feat: add USER_DEFAULT_ROLE (#350)

2026-05-10 17:43:31 +08:00 · 2024-07-14 20:38:55 +08:00
parent f3a1d980c5
commit 2c1e63b8bc
5 changed files with 34 additions and 7 deletions
--- a/vitepress-docs/docs/en/cli.md
+++ b/vitepress-docs/docs/en/cli.md
@@ -89,10 +89,11 @@ DEFAULT_DOMAINS = ["xxx.xxx1" , "xxx.xxx2"] # domain name for no role users
 DOMAINS = ["xxx.xxx1" , "xxx.xxx2"] # all your domain name
 # For chinese domain name, you can use DOMAIN_LABELS to show chinese domain name
 # DOMAIN_LABELS = ["中文.xxx", "xxx.xxx2"]
+# USER_DEFAULT_ROLE = "vip" # default role for new users(only when enable mail verification)
 # User roles configuration, if domains is empty will use default_domains, if prefix is null will use default prefix, if prefix is empty string will not use prefix
 # USER_ROLES = [
-#    { domains = ["awsl.uk", "dreamhunter2333.xyz"], role = "vip", prefix = "vip" },
-#    { domains = ["awsl.uk", "dreamhunter2333.xyz"], role = "admin", prefix = "" },
+#    { domains = ["xxx.xxx1" , "xxx.xxx2"], role = "vip", prefix = "vip" },
+#    { domains = ["xxx.xxx1" , "xxx.xxx2"], role = "admin", prefix = "" },
 # ]
 JWT_SECRET = "xxx" # Key used to generate jwt
 BLACK_LIST = "" # Blacklist, used to filter senders, comma separated
--- a/vitepress-docs/docs/zh/guide/cli/worker.md
+++ b/vitepress-docs/docs/zh/guide/cli/worker.md
@@ -57,11 +57,13 @@ PREFIX = "tmp" # 要处理的邮箱名称前缀，不需要后缀可配置为空
 DOMAINS = ["xxx.xxx1" , "xxx.xxx2"] # 你的域名, 支持多个域名
 # 对于中文域名，可以使用 DOMAIN_LABELS 显示域名的中文展示名称
 # DOMAIN_LABELS = ["中文.xxx", "xxx.xxx2"]
+# 新用户默认角色, 仅在启用邮件验证时有效
+# USER_DEFAULT_ROLE = "vip"
 # 用户角色配置, 如果 domains 为空将使用 default_domains
 # 如果 prefix 为 null 将使用默认前缀, 如果 prefix 为空字符串将不使用前缀
 # USER_ROLES = [
-#    { domains = ["awsl.uk", "dreamhunter2333.xyz"], role = "vip", prefix = "vip" },
-#    { domains = ["awsl.uk", "dreamhunter2333.xyz"], role = "admin", prefix = "" },
+#    { domains = ["xxx.xxx1" , "xxx.xxx2"], role = "vip", prefix = "vip" },
+#    { domains = ["xxx.xxx1" , "xxx.xxx2"], role = "admin", prefix = "" },
 # ]
 JWT_SECRET = "xxx" # 用于生成 jwt 的密钥, jwt 用于给用户登录以及鉴权
 BLACK_LIST = "" # 黑名单，用于过滤发件人，逗号分隔
--- a/worker/src/types.d.ts
+++ b/worker/src/types.d.ts
@@ -18,6 +18,7 @@ export type Bindings = {
    MAX_ADDRESS_LEN: string | number | undefined
    DEFAULT_DOMAINS: string | string[] | undefined
    DOMAINS: string | string[] | undefined
+    USER_DEFAULT_ROLE: string | UserRole | undefined
    USER_ROLES: string | UserRole[] | undefined
    DOMAIN_LABELS: string | string[] | undefined
    PASSWORDS: string | string[] | undefined
--- a/worker/src/user_api/user.ts
+++ b/worker/src/user_api/user.ts
@@ -2,7 +2,7 @@ import { Context } from 'hono';
 import { Jwt } from 'hono/utils/jwt'

 import { HonoCustomType } from '../types';
-import { checkCfTurnstile, getJsonSetting, checkUserPassword } from "../utils"
+import { checkCfTurnstile, getJsonSetting, checkUserPassword, getUserRoles, getStringValue } from "../utils"
 import { CONSTANTS } from "../constants";
 import { GeoData, UserInfo, UserSettings } from "../models";
 import { sendMail } from "../mails_api/send_mail_api";
@@ -124,6 +124,28 @@ export default {
        if (!success) {
            return c.text("Failed to register", 500)
        }
+        const defaultRole = getStringValue(c.env.USER_DEFAULT_ROLE);
+        if (!defaultRole) return c.json({ success: true })
+        const user_roles = getUserRoles(c);
+        if (!user_roles.find((r) => r.role === defaultRole)) {
+            return c.text("Invalid role_text", 400)
+        }
+        // find user_id
+        const user_id = await c.env.DB.prepare(
+            `SELECT id FROM users where user_email = ?`
+        ).bind(email).first<number | undefined | null>("id");
+        if (!user_id) {
+            return c.text("User not found", 400)
+        }
+        // update user roles
+        const { success: success2 } = await c.env.DB.prepare(
+            `INSERT INTO user_roles (user_id, role_text)`
+            + ` VALUES (?, ?)`
+            + ` ON CONFLICT(user_id) DO NOTHING`
+        ).bind(user_id, defaultRole).run();
+        if (!success2) {
+            return c.text("Failed to update user roles", 500)
+        }
        return c.json({ success: true })
    },
    login: async (c: Context<HonoCustomType>) => {
--- a/worker/wrangler.toml.template
+++ b/worker/wrangler.toml.template
@@ -31,10 +31,11 @@ DEFAULT_DOMAINS = ["xxx.xxx1" , "xxx.xxx2"] # domain name for no role users
 DOMAINS = ["xxx.xxx1" , "xxx.xxx2"] # all domain names
 # For chinese domain name, you can use DOMAIN_LABELS to show chinese domain name
 # DOMAIN_LABELS = ["中文.xxx", "xxx.xxx2"]
+# USER_DEFAULT_ROLE = "vip" # default role for new users(only when enable mail verification)
 # User roles configuration, if domains is empty will use default_domains, if prefix is null will use default prefix, if prefix is empty string will not use prefix
 # USER_ROLES = [
-#    { domains = ["awsl.uk", "dreamhunter2333.xyz"], role = "vip", prefix = "vip" },
-#    { domains = ["awsl.uk", "dreamhunter2333.xyz"], role = "admin", prefix = "" },
+#    { domains = ["xxx.xxx1" , "xxx.xxx2"], role = "vip", prefix = "vip" },
+#    { domains = ["xxx.xxx1" , "xxx.xxx2"], role = "admin", prefix = "" },
 # ]
 JWT_SECRET = "xxx"
 BLACK_LIST = ""