新增后台用户管理

2024-09-30 11:38:48 +08:00 · 2024-09-30 11:38:48 +08:00 · 931ec52cc4
commit 931ec52cc4
parent 5ca1dd98d8
9 changed files with 903 additions and 0 deletions
--- a/api/controller/Base.go
+++ b/api/controller/Base.go
@ -6,6 +6,7 @@ type Api struct {
 	OrderMember   // 会员订单
 	OrderSingle   // 单项订单
 	User          // 用户
+	AdminUser     // 后台用户
 	Coupon        // 系统优惠卷
 	UserCoupon    // 用户优惠卷
 	BaseClass     // 基础数据-分类
--- a/api/controller/adminUser.go
+++ b/api/controller/adminUser.go
@ -0,0 +1,684 @@
+package controller
+
+import (
+	"crypto/md5"
+	"encoding/hex"
+	"github.com/gin-gonic/gin"
+	"github.com/google/uuid"
+	"hepa-calc-admin-api/api/dao"
+	"hepa-calc-admin-api/api/dto"
+	"hepa-calc-admin-api/api/model"
+	"hepa-calc-admin-api/api/requests"
+	"hepa-calc-admin-api/api/responses"
+	"hepa-calc-admin-api/global"
+	"hepa-calc-admin-api/utils"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+)
+
+type AdminUser struct{}
+
+// GetAdminUserPage 获取列表-分页
+func (r *AdminUser) GetAdminUserPage(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.GetAdminUserPage
+	if err := c.ShouldBind(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	if req.Page == 0 {
+		req.Page = 1
+	}
+
+	if req.PageSize == 0 {
+		req.PageSize = 20
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	adminUser, total, err := adminUserDao.GetAdminUserPageSearch(req, req.Page, req.PageSize)
+	if err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 处理返回值
+	g := dto.GetAdminUserListDto(adminUser)
+
+	result := make(map[string]interface{})
+	result["page"] = req.Page
+	result["page_size"] = req.PageSize
+	result["total"] = total
+	result["data"] = g
+	responses.OkWithData(result, c)
+}
+
+// AddAdminUser 新增
+func (r *AdminUser) AddAdminUser(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.AddAdminUser
+	if err := c.ShouldBindJSON(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	// 获取当前登陆用户数据
+	loginUserId := c.GetInt64("UserId")
+	if loginUserId == 0 {
+		responses.FailWithMessage("数据错误", c)
+		return
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	loginAdminUser, err := adminUserDao.GetAdminUserById(loginUserId)
+	if err != nil && loginAdminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if loginAdminUser.IsAdmin == 0 {
+		responses.FailWithMessage("非管理员用户不可添加", c)
+		return
+	}
+
+	// 开始事务
+	tx := global.Db.Begin()
+	defer func() {
+		if r := recover(); r != nil {
+			tx.Rollback()
+		}
+	}()
+
+	// 检测账号名
+	maps := make(map[string]interface{})
+	maps["access"] = req.Access
+	maps["is_deleted"] = 0
+	adminUser, _ := adminUserDao.GetAdminUser(maps)
+	if adminUser != nil {
+		tx.Rollback()
+		responses.FailWithMessage("账号名重复", c)
+		return
+	}
+
+	// 检测手机号
+	maps = make(map[string]interface{})
+	maps["phone"] = req.Phone
+	maps["is_deleted"] = 0
+	adminUser, _ = adminUserDao.GetAdminUser(maps)
+	if adminUser != nil {
+		tx.Rollback()
+		responses.FailWithMessage("手机号重复", c)
+		return
+	}
+
+	// 处理密码
+	salt := uuid.New().String()
+	password := md5.Sum([]byte(req.Password + salt))
+	// 将哈希值转换为16进制字符串
+	passwordString := hex.EncodeToString(password[:])
+
+	// 新增用户
+	AdminUserModel := &model.AdminUser{
+		Access:     req.Access,
+		Password:   passwordString,
+		Salt:       salt,
+		NickName:   req.NickName,
+		IsAdmin:    req.IsAdmin,
+		Status:     *req.Status,
+		IsDeleted:  *req.IsDeleted,
+		IsDisabled: *req.IsDisabled,
+		Phone:      req.Phone,
+		Avatar:     utils.RemoveOssDomain(req.Avatar),
+		Sex:        req.Sex,
+		Email:      req.Email,
+	}
+
+	adminUser, err = adminUserDao.AddAdminUser(tx, AdminUserModel)
+	if err != nil {
+		tx.Rollback()
+		responses.FailWithMessage("新增失败", c)
+		return
+	}
+
+	tx.Commit()
+	responses.Ok(c)
+}
+
+// PutAdminUser 修改用户
+func (r *AdminUser) PutAdminUser(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.PutAdminUser
+	if err := c.ShouldBind(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	id := c.Param("user_id")
+	if id == "" {
+		responses.FailWithMessage("缺少参数", c)
+		return
+	}
+
+	// 将 id 转换为 int64 类型
+	userId, err := strconv.ParseInt(id, 10, 64)
+	if err != nil {
+		responses.Fail(c)
+		return
+	}
+
+	// 获取当前登陆用户数据
+	loginUserId := c.GetInt64("UserId")
+	if loginUserId == 0 {
+		responses.FailWithMessage("数据错误", c)
+		return
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	loginAdminUser, err := adminUserDao.GetAdminUserById(loginUserId)
+	if err != nil && loginAdminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if loginUserId == userId && req.IsDisabled == 1 {
+		responses.FailWithMessage("不可把自己置为禁用", c)
+		return
+	}
+
+	if loginUserId == userId && req.IsDeleted == 1 {
+		responses.FailWithMessage("不可把自己置为删除", c)
+		return
+	}
+
+	if loginUserId != userId && loginAdminUser.IsAdmin != 1 {
+		responses.FailWithMessage("非管理员用户只可修改自己数据", c)
+		return
+	}
+
+	// 获取需修改用户数据
+	adminUser, err := adminUserDao.GetAdminUserById(userId)
+	if err != nil && adminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if req.Access != adminUser.Access {
+		// 检测账号名
+		maps := make(map[string]interface{})
+		maps["access"] = req.Access
+		maps["is_deleted"] = 0
+		adminUser, _ = adminUserDao.GetAdminUser(maps)
+		if adminUser != nil {
+			responses.FailWithMessage("账号名重复", c)
+			return
+		}
+
+	}
+
+	if req.Phone != adminUser.Phone {
+		// 检测手机号
+		maps := make(map[string]interface{})
+		maps["phone"] = req.Phone
+		maps["is_deleted"] = 0
+		adminUser, _ = adminUserDao.GetAdminUser(maps)
+		if adminUser != nil {
+			responses.FailWithMessage("手机号重复", c)
+			return
+		}
+	}
+
+	// 开始事务
+	tx := global.Db.Begin()
+	defer func() {
+		if r := recover(); r != nil {
+			tx.Rollback()
+		}
+	}()
+
+	data := make(map[string]interface{})
+	data["access"] = req.Access
+	data["is_deleted"] = req.IsDeleted
+	data["is_disabled"] = req.IsDisabled
+	data["nick_name"] = req.NickName
+	data["is_admin"] = req.IsAdmin
+	data["phone"] = req.Phone
+	data["avatar"] = req.Avatar
+	data["sex"] = req.Sex
+	data["email"] = req.Email
+	err = adminUserDao.EditAdminUserById(tx, userId, data)
+	if err != nil {
+		tx.Rollback()
+		responses.FailWithMessage("修改失败", c)
+		return
+	}
+
+	tx.Commit()
+
+	responses.Ok(c)
+}
+
+// PutAdminUserStatus 修改状态
+func (r *AdminUser) PutAdminUserStatus(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.PutAdminUserStatus
+	if err := c.ShouldBind(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	id := c.Param("user_id")
+	if id == "" {
+		responses.FailWithMessage("缺少参数", c)
+		return
+	}
+
+	// 将 id 转换为 int64 类型
+	userId, err := strconv.ParseInt(id, 10, 64)
+	if err != nil {
+		responses.Fail(c)
+		return
+	}
+
+	// 获取当前登陆用户数据
+	loginUserId := c.GetInt64("UserId")
+	if loginUserId == 0 {
+		responses.FailWithMessage("数据错误", c)
+		return
+	}
+
+	if loginUserId == userId {
+		responses.FailWithMessage("非法操作，请勿修改自己", c)
+		return
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	loginAdminUser, err := adminUserDao.GetAdminUserById(loginUserId)
+	if err != nil && loginAdminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if loginAdminUser.IsAdmin != 1 {
+		responses.FailWithMessage("非管理员用户不可操作", c)
+		return
+	}
+
+	// 获取需修改用户数据
+	adminUser, err := adminUserDao.GetAdminUserById(userId)
+	if err != nil && adminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if adminUser.Status == req.Status {
+		responses.Ok(c)
+		return
+	}
+
+	// 开始事务
+	tx := global.Db.Begin()
+	defer func() {
+		if r := recover(); r != nil {
+			tx.Rollback()
+		}
+	}()
+
+	data := make(map[string]interface{})
+	data["status"] = req.Status
+	err = adminUserDao.EditAdminUserById(tx, userId, data)
+	if err != nil {
+		tx.Rollback()
+		responses.FailWithMessage("修改失败", c)
+		return
+	}
+
+	tx.Commit()
+
+	responses.Ok(c)
+}
+
+// PutAdminUserDisabled 修改禁用状态
+func (r *AdminUser) PutAdminUserDisabled(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.PutAdminUserDisabled
+	if err := c.ShouldBind(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	id := c.Param("user_id")
+	if id == "" {
+		responses.FailWithMessage("缺少参数", c)
+		return
+	}
+
+	// 将 id 转换为 int64 类型
+	userId, err := strconv.ParseInt(id, 10, 64)
+	if err != nil {
+		responses.Fail(c)
+		return
+	}
+
+	// 获取当前登陆用户数据
+	loginUserId := c.GetInt64("UserId")
+	if loginUserId == 0 {
+		responses.FailWithMessage("数据错误", c)
+		return
+	}
+
+	if loginUserId == userId {
+		responses.FailWithMessage("非法操作，请勿修改自己", c)
+		return
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	loginAdminUser, err := adminUserDao.GetAdminUserById(loginUserId)
+	if err != nil && loginAdminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if loginAdminUser.IsAdmin != 1 {
+		responses.FailWithMessage("非管理员用户不可操作", c)
+		return
+	}
+
+	// 获取需修改用户数据
+	adminUser, err := adminUserDao.GetAdminUserById(userId)
+	if err != nil && adminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if adminUser.IsDisabled == req.IsDisabled {
+		responses.Ok(c)
+		return
+	}
+
+	// 开始事务
+	tx := global.Db.Begin()
+	defer func() {
+		if r := recover(); r != nil {
+			tx.Rollback()
+		}
+	}()
+
+	data := make(map[string]interface{})
+	data["is_disabled"] = req.IsDisabled
+	err = adminUserDao.EditAdminUserById(tx, userId, data)
+	if err != nil {
+		tx.Rollback()
+		responses.FailWithMessage("修改失败", c)
+		return
+	}
+
+	tx.Commit()
+
+	responses.Ok(c)
+}
+
+// PutAdminUserPassword 修改用户密码
+func (r *AdminUser) PutAdminUserPassword(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.PutAdminUserPassword
+	if err := c.ShouldBind(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	// 获取当前登陆用户数据
+	loginUserId := c.GetInt64("UserId")
+	if loginUserId == 0 {
+		responses.FailWithMessage("数据错误", c)
+		return
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	loginAdminUser, err := adminUserDao.GetAdminUserById(loginUserId)
+	if err != nil && loginAdminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if loginAdminUser.IsAdmin != 1 {
+		responses.FailWithMessage("非管理员用户只可修改自己数据", c)
+		return
+	}
+
+	// 获取需修改用户数据
+	userId, err := strconv.ParseInt(req.UserId, 10, 64)
+	if err != nil {
+		responses.Fail(c)
+		return
+	}
+
+	adminUser, err := adminUserDao.GetAdminUserById(userId)
+	if err != nil || adminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	// 加密旧密码
+	newPassword := md5.Sum([]byte(req.NewPassword + adminUser.Salt))
+	// 将哈希值转换为16进制字符串
+	newPasswordString := hex.EncodeToString(newPassword[:])
+
+	// 检测密码是否相同
+	if adminUser.Password == newPasswordString {
+		responses.FailWithMessage("新密码请不要和原密码相同", c)
+		return
+	}
+
+	// 检测旧密码是否正确
+	// 检测用户密码
+	password := md5.Sum([]byte(req.Password + adminUser.Salt))
+	// 将哈希值转换为16进制字符串
+	passwordString := hex.EncodeToString(password[:])
+
+	if passwordString != adminUser.Password {
+		responses.FailWithMessage("原密码错误，请重新输入", c)
+		return
+	}
+
+	// 密码校验
+	if len(req.NewPassword) < 8 {
+		responses.FailWithMessage("密码小于8位数", c)
+		return
+	}
+
+	num := `[0-9]{1}`
+	a_z := `[a-z]{1}`
+	A_Z := `[A-Z]{1}`
+	symbol := `[!@#.~$%^&*()+|_]{1}`
+	if b, err := regexp.MatchString(num, req.NewPassword); !b || err != nil {
+		responses.FailWithMessage("密码强度必须为字⺟⼤⼩写+数字+符号", c)
+		return
+	}
+	if b, err := regexp.MatchString(a_z, req.NewPassword); !b || err != nil {
+		responses.FailWithMessage("密码强度必须为字⺟⼤⼩写+数字+符号", c)
+		return
+	}
+	if b, err := regexp.MatchString(A_Z, req.NewPassword); !b || err != nil {
+		responses.FailWithMessage("密码强度必须为字⺟⼤⼩写+数字+符号", c)
+		return
+	}
+	if b, err := regexp.MatchString(symbol, req.NewPassword); !b || err != nil {
+		responses.FailWithMessage("密码强度必须为字⺟⼤⼩写+数字+符号", c)
+		return
+	}
+
+	// 开始事务
+	tx := global.Db.Begin()
+	defer func() {
+		if r := recover(); r != nil {
+			tx.Rollback()
+		}
+	}()
+
+	data := make(map[string]interface{})
+	data["password"] = newPasswordString
+	err = adminUserDao.EditAdminUserById(tx, userId, data)
+	if err != nil {
+		tx.Rollback()
+		responses.FailWithMessage("修改失败", c)
+		return
+	}
+
+	tx.Commit()
+
+	responses.Ok(c)
+}
+
+// LoginOut 退出登陆
+func (b *AdminUser) LoginOut(c *gin.Context) {
+	userId := c.GetInt64("UserId")
+	if userId == 0 {
+		responses.FailWithMessage("用户错误", c)
+		return
+	}
+
+	// 获取用户信息
+	adminUserDao := dao.AdminUserDao{}
+	adminUser, err := adminUserDao.GetAdminUserById(userId)
+	if err != nil || adminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	// token加入黑名单
+	authorization := c.Request.Header.Get("Authorization")
+	if authorization == "" || !strings.HasPrefix(authorization, "Bearer ") {
+		responses.FailWithMessage("退出登陆失败", c)
+		return
+	}
+
+	// 去除Bearer
+	authorization = authorization[7:] // 截取字符
+
+	// 增加缓存
+	_, err = global.Redis.Set(c, "jwt_black_"+authorization, time.Now().Unix(), 60*time.Second).Result()
+	if err != nil {
+		responses.FailWithMessage("退出登陆失败", c)
+		return
+	}
+
+	responses.Ok(c)
+}
+
+// DeleteAdminUser 删除用户-批量
+func (r *AdminUser) DeleteAdminUser(c *gin.Context) {
+	adminUserRequest := requests.AdminUserRequest{}
+	req := adminUserRequest.DeleteAdminUser
+	if err := c.ShouldBindJSON(&req); err != nil {
+		responses.FailWithMessage(err.Error(), c)
+		return
+	}
+
+	// 参数验证
+	if err := global.Validate.Struct(req); err != nil {
+		responses.FailWithMessage(utils.Translate(err), c)
+		return
+	}
+
+	// 获取当前登陆用户数据
+	loginUserId := c.GetInt64("UserId")
+	if loginUserId == 0 {
+		responses.FailWithMessage("数据错误", c)
+		return
+	}
+
+	adminUserDao := dao.AdminUserDao{}
+	loginAdminUser, err := adminUserDao.GetAdminUserById(loginUserId)
+	if err != nil && loginAdminUser == nil {
+		responses.FailWithMessage("用户数据错误", c)
+		return
+	}
+
+	if loginAdminUser.IsAdmin != 1 {
+		responses.FailWithMessage("非管理员用户不可操作", c)
+		return
+	}
+
+	// 开始事务
+	tx := global.Db.Begin()
+	defer func() {
+		if r := recover(); r != nil {
+			tx.Rollback()
+		}
+	}()
+
+	for _, id := range req.UserIds {
+		userId, err := strconv.ParseInt(id, 10, 64)
+		if err != nil {
+			tx.Rollback()
+			responses.Fail(c)
+			return
+		}
+
+		if userId == loginUserId {
+			tx.Rollback()
+			responses.FailWithMessage("不可把自己删除", c)
+			return
+		}
+
+		// 检测删除用户
+		adminUser, err := adminUserDao.GetAdminUserById(userId)
+		if err != nil || adminUser == nil {
+			tx.Rollback()
+			responses.FailWithMessage("删除失败", c)
+			return
+		}
+
+		// 删除用户
+		data := make(map[string]interface{})
+		data["is_deleted"] = 1
+		err = adminUserDao.EditAdminUserById(tx, userId, data)
+		if err != nil {
+			tx.Rollback()
+			responses.FailWithMessage("修改失败", c)
+			return
+		}
+	}
+
+	tx.Commit()
+
+	responses.Ok(c)
+}
--- a/api/dao/AdminUser.go
+++ b/api/dao/AdminUser.go
@ -4,6 +4,7 @@ import (
 	"gorm.io/gorm"
 	"gorm.io/gorm/clause"
 	"hepa-calc-admin-api/api/model"
+	"hepa-calc-admin-api/api/requests"
 	"hepa-calc-admin-api/global"
 )

@ -106,3 +107,55 @@ func (r *AdminUserDao) GetAdminUser(maps interface{}) (m *model.AdminUser, err e
 	}
 	return m, nil
 }
+
+// GetAdminUserPageSearch 获取列表-分页
+func (r *AdminUserDao) GetAdminUserPageSearch(req requests.GetAdminUserPage, page, pageSize int) (m []*model.AdminUser, total int64, err error) {
+	var totalRecords int64
+
+	// 构建查询条件
+	query := global.Db.Model(&model.AdminUser{})
+
+	// 账号
+	if req.Access != "" {
+		query = query.Where("access LIKE ?", "%"+req.Access+"%")
+	}
+
+	// 昵称
+	if req.NickName != "" {
+		query = query.Where("nick_name LIKE ?", "%"+req.NickName+"%")
+	}
+
+	// 状态
+	if req.Status != nil {
+		query = query.Where("status = ?", req.Status)
+	}
+
+	// 是否被删除
+	if req.IsDeleted != nil {
+		query = query.Where("is_deleted = ?", req.IsDeleted)
+	}
+
+	// 是否被禁用
+	if req.IsDisabled != nil {
+		query = query.Where("is_disabled = ?", req.IsDisabled)
+	}
+
+	// 手机号
+	if req.Phone != "" {
+		query = query.Where("phone LIKE ?", "%"+req.Phone+"%")
+	}
+
+	// 排序
+	query = query.Order("created_at desc")
+
+	// 查询总数量
+	if err := query.Count(&totalRecords).Error; err != nil {
+		return nil, 0, err
+	}
+
+	err = query.Scopes(model.Paginate(page, pageSize)).Find(&m).Error
+	if err != nil {
+		return nil, 0, err
+	}
+	return m, totalRecords, nil
+}
--- a/api/dto/AdminUser.go
+++ b/api/dto/AdminUser.go
@ -0,0 +1,58 @@
+package dto
+
+import (
+	"fmt"
+	"hepa-calc-admin-api/api/model"
+	"hepa-calc-admin-api/utils"
+)
+
+// AdminUserDto 后台-用户表
+type AdminUserDto struct {
+	UserId     string          `json:"user_id"`     // 主键id
+	Access     string          `json:"access"`      // 账号
+	Password   string          `json:"password"`    // 密码
+	Salt       string          `json:"salt"`        // 密码掩码
+	NickName   string          `json:"nick_name"`   // 昵称
+	IsAdmin    int             `json:"is_admin"`    // 是否管理员（0:否 1:是）
+	Status     int             `json:"status"`      // 状态（1:正常 2:审核中 3:审核失败）
+	IsDeleted  int             `json:"is_deleted"`  // 是否被删除（0:否 1:是）
+	IsDisabled int             `json:"is_disabled"` // 是否被禁用（0:否 1:是）
+	Phone      string          `json:"phone"`       // 手机号
+	Avatar     string          `json:"avatar"`      // 头像
+	Sex        int             `json:"sex"`         // 性别（1:男 2:女）
+	Email      string          `json:"email"`       // 邮箱
+	CreatedAt  model.LocalTime `json:"created_at"`  // 创建时间
+	UpdatedAt  model.LocalTime `json:"updated_at"`  // 修改时间
+	Token      string          `json:"token"`       // token
+}
+
+// GetAdminUserListDto 列表
+func GetAdminUserListDto(m []*model.AdminUser) []*AdminUserDto {
+	// 处理返回值
+	responses := make([]*AdminUserDto, len(m))
+
+	if len(m) > 0 {
+		for i, v := range m {
+			response := &AdminUserDto{
+				UserId:     fmt.Sprintf("%d", v.UserId),
+				Access:     v.Access,
+				NickName:   v.NickName,
+				IsAdmin:    v.IsAdmin,
+				Status:     v.Status,
+				IsDeleted:  v.IsDeleted,
+				IsDisabled: v.IsDisabled,
+				Phone:      v.Phone,
+				Avatar:     utils.AddOssDomain(v.Avatar),
+				Sex:        v.Sex,
+				Email:      v.Email,
+				CreatedAt:  v.CreatedAt,
+				UpdatedAt:  v.UpdatedAt,
+			}
+
+			// 将转换后的结构体添加到新切片中
+			responses[i] = response
+		}
+	}
+
+	return responses
+}
--- a/api/model/AdminUser.go
+++ b/api/model/AdminUser.go
@ -13,6 +13,7 @@ type AdminUser struct {
 	Password   string `gorm:"column:password;type:varchar(128);comment:密码;NOT NULL" json:"password"`
 	Salt       string `gorm:"column:salt;type:varchar(255);comment:密码掩码;NOT NULL" json:"salt"`
 	NickName   string `gorm:"column:nick_name;type:varchar(255);comment:昵称" json:"nick_name"`
+	IsAdmin    int    `gorm:"column:is_admin;type:tinyint(1);default:0;comment:是否管理员（0:否 1:是）" json:"is_admin"`
 	Status     int    `gorm:"column:status;type:tinyint(1);default:2;comment:状态（1:正常 2:审核中 3:审核失败）" json:"status"`
 	IsDeleted  int    `gorm:"column:is_deleted;type:tinyint(1);default:0;comment:是否被删除（0:否 1:是）" json:"is_deleted"`
 	IsDisabled int    `gorm:"column:is_disabled;type:tinyint(1);default:0;comment:是否被禁用（0:否 1:是）" json:"is_disabled"`
--- a/api/requests/AdminUser.go
+++ b/api/requests/AdminUser.go
@ -0,0 +1,74 @@
+package requests
+
+type AdminUserRequest struct {
+	GetAdminUserPage     // 获取列表-分页
+	AddAdminUser         // 新增
+	PutAdminUser         // 修改
+	PutAdminUserStatus   // 修改状态
+	PutAdminUserDisabled // 修改禁用状态
+	PutAdminUserPassword // 修改用户密码
+	DeleteAdminUser      // 删除用户-批量
+}
+
+// GetAdminUserPage 获取列表-分页
+type GetAdminUserPage struct {
+	Access     string `json:"access" form:"access" label:"账号"`
+	NickName   string `json:"nick_name" form:"nick_name" label:"昵称"`
+	IsAdmin    int    `json:"is_admin" form:"is_admin" label:"是否管理员"`       // 是否管理员（0:否 1:是）
+	Status     *int   `json:"status" form:"status" label:"状态"`              // 状态（1:正常 2:审核中 3:审核失败）
+	IsDeleted  *int   `json:"is_deleted" form:"is_deleted" label:"是否被删除"`   // 是否被删除（0:否 1:是）
+	IsDisabled *int   `json:"is_disabled" form:"is_disabled" label:"是否被禁用"` // 是否被禁用（0:否 1:是）
+	Phone      string `json:"phone" form:"phone" label:"手机号"`
+	Page       int    `json:"page" form:"page" label:"页码"`
+	PageSize   int    `json:"page_size" form:"page_size" label:"每页个数"`
+}
+
+// AddAdminUser 新增
+type AddAdminUser struct {
+	Access     string `json:"access" form:"access" label:"账号"`
+	Password   string `json:"password" form:"password" label:"密码"`
+	NickName   string `json:"nick_name" form:"nick_name" label:"昵称"`
+	IsAdmin    int    `json:"is_admin" form:"is_admin" label:"是否管理员"`       // 是否管理员（0:否 1:是）
+	Status     *int   `json:"status" form:"status" label:"状态"`              // 状态（1:正常 2:审核中 3:审核失败）
+	IsDeleted  *int   `json:"is_deleted" form:"is_deleted" label:"是否被删除"`   // 是否被删除（0:否 1:是）
+	IsDisabled *int   `json:"is_disabled" form:"is_disabled" label:"是否被禁用"` // 是否被禁用（0:否 1:是）
+	Phone      string `json:"phone" form:"phone" label:"手机号"`
+	Avatar     string `json:"avatar" form:"avatar" label:"头像"`
+	Sex        int    `json:"sex" form:"sex" label:"性别"`
+	Email      string `json:"email" form:"email" label:"邮箱"`
+}
+
+// PutAdminUser 修改
+type PutAdminUser struct {
+	Access     string `json:"access"  form:"access" validate:"required" label:"账号"`
+	IsDeleted  int    `json:"is_deleted"  form:"is_deleted" validate:"oneof=0 1" label:"删除状态"`   // 是否被删除（0:否 1:是）
+	IsDisabled int    `json:"is_disabled"  form:"is_disabled" validate:"oneof=0 1" label:"禁用状态"` // 是否被禁用（0:否 1:是）
+	NickName   string `json:"nick_name"  form:"nick_name" validate:"required" label:"昵称"`
+	IsAdmin    int    `json:"is_admin" form:"is_admin" label:"是否管理员"` // 是否管理员（0:否 1:是）
+	Phone      string `json:"phone"  form:"phone" validate:"required" label:"手机号"`
+	Avatar     string `json:"avatar"  form:"avatar" label:"头像"`
+	Sex        int    `json:"sex"  form:"sex" validate:"required,oneof=1 2" label:"性别"` // （1:男 2:女）
+	Email      string `json:"email"  form:"email" label:"邮箱"`
+}
+
+// PutAdminUserStatus 修改状态
+type PutAdminUserStatus struct {
+	Status int `json:"status"  form:"status" validate:"required,oneof=1 2 3" label:"状态"` // 状态（1:正常 2:审核中 3:审核失败）
+}
+
+// PutAdminUserDisabled 修改禁用状态
+type PutAdminUserDisabled struct {
+	IsDisabled int `json:"is_disabled"  form:"is_disabled" validate:"oneof=0 1" label:"禁用状态"` // 是否被禁用（0:否 1:是）
+}
+
+// PutAdminUserPassword 修改用户密码
+type PutAdminUserPassword struct {
+	Password    string `json:"password"  form:"password" validate:"required" label:"原密码"`
+	NewPassword string `json:"new_password"  form:"new_password" validate:"required" label:"新密码"`
+	UserId      string `json:"user_id"  form:"user_id" validate:"required" label:"用户id"`
+}
+
+// DeleteAdminUser 删除用户-批量
+type DeleteAdminUser struct {
+	UserIds []string `json:"user_ids"  form:"user_ids" validate:"required" label:"用户id"`
+}
--- a/api/router/router.go
+++ b/api/router/router.go
@ -80,6 +80,7 @@ func publicRouter(r *gin.Engine, api controller.Api) {
 	// 验证码
 	adminGroup.GET("/captcha", api.Public.GetCaptcha)

+	// 配置
 	systemGroup := adminGroup.Group("/system")
 	{
 		// 编辑器配置
@ -168,6 +169,34 @@ func privateRouter(r *gin.Engine, api controller.Api) {

 		// 获取用户数据-病例
 		userGroup.GET("/case/:user_id", api.User.GetUserCase)
+
+		// 后台用户
+		userAdminGroup := userGroup.Group("/admin")
+		{
+			// 获取列表-分页
+			userAdminGroup.GET("/page", api.AdminUser.GetAdminUserPage)
+
+			// 新增
+			userAdminGroup.POST("", api.AdminUser.AddAdminUser)
+
+			// 修改
+			userAdminGroup.PUT("/:user_id", api.AdminUser.PutAdminUser)
+
+			// 修改状态
+			adminGroup.PUT("/status/:user_id", api.AdminUser.PutAdminUserStatus)
+
+			// 修改禁用状态
+			userAdminGroup.PUT("/disabled/:user_id", api.AdminUser.PutAdminUserDisabled)
+
+			// 修改密码
+			userAdminGroup.PUT("/password", api.AdminUser.PutAdminUserPassword)
+
+			// 退出登陆
+			userAdminGroup.PUT("loginout", api.AdminUser.LoginOut)
+
+			// 删除用户-批量
+			userAdminGroup.DELETE("", api.AdminUser.DeleteAdminUser)
+		}
 	}

 	// 优惠卷
--- a/go.mod
+++ b/go.mod
@ -19,6 +19,7 @@ require (
 	github.com/go-playground/validator/v10 v10.22.0
 	github.com/go-redis/redis/v8 v8.11.5
 	github.com/golang-jwt/jwt/v5 v5.2.1
+	github.com/google/uuid v1.4.0
 	github.com/mojocn/base64Captcha v1.3.6
 	github.com/rabbitmq/amqp091-go v1.10.0
 	github.com/robfig/cron/v3 v3.0.1
--- a/go.sum
+++ b/go.sum
@ -107,6 +107,8 @@ github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF0
 github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
+github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=