fix bugs

cmd/openteam/main.go

@@ -147,7 +147,7 @@ func main() {
 	r.GET("/assets/*filepath", gin.WrapH(http.StripPrefix("/assets/", http.FileServer(http.FS(assetsFS)))))
 
 	srv := &http.Server{
-		Addr:    ":8080",
+		Addr:    fmt.Sprintf(":%d", cfg.Port),
 		Handler: r,
 	}
 

deploy/docker/Dockerfile

@@ -11,7 +11,7 @@ WORKDIR /build
 COPY . .
 COPY --from=frontend /frontend-build/dist /build/cmd/openteam/dist
 ENV GO111MODULE=on
-# ENV GOPROXY=https://goproxy.cn,direct
+ENV GOPROXY=https://goproxy.cn,direct
 CMD [ "go mod tidy","go mod download" ]
 RUN make build
 
@@ -24,5 +24,5 @@ WORKDIR /app
 COPY --from=backend /build/bin/openteam /app/openteam
 ENV GIN_MODE=release
 ENV PATH=$PATH:/app
-EXPOSE 80
+EXPOSE 80 443
 ENTRYPOINT ["/app/openteam"]

internal/controller/init.go

@@ -2,11 +2,13 @@ package controller
 
 import (
 	"opencatd-open/internal/service"
+	"opencatd-open/pkg/config"
 
 	"gorm.io/gorm"
 )
 
 type Api struct {
+	cfg            *config.Config
 	db             *gorm.DB
 	userService    *service.UserServiceImpl
 	tokenService   *service.TokenServiceImpl
@@ -15,8 +17,9 @@ type Api struct {
 	usageService   *service.UsageService
 }
 
-func NewApi(db *gorm.DB, userService *service.UserServiceImpl, tokenService *service.TokenServiceImpl, keyService *service.ApiKeyServiceImpl, webAuthService *service.WebAuthnService, usageService *service.UsageService) *Api {
+func NewApi(cfg *config.Config, db *gorm.DB, userService *service.UserServiceImpl, tokenService *service.TokenServiceImpl, keyService *service.ApiKeyServiceImpl, webAuthService *service.WebAuthnService, usageService *service.UsageService) *Api {
 	return &Api{
+		cfg:            cfg,
 		db:             db,
 		userService:    userService,
 		tokenService:   tokenService,

internal/service/user.go

@@ -9,6 +9,7 @@ import (
 	"opencatd-open/internal/dto"
 	"opencatd-open/internal/model"
 	"opencatd-open/internal/utils"
+	"opencatd-open/pkg/config"
 	"strings"
 	"time"
 
@@ -17,12 +18,14 @@ import (
 )
 
 type UserServiceImpl struct {
+	cfg      *config.Config
 	db       *gorm.DB
 	userRepo dao.UserRepository
 }
 
-func NewUserService(db *gorm.DB, userRepo dao.UserRepository) *UserServiceImpl {
+func NewUserService(cfg *config.Config, db *gorm.DB, userRepo dao.UserRepository) *UserServiceImpl {
 	return &UserServiceImpl{
+		cfg:      cfg,
 		db:       db,
 		userRepo: userRepo,
 	}
@@ -40,11 +43,19 @@ func (s *UserServiceImpl) Register(ctx context.Context, req *model.User) error {
 		_user.Role = utils.ToPtr(consts.RoleRoot)
 		_user.Active = utils.ToPtr(true)
 		_user.UnlimitedQuota = utils.ToPtr(true)
+	} else {
+		if !s.cfg.AllowRegister {
+			return fmt.Errorf("register is not allowed")
+		}
 	}
+
 	_user.Password, err = utils.HashPassword(req.Password)
 	if err != nil {
 		return err
 	}
+	_user.Active = &s.cfg.DefaultActive
+	_user.UnlimitedQuota = &s.cfg.UnlimitedQuota
+
 	_user.Username = req.Username
 	_user.Email = req.Email
 	_user.Tokens = []model.Token{

internal/service/webauth.go

@@ -62,6 +62,7 @@ func (u *WebAuthnUser) WebAuthnCredentialDescriptors() (descriptors []protocol.C
 
 // WebAuthnService 提供WebAuthn相关功能
 type WebAuthnService struct {
+	cfg      *config.Config
 	DB       *gorm.DB
 	WebAuthn *webauthn.WebAuthn
 	// Sessions map[string]webauthn.SessionData // 用于存储注册和认证过程中的会话数据
@@ -69,12 +70,12 @@ type WebAuthnService struct {
 }
 
 // NewWebAuthnService 创建新的WebAuthn服务
-func NewWebAuthnService(db *gorm.DB, cfg *config.Config) (*WebAuthnService, error) {
+func NewWebAuthnService(cfg *config.Config, db *gorm.DB) (*WebAuthnService, error) {
 	// 创建WebAuthn配置
 	wconfig := &webauthn.Config{
-		RPDisplayName: config.Cfg.AppName,          // 依赖方(Relying Party)显示名称
-		RPID:          config.Cfg.Domain,           // 依赖方ID(通常为域名)
-		RPOrigins:     []string{config.Cfg.AppURL}, // 依赖方源(URL)
+		RPDisplayName: cfg.AppName,   // 依赖方(Relying Party)显示名称
+		RPID:          cfg.RPID,      // 依赖方ID(通常为域名)
+		RPOrigins:     cfg.RPOrigins, // 依赖方源(URL)
 		AuthenticatorSelection: protocol.AuthenticatorSelection{
 			RequireResidentKey:      protocol.ResidentKeyRequired(),          // 要求认证器存储用户 ID (resident key)
 			ResidentKey:             protocol.ResidentKeyRequirementRequired, // 使用 Discoverable 模式
@@ -90,6 +91,7 @@ func NewWebAuthnService(db *gorm.DB, cfg *config.Config) (*WebAuthnService, erro
 	}
 
 	return &WebAuthnService{
+		cfg:      cfg,
 		DB:       db,
 		WebAuthn: wa,
 		// Sessions: make(map[string]webauthn.SessionData),

pkg/config/config.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"os"
 	"strconv"
+	"strings"
 	"time"
 
 	_ "github.com/joho/godotenv/autoload"
@@ -14,15 +15,14 @@ var Cfg *Config
 // Config 结构体存储应用配置
 type Config struct {
 	// 服务器配置
-	ServerPort   int
-	ServerHost   string
+	Port         int
 	ReadTimeout  time.Duration
 	WriteTimeout time.Duration
 
 	// PassKey配置
-	AppName             string
-	Domain              string
-	AppURL              string
+	AppName             string   // 依赖方(Relying Party)显示名称
+	RPID                string   // 依赖方ID(通常为域名)
+	RPOrigins           []string // 依赖方源(URL)
 	WebAuthnTimeout     time.Duration
 	ChallengeExpiration time.Duration
 
@@ -70,12 +70,12 @@ func init() {
 // LoadConfig 从环境变量加载配置
 func LoadConfig() (*Config, error) {
 	cfg := &Config{
-		AppName: "OpenTeam",
-		Domain:  "localhost",
-		AppURL:  "https://localhost:5173",
+		AppName:   "OpenTeam",
+		RPID:      "localhost", // 域名
+		RPOrigins: []string{"https://localhost:5173"},
 		// 默认值设置
-		ServerPort:   8080,
-		ServerHost:   "0.0.0.0",
+		Port: 80,
+
 		ReadTimeout:  10 * time.Second,
 		WriteTimeout: 10 * time.Second,
 
@@ -91,8 +91,8 @@ func LoadConfig() (*Config, error) {
 
 		// 系统设置
 		AllowRegister:  false,
-		UnlimitedQuota: false,
-		DefaultActive:  false,
+		UnlimitedQuota: true,
+		DefaultActive:  true,
 
 		UsageWorker:      1,
 		UsageChanSize:    1000,
@@ -103,26 +103,30 @@ func LoadConfig() (*Config, error) {
 	if appName := os.Getenv("APP_NAME"); appName != "" {
 		cfg.AppName = appName
 	}
-	if domain := os.Getenv("DOMAIN"); domain != "" {
-		cfg.Domain = domain
+	if domain := os.Getenv("RPID"); domain != "" {
+		cfg.RPID = domain
 	}
-	if appURL := os.Getenv("APP_URL"); appURL != "" {
-		cfg.AppURL = appURL
+	if origin := os.Getenv("RPORIGINS"); origin != "" {
+		var rpos []string
+		list := strings.Split(origin, ",")
+		for _, l := range list {
+			trimmedl := strings.TrimSpace(l)
+			if trimmedl != "" {
+				rpos = append(rpos, trimmedl)
+			}
+		}
+		cfg.RPOrigins = rpos
 	}
 
 	// 服务器配置
-	if port := os.Getenv("SERVER_PORT"); port != "" {
+	if port := os.Getenv("PORT"); port != "" {
 		if p, err := strconv.Atoi(port); err == nil {
-			cfg.ServerPort = p
+			cfg.Port = p
 		} else {
-			return nil, fmt.Errorf("无效的SERVER_PORT: %s", port)
+			return nil, fmt.Errorf("PORT: %s", port)
 		}
 	}
 
-	if host := os.Getenv("SERVER_HOST"); host != "" {
-		cfg.ServerHost = host
-	}
-
 	if timeout := os.Getenv("READ_TIMEOUT"); timeout != "" {
 		if t, err := strconv.Atoi(timeout); err == nil {
 			cfg.ReadTimeout = time.Duration(t) * time.Second

wire/wire_gen.go

@@ -38,17 +38,17 @@ func InitTeamHandler(ctx context.Context, cfg *config.Config, db *gorm.DB) (*con
 
 func InitAPIHandler(ctx context.Context, cfg *config.Config, db *gorm.DB) (*controller2.Api, error) {
 	userDAO := dao.NewUserDAO(db)
-	userServiceImpl := service2.NewUserService(db, userDAO)
+	userServiceImpl := service2.NewUserService(cfg, db, userDAO)
 	tokenDAO := dao.NewTokenDAO(db)
 	tokenServiceImpl := service2.NewTokenService(db, tokenDAO)
 	apiKeyDAO := dao.NewApiKeyDAO(db)
 	apiKeyServiceImpl := service2.NewApiKeyService(db, apiKeyDAO)
-	webAuthnService, err := service2.NewWebAuthnService(db, cfg)
+	webAuthnService, err := service2.NewWebAuthnService(cfg, db)
 	if err != nil {
 		return nil, err
 	}
 	usageService := service2.NewUsageService(ctx, cfg, db)
-	api := controller2.NewApi(db, userServiceImpl, tokenServiceImpl, apiKeyServiceImpl, webAuthnService, usageService)
+	api := controller2.NewApi(cfg, db, userServiceImpl, tokenServiceImpl, apiKeyServiceImpl, webAuthnService, usageService)
 	return api, nil
 }