Rework admin console authentication and UI

2026-04-15 11:10:52 +08:00
parent 1cce5634b1
commit 98666ab1ea
7 changed files with 650 additions and 275 deletions
--- a/backend/internal/api/auth.go
+++ b/backend/internal/api/auth.go
@@ -2,6 +2,8 @@ package api

 import (
 	"net/http"
+	"os"
+	"strings"

 	"github.com/gin-gonic/gin"

@@ -32,6 +34,12 @@ func Register(c *gin.Context) {
 		return
 	}

+	req.Username = strings.TrimSpace(req.Username)
+	if strings.EqualFold(req.Username, bootstrapAdminUsername()) {
+		c.JSON(http.StatusForbidden, gin.H{"error": "This username is reserved"})
+		return
+	}
+
 	// Check if user exists
 	var existingUser model.User
 	if err := db.DB.Where("username = ?", req.Username).First(&existingUser).Error; err == nil {
@@ -146,3 +154,11 @@ func ChangePassword(c *gin.Context) {

 	c.JSON(http.StatusOK, gin.H{"message": "Password updated successfully"})
 }
+
+func bootstrapAdminUsername() string {
+	adminUsername := strings.TrimSpace(os.Getenv("HIGHTUBE_ADMIN_USER"))
+	if adminUsername == "" {
+		return "admin"
+	}
+	return adminUsername
+}