feat(User):优化个人中心的页面样式和一些交互 (#864)

* feat(auth): WebAuthn-Anmeldung für discoverable login aktiviert

* Entfernt Benutzernamen-Validierung, um discoverable login zu unterstützen
* Neue Übersetzung "noWebauthnCredentials" für verschiedene Sprachen hinzugefügt
* Escape-Zeichen im ImportModal korrigiert

* feat(auth): WebAuthn discoverable login implementieren

* `GetUserByWebAuthnCredentialId` Funktion für Benutzerabruf über Credential ID hinzugefügt
* Login-Logik für discoverable login ohne Benutzernamen implementiert
* Session-Verwaltung für beide Login-Typen angepasst
* Fehlerbehandlung und Benutzerprüfung für discoverable login optimiert

* feat: Profilseite mit Tabs-Layout umgestaltet

* * UI mit Tabs für allgemeine Einstellungen, Bindungen, WebAuthn und Token umgestaltet
* Benutzerprofil-Avatar mit animiertem Gradient-Hintergrund hinzugefügt
* Passwortbestätigungsfeld und Gruppeninformationen ergänzt
* Bindungsansicht mit Avatar-Icons optimiert

* feat(profile): Konto-Entbindungsfunktion implementiert

- Entbindungsdialog für WeChat, GitHub, Lark und OIDC hinzugefügt
- Bestätigungsdialog mit Warnmeldung vor der Entbindung implementiert
- Neue Übersetzungen für Entbindungsfunktion in allen Sprachen hinzugefügt

* feat(profile): 添加账户解绑功能

- 在路由中添加 `/unbind` POST接口
- 实现 Unbind 控制器支持解绑 GitHub、WeChat、Lark 和 OIDC 绑定
- 添加 UnbindRequest 结构体处理解绑请求参数
- 修复代码格式问题，统一缩进

Author: ZeroDeng01

controller/user.go

@@ -80,7 +80,7 @@ func setupLogin(user *model.User, c *gin.Context) {
 		return
 	}
 	user.LastLoginTime = time.Now().Unix()
-  user.LastLoginIp = c.ClientIP()
+	user.LastLoginIp = c.ClientIP()
 
 	user.Update(false)
 
@@ -809,3 +809,58 @@ func ChangeUserQuota(c *gin.Context) {
 		"message": "",
 	})
 }
+
+type UnbindRequest struct {
+	Type string `json:"type"`
+}
+
+func Unbind(c *gin.Context) {
+	var req UnbindRequest
+	err := json.NewDecoder(c.Request.Body).Decode(&req)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "无效的参数",
+		})
+		return
+	}
+	id := c.GetInt("id")
+	user, err := model.GetUserById(id, false)
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	updates := make(map[string]interface{})
+	switch req.Type {
+	case "github":
+		updates["github_id"] = ""
+		updates["github_id_new"] = nil
+	case "wechat":
+		updates["wechat_id"] = ""
+	case "lark":
+		updates["lark_id"] = ""
+	case "oidc":
+		updates["oidc_id"] = ""
+	default:
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": "未知的绑定类型",
+		})
+		return
+	}
+	err = model.DB.Model(user).Updates(updates).Error
+	if err != nil {
+		c.JSON(http.StatusOK, gin.H{
+			"success": false,
+			"message": err.Error(),
+		})
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{
+		"success": true,
+		"message": "",
+	})
+}

controller/webauthn.go

@@ -2,6 +2,7 @@ package controller
 
 import (
 	"encoding/json"
+	"errors"
 	"net/http"
 	"one-api/common/webauthn"
 	"one-api/model"
@@ -162,7 +163,7 @@ func WebauthnBeginLogin(c *gin.Context) {
 
 	// 从请求中获取用户名
 	type LoginRequest struct {
-		Username string `json:"username" binding:"required"`
+		Username string `json:"username"`
 	}
 
 	var req LoginRequest
@@ -174,30 +175,48 @@ func WebauthnBeginLogin(c *gin.Context) {
 		return
 	}
 
-	var user = model.User{
-		Username: req.Username,
-	}
-	// 根据用户名获取用户
-	err = user.FillUserByUsername()
-	if err != nil {
-		c.JSON(http.StatusNotFound, gin.H{
-			"message": "登陆失败",
-			"success": false,
-		})
-		return
-	}
+	var options interface{}
+	var session *wauth.SessionData
 
-	options, session, err := webauthnInstance.BeginLogin(&user)
-	if err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{
-			"message": "无法开始登录: " + err.Error(),
-			"success": false,
-		})
-		return
+	sess := sessions.Default(c)
+
+	if req.Username == "" {
+		// 无用户名登录 (Discoverable Login)
+		options, session, err = webauthnInstance.BeginDiscoverableLogin()
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{
+				"message": "无法开始无用户名登录: " + err.Error(),
+				"success": false,
+			})
+			return
+		}
+		sess.Delete("webauthn_user_id")
+	} else {
+		var user = model.User{
+			Username: req.Username,
+		}
+		// 根据用户名获取用户
+		err = user.FillUserByUsername()
+		if err != nil {
+			c.JSON(http.StatusNotFound, gin.H{
+				"message": "登陆失败",
+				"success": false,
+			})
+			return
+		}
+
+		options, session, err = webauthnInstance.BeginLogin(&user)
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{
+				"message": "无法开始登录: " + err.Error(),
+				"success": false,
+			})
+			return
+		}
+		sess.Set("webauthn_user_id", strconv.Itoa(user.Id))
 	}
 
 	// 将session存储到用户会话中
-	sess := sessions.Default(c)
 	sessionData, err := json.Marshal(session)
 	if err != nil {
 		c.JSON(http.StatusInternalServerError, gin.H{
@@ -207,7 +226,6 @@ func WebauthnBeginLogin(c *gin.Context) {
 		return
 	}
 	sess.Set("webauthn_login_session", string(sessionData))
-	sess.Set("webauthn_user_id", strconv.Itoa(user.Id))
 	sess.Save()
 
 	c.JSON(http.StatusOK, gin.H{
@@ -232,32 +250,14 @@ func WebauthnFinishLogin(c *gin.Context) {
 	sessionDataStr := sess.Get("webauthn_login_session")
 	userIdStr := sess.Get("webauthn_user_id")
 
-	if sessionDataStr == nil || userIdStr == nil {
+	if sessionDataStr == nil {
 		c.JSON(http.StatusBadRequest, gin.H{
 			"message": "会话已过期",
 			"success": false,
 		})
 		return
 	}
 
-	userId, err := strconv.Atoi(userIdStr.(string))
-	if err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{
-			"message": "登陆失败",
-			"success": false,
-		})
-		return
-	}
-
-	user, err := model.GetUserById(userId, false)
-	if err != nil {
-		c.JSON(http.StatusNotFound, gin.H{
-			"message": "登陆失败",
-			"success": false,
-		})
-		return
-	}
-
 	var sessionData wauth.SessionData
 	err = json.Unmarshal([]byte(sessionDataStr.(string)), &sessionData)
 	if err != nil {
@@ -268,13 +268,84 @@ func WebauthnFinishLogin(c *gin.Context) {
 		return
 	}
 
-	_, err = webauthnInstance.FinishLogin(user, sessionData, c.Request)
-	if err != nil {
-		c.JSON(http.StatusBadRequest, gin.H{
-			"message": "登录验证失败: " + err.Error(),
-			"success": false,
-		})
-		return
+	var user *model.User
+
+	if userIdStr != nil {
+		// 有用户名的登录
+		userId, err := strconv.Atoi(userIdStr.(string))
+		if err != nil {
+			c.JSON(http.StatusInternalServerError, gin.H{
+				"message": "登陆失败",
+				"success": false,
+			})
+			return
+		}
+
+		user, err = model.GetUserById(userId, false)
+		if err != nil {
+			c.JSON(http.StatusNotFound, gin.H{
+				"message": "登陆失败",
+				"success": false,
+			})
+			return
+		}
+
+		_, err = webauthnInstance.FinishLogin(user, sessionData, c.Request)
+		if err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{
+				"message": "登录验证失败: " + err.Error(),
+				"success": false,
+			})
+			return
+		}
+	} else {
+		// 无用户名登录 (Discoverable Login)
+		var foundUser wauth.User
+		_, err := webauthnInstance.FinishDiscoverableLogin(func(rawID, userHandle []byte) (wauth.User, error) {
+			if len(userHandle) > 0 {
+				userId, err := strconv.Atoi(string(userHandle))
+				if err == nil {
+					u, err := model.GetUserById(userId, false)
+					if err == nil {
+						foundUser = u
+						return u, nil
+					}
+				}
+			}
+			// Fallback to lookup by credential ID
+			u, err := model.GetUserByWebAuthnCredentialId(rawID)
+			if err == nil {
+				foundUser = u
+				return u, nil
+			}
+			return nil, errors.New("user not found")
+		}, sessionData, c.Request)
+
+		if err != nil {
+			c.JSON(http.StatusBadRequest, gin.H{
+				"message": "登录验证失败: " + err.Error(),
+				"success": false,
+			})
+			return
+		}
+
+		if foundUser == nil {
+			c.JSON(http.StatusBadRequest, gin.H{
+				"message": "无法找到对应的用户",
+				"success": false,
+			})
+			return
+		}
+
+		var ok bool
+		user, ok = foundUser.(*model.User)
+		if !ok {
+			c.JSON(http.StatusInternalServerError, gin.H{
+				"message": "用户类型断言失败",
+				"success": false,
+			})
+			return
+		}
 	}
 
 	// 检查用户状态

model/user.go

@@ -656,3 +656,13 @@ func SaveWebAuthnCredential(userId int, credential *webauthn.Credential, alias s
 	}
 	return DB.Create(&webauthnCred).Error
 }
+
+// GetUserByWebAuthnCredentialId 通过WebAuthn凭据ID获取用户
+func GetUserByWebAuthnCredentialId(credentialId []byte) (*User, error) {
+	var cred WebAuthnCredential
+	err := DB.Where("credential_id = ?", credentialId).First(&cred).Error
+	if err != nil {
+		return nil, err
+	}
+	return GetUserById(cred.UserId, false)
+}

router/api-router.go

@@ -80,6 +80,7 @@ func SetApiRouter(router *gin.Engine) {
 				selfRoute.GET("/invoice/detail", controller.GetUserInvoiceDetail)
 				selfRoute.GET("/self", controller.GetSelf)
 				selfRoute.PUT("/self", controller.UpdateSelf)
+				selfRoute.POST("/unbind", controller.Unbind)
 				// selfRoute.DELETE("/self", controller.DeleteSelf)
 				selfRoute.GET("/token", controller.GenerateAccessToken)
 				selfRoute.GET("/aff", controller.GetAffCode)

web/src/i18n/locales/en_US.json

@@ -761,6 +761,9 @@
     "password": "Password",
     "passwordMinLength": "Password must be at least 8 characters long",
     "personalInfo": "Personal Information",
+    "general": "General",
+    "binding": "Binding",
+    "webauthn": "WebAuthn",
     "resetToken": "Reset Access Token",
     "submit": "Submit",
     "telegramBot": "Telegram bot",
@@ -781,7 +784,23 @@
     "alias": "Alias:",
     "credentialId": "Credential ID:",
     "registerTime": "Register Time:",
-    "delete": "Delete"
+    "delete": "Delete",
+    "noWebauthnCredentials": "No WebAuthn credentials found",
+    "confirmPassword": "Confirm Password",
+    "inputConfirmPasswordPlaceholder": "Please enter password again",
+    "passwordsNotMatch": "Passwords do not match",
+    "group": "Group",
+    "rate": "Rate",
+    "speed": "Speed",
+    "bound": "Bound",
+    "unbound": "Unbound",
+    "bind": "Bind",
+    "unbind": "Unbind",
+    "change": "Change",
+    "unbindSuccess": "Unbind successful",
+    "unbindConfirm": "Confirm Unbind",
+    "unbindWarning": "Are you sure you want to unbind? You will not be able to log in using this method after unbinding.",
+    "cancel": "Cancel"
   },
   "redemption": "Redemption",
   "redemptionPage": {

web/src/i18n/locales/ja_JP.json

@@ -749,6 +749,9 @@
     "password": "パスワード",
     "passwordMinLength": "パスワードは8文字以上でなければなりません",
     "personalInfo": "個人情報",
+    "general": "一般",
+    "binding": "連携",
+    "webauthn": "WebAuthn",
     "resetToken": "アクセストークンのリセット",
     "submit": "送信",
     "telegramBot": "電報ボット",
@@ -769,7 +772,23 @@
     "alias": "エイリアス:",
     "credentialId": "認証情報ID:",
     "registerTime": "登録日時:",
-    "delete": "削除"
+    "delete": "削除",
+    "noWebauthnCredentials": "WebAuthn 資格情報が見つかりません",
+    "confirmPassword": "パスワードの確認",
+    "inputConfirmPasswordPlaceholder": "パスワードを再入力してください",
+    "passwordsNotMatch": "パスワードが一致しません",
+    "group": "グループ",
+    "rate": "レート",
+    "speed": "速度",
+    "bound": "連携済み",
+    "unbound": "未連携",
+    "bind": "連携",
+    "unbind": "解除",
+    "change": "変更",
+    "unbindSuccess": "解除成功",
+    "unbindConfirm": "解除確認",
+    "unbindWarning": "本当に解除しますか？解除後はこの方法でログインできなくなります。",
+    "cancel": "キャンセル"
   },
   "redemption": "引き換え",
   "redemptionPage": {