.GetDB()
	user := &model.User{}
	err := db.Model(model.User{}).First(user).Error
	if database.IsNotFound(err) {
		user.Username = username
		user.Password = hashedPassword
		return db.Model(model.User{}).Create(user).Error
	} else if err != nil {
		return err
	}
	user.Username = username
	user.Password = hashedPassword
	return db.Save(user).Error
}
3x-ui 2023-02-09 22:48:06 +03:30			`package service`

			`import (`
			`"errors"`
Some fixes and improvements (#1997 ) 2024-03-11 01:01:24 +03:30
go package correction v2 2025-09-19 10:05:43 +02:00			`"github.com/mhsanaei/3x-ui/v2/database"`
			`"github.com/mhsanaei/3x-ui/v2/database/model"`
			`"github.com/mhsanaei/3x-ui/v2/logger"`
			`"github.com/mhsanaei/3x-ui/v2/util/crypto"`
3x-ui 2023-02-09 22:48:06 +03:30
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`"github.com/xlzd/gotp"`
3x-ui 2023-02-09 22:48:06 +03:30			`"gorm.io/gorm"`
			`)`

chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`type UserService struct {`
			`settingService SettingService`
			`}`
3x-ui 2023-02-09 22:48:06 +03:30
			`func (s UserService) GetFirstUser() (model.User, error) {`
			`db := database.GetDB()`

			`user := &model.User{}`
			`err := db.Model(model.User{}).`
			`First(user).`
			`Error`
			`if err != nil {`
			`return nil, err`
			`}`
			`return user, nil`
			`}`

chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`func (s UserService) CheckUser(username string, password string, twoFactorCode string) model.User {`
3x-ui 2023-02-09 22:48:06 +03:30			`db := database.GetDB()`

			`user := &model.User{}`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00
3x-ui 2023-02-09 22:48:06 +03:30			`err := db.Model(model.User{}).`
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`Where("username = ?", username).`
3x-ui 2023-02-09 22:48:06 +03:30			`First(user).`
			`Error`
			`if err == gorm.ErrRecordNotFound {`
			`return nil`
			`} else if err != nil {`
			`logger.Warning("check user err:", err)`
			`return nil`
			`}`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`if !crypto.CheckPasswordHash(user.Password, password) {`
			`return nil`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00			`}`

chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`twoFactorEnable, err := s.settingService.GetTwoFactorEnable()`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00			`if err != nil {`
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`logger.Warning("check two factor err:", err)`
			`return nil`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00			`}`

chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`if twoFactorEnable {`
			`twoFactorToken, err := s.settingService.GetTwoFactorToken()`
3x-ui 2023-02-09 22:48:06 +03:30
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`if err != nil {`
			`logger.Warning("check two factor token err:", err)`
			`return nil`
			`}`
secret token thanks to @HarlyquinForest 2023-04-21 19:00:14 +03:30
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`if gotp.NewDefaultTOTP(twoFactorToken).Now() != twoFactorCode {`
			`return nil`
			`}`
secret token thanks to @HarlyquinForest 2023-04-21 19:00:14 +03:30			`}`
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00
secret token thanks to @HarlyquinForest 2023-04-21 19:00:14 +03:30			`return user`
			`}`

chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`func (s *UserService) UpdateUser(id int, username string, password string) error {`
bug fix - remove secret 2024-03-12 20:45:44 +03:30			`db := database.GetDB()`
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`hashedPassword, err := crypto.HashPasswordAsBcrypt(password)`
bug fix - remove secret 2024-03-12 20:45:44 +03:30
			`if err != nil {`
chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`return err`
bug fix - remove secret 2024-03-12 20:45:44 +03:30			`}`

chore: reset two-factor authentication after changing admin credentials (#3029 ) 2025-07-02 16:25:25 +07:00			`twoFactorEnable, err := s.settingService.GetTwoFactorEnable()`
			`if err != nil {`
			`return err`
			`}`

			`if twoFactorEnable {`
			`s.settingService.SetTwoFactorEnable(false)`
			`s.settingService.SetTwoFactorToken("")`
			`}`

chore: implement 2fa auth (#2968 ) 2025-05-08 21:20:58 +07:00			`return db.Model(model.User{}).`
			`Where("id = ?", id).`
			`Updates(map[string]any{"username": username, "password": hashedPassword}).`
			`Error`
bug fix - remove secret 2024-03-12 20:45:44 +03:30			`}`

3x-ui 2023-02-09 22:48:06 +03:30			`func (s *UserService) UpdateFirstUser(username string, password string) error {`
			`if username == "" {`
			`return errors.New("username can not be empty")`
			`} else if password == "" {`
			`return errors.New("password can not be empty")`
			`}`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00			`hashedPassword, er := crypto.HashPasswordAsBcrypt(password)`

			`if er != nil {`
			`return er`
			`}`

3x-ui 2023-02-09 22:48:06 +03:30			`db := database.GetDB()`
			`user := &model.User{}`
			`err := db.Model(model.User{}).First(user).Error`
			`if database.IsNotFound(err) {`
			`user.Username = username`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00			`user.Password = hashedPassword`
3x-ui 2023-02-09 22:48:06 +03:30			`return db.Model(model.User{}).Create(user).Error`
			`} else if err != nil {`
			`return err`
			`}`
			`user.Username = username`
feat: hashing user passwords 2025-05-03 12:27:53 +03:00			`user.Password = hashedPassword`
3x-ui 2023-02-09 22:48:06 +03:30			`return db.Save(user).Error`
			`}`