refactor: reuse session validation in get_current_admin_user via get_user_by_token

src/api/auth.rs

@@ -241,14 +241,8 @@ pub struct CurrentUserResponse {
     pub user: Option<PublicUser>,
 }
 
-#[server(GetCurrentUser, "/api")]
+#[cfg(feature = "server")]
-pub async fn get_current_user() -> Result<CurrentUserResponse, ServerFnError> {
+pub async fn get_user_by_token(token: &str) -> Result<Option<User>, ServerFnError> {
-    let token = get_session_from_ctx();
-
-    let Some(token) = token else {
-        return Ok(CurrentUserResponse { user: None });
-    };
-
     let client = get_conn().await.map_err(|e| {
         tracing::error!("GetCurrentUser DB connection failed: {:?}", e);
         ServerFnError::new(format!("数据库连接失败: {}", e))
@@ -256,7 +250,7 @@ pub async fn get_current_user() -> Result<CurrentUserResponse, ServerFnError> {
 
     let row = client
         .query_opt(
-            "SELECT u.id, u.username, u.email, u.role, u.created_at
+            "SELECT u.id, u.username, u.email, u.password_hash, u.role, u.created_at
              FROM sessions s
              JOIN users u ON s.user_id = u.id
              WHERE s.token = $1 AND s.expires_at > NOW()",
@@ -272,10 +266,11 @@ pub async fn get_current_user() -> Result<CurrentUserResponse, ServerFnError> {
         Some(row) => {
             let role_str: String = row.get("role");
             let role = UserRole::from_str(&role_str).unwrap_or(UserRole::Blocked);
-            Some(PublicUser {
+            Some(User {
                 id: row.get("id"),
                 username: row.get("username"),
                 email: row.get("email"),
+                password_hash: row.get("password_hash"),
                 role,
                 created_at: row.get("created_at"),
             })
@@ -283,5 +278,20 @@ pub async fn get_current_user() -> Result<CurrentUserResponse, ServerFnError> {
         None => None,
     };
 
+    Ok(user)
+}
+
+#[server(GetCurrentUser, "/api")]
+pub async fn get_current_user() -> Result<CurrentUserResponse, ServerFnError> {
+    let token = match get_session_from_ctx() {
+        Some(t) => t,
+        None => return Ok(CurrentUserResponse { user: None }),
+    };
+
+    let user = match get_user_by_token(&token).await? {
+        Some(u) => Some(PublicUser::from(u)),
+        None => None,
+    };
+
     Ok(CurrentUserResponse { user })
 }

src/api/posts.rs

@@ -14,38 +14,13 @@ use crate::models::user::{User, UserRole};
 
 #[cfg(feature = "server")]
 async fn get_current_admin_user() -> Result<User, ServerFnError> {
-    let token = get_session_from_ctx();
+    let token = match get_session_from_ctx() {
-
+        Some(t) => t,
-    let Some(token) = token else {
+        None => return Err(ServerFnError::new("未登录")),
-        return Err(ServerFnError::new("未登录"));
     };
 
-    let client = get_conn().await.map_err(db_conn_error)?;
+    let user = match crate::api::auth::get_user_by_token(&token).await? {
-
+        Some(u) => u,
-    let row = client
-        .query_opt(
-            "SELECT u.id, u.username, u.email, u.password_hash, u.role, u.created_at
-             FROM sessions s
-             JOIN users u ON s.user_id = u.id
-             WHERE s.token = $1 AND s.expires_at > NOW()",
-            &[&token],
-        )
-        .await
-        .map_err(query_error)?;
-
-    let user = match row {
-        Some(row) => {
-            let role_str: String = row.get("role");
-            let role = UserRole::from_str(&role_str).unwrap_or(UserRole::Blocked);
-            User {
-                id: row.get("id"),
-                username: row.get("username"),
-                email: row.get("email"),
-                password_hash: row.get("password_hash"),
-                role,
-                created_at: row.get("created_at"),
-            }
-        }
         None => return Err(ServerFnError::new("会话已过期")),
     };