chore: remove openid field from user

33d9c13b · Steven · 42bd9b19 · 33d9c13b · 33d9c13b · 33d9c13b
Commit 33d9c13b authored Sep 14, 2023 by Steven
31 changed files
--- a/api/v1/auth.go
+++ b/api/v1/auth.go
 package v1

 import (
+	"context"
 	"encoding/json"
 	"fmt"
 	"net/http"
@@ -13,6 +14,7 @@ import (
 	"github.com/usememos/memos/common/util"
 	"github.com/usememos/memos/plugin/idp"
 	"github.com/usememos/memos/plugin/idp/oauth2"
+	storepb "github.com/usememos/memos/proto/gen/store"
 	"github.com/usememos/memos/store"
 	"golang.org/x/crypto/bcrypt"
 )
@@ -100,6 +102,9 @@ func (s *APIV1Service) SignIn(c echo.Context) error {
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
 	}
+	if err := s.UpsertAccessTokenToStore(ctx, user, accessToken); err != nil {
+		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to upsert access token, err: %s", err)).SetInternal(err)
+	}
 	if err := s.createAuthSignInActivity(c, user); err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create activity").SetInternal(err)
 	}
@@ -198,7 +203,6 @@ func (s *APIV1Service) SignInSSO(c echo.Context) error {
 			Role:     store.RoleUser,
 			Nickname: userInfo.DisplayName,
 			Email:    userInfo.Email,
-			OpenID:   util.GenUUID(),
 		}
 		password, err := util.RandomString(20)
 		if err != nil {
@@ -222,6 +226,9 @@ func (s *APIV1Service) SignInSSO(c echo.Context) error {
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
 	}
+	if err := s.UpsertAccessTokenToStore(ctx, user, accessToken); err != nil {
+		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to upsert access token, err: %s", err)).SetInternal(err)
+	}
 	if err := s.createAuthSignInActivity(c, user); err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create activity").SetInternal(err)
 	}
@@ -277,7 +284,6 @@ func (s *APIV1Service) SignUp(c echo.Context) error {
 		// The new signup user should be normal user by default.
 		Role:     store.RoleUser,
 		Nickname: signup.Username,
-		OpenID:   util.GenUUID(),
 	}
 	if len(existedHostUsers) == 0 {
 		// Change the default role to host if there is no host user.
@@ -316,6 +322,9 @@ func (s *APIV1Service) SignUp(c echo.Context) error {
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to generate tokens, err: %s", err)).SetInternal(err)
 	}
+	if err := s.UpsertAccessTokenToStore(ctx, user, accessToken); err != nil {
+		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to upsert access token, err: %s", err)).SetInternal(err)
+	}
 	if err := s.createAuthSignUpActivity(c, user); err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create activity").SetInternal(err)
 	}
@@ -325,6 +334,30 @@ func (s *APIV1Service) SignUp(c echo.Context) error {
 	return c.JSON(http.StatusOK, userMessage)
 }

+func (s *APIV1Service) UpsertAccessTokenToStore(ctx context.Context, user *store.User, accessToken string) error {
+	userAccessTokens, err := s.Store.GetUserAccessTokens(ctx, user.ID)
+	if err != nil {
+		return errors.Wrap(err, "failed to get user access tokens")
+	}
+	userAccessToken := storepb.AccessTokensUserSetting_AccessToken{
+		AccessToken: accessToken,
+		Description: "Account sign in",
+	}
+	userAccessTokens = append(userAccessTokens, &userAccessToken)
+	if _, err := s.Store.UpsertUserSettingV1(ctx, &storepb.UserSetting{
+		UserId: user.ID,
+		Key:    storepb.UserSettingKey_USER_SETTING_ACCESS_TOKENS,
+		Value: &storepb.UserSetting_AccessTokens{
+			AccessTokens: &storepb.AccessTokensUserSetting{
+				AccessTokens: userAccessTokens,
+			},
+		},
+	}); err != nil {
+		return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("failed to upsert user setting, err: %s", err)).SetInternal(err)
+	}
+	return nil
+}
+
 func (s *APIV1Service) createAuthSignInActivity(c echo.Context, user *store.User) error {
 	ctx := c.Request().Context()
 	payload := ActivityUserAuthSignInPayload{

--- a/api/v1/docs.go
+++ b/api/v1/docs.go
--- a/api/v1/idp.go
+++ b/api/v1/idp.go
@@ -124,7 +124,6 @@ func (s *APIV1Service) GetIdentityProviderList(c echo.Context) error {
 //	@Failure	401		{object}	nil								"Missing user in session | Unauthorized"
 //	@Failure	400		{object}	nil								"Malformatted post identity provider request"
 //	@Failure	500		{object}	nil								"Failed to find user | Failed to create identity provider"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/idp [POST]
 func (s *APIV1Service) CreateIdentityProvider(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -172,7 +171,6 @@ func (s *APIV1Service) CreateIdentityProvider(c echo.Context) error {
 //	@Failure	401		{object}	nil						"Missing user in session | Unauthorized"
 //	@Failure	404		{object}	nil						"Identity provider not found"
 //	@Failure	500		{object}	nil						"Failed to find identity provider list | Failed to find user"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/idp/{idpId} [GET]
 func (s *APIV1Service) GetIdentityProvider(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -219,7 +217,6 @@ func (s *APIV1Service) GetIdentityProvider(c echo.Context) error {
 //	@Failure	400		{object}	nil		"ID is not a number: %s | Malformatted patch identity provider request"
 //	@Failure	401		{object}	nil		"Missing user in session | Unauthorized"
 //	@Failure	500		{object}	nil		"Failed to find user | Failed to patch identity provider"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/idp/{idpId} [DELETE]
 func (s *APIV1Service) DeleteIdentityProvider(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -261,7 +258,6 @@ func (s *APIV1Service) DeleteIdentityProvider(c echo.Context) error {
 //	@Failure	400		{object}	nil								"ID is not a number: %s | Malformatted patch identity provider request"
 //	@Failure	401		{object}	nil								"Missing user in session | Unauthorized
 //	@Failure	500		{object}	nil								"Failed to find user | Failed to patch identity provider"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/idp/{idpId} [PATCH]
 func (s *APIV1Service) UpdateIdentityProvider(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/jwt.go
+++ b/api/v1/jwt.go
@@ -128,7 +128,6 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
 }

 func (s *APIV1Service) defaultAuthSkipper(c echo.Context) bool {
-	ctx := c.Request().Context()
 	path := c.Path()

 	// Skip auth.
@@ -136,21 +135,5 @@ func (s *APIV1Service) defaultAuthSkipper(c echo.Context) bool {
 		return true
 	}

-	// If there is openId in query string and related user is found, then skip auth.
-	openID := c.QueryParam("openId")
-	if openID != "" {
-		user, err := s.Store.GetUser(ctx, &store.FindUser{
-			OpenID: &openID,
-		})
-		if err != nil {
-			return false
-		}
-		if user != nil {
-			// Stores userID into context.
-			c.Set(userIDContextKey, user.ID)
-			return true
-		}
-	}
-
 	return false
 }
--- a/api/v1/memo.go
+++ b/api/v1/memo.go
@@ -139,7 +139,6 @@ func (s *APIV1Service) registerMemoRoutes(g *echo.Group) {
 //	@Success	200				{object}	[]store.Memo	"Memo list"
 //	@Failure	400				{object}	nil				"Missing user to find memo"
 //	@Failure	500				{object}	nil				"Failed to get memo display with updated ts setting value | Failed to fetch memo list | Failed to compose memo response"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/memo [GET]
 func (s *APIV1Service) GetMemoList(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -239,7 +238,6 @@ func (s *APIV1Service) GetMemoList(c echo.Context) error {
 //	@Failure		401		{object}	nil					"Missing user in session"
 //	@Failure		404		{object}	nil					"User not found | Memo not found: %d"
 //	@Failure		500		{object}	nil					"Failed to find user setting | Failed to unmarshal user setting value | Failed to find system setting | Failed to unmarshal system setting | Failed to find user | Failed to create memo | Failed to create activity | Failed to upsert memo resource | Failed to upsert memo relation | Failed to compose memo | Failed to compose memo response"
-//	@Security		ApiKeyAuth
 //	@Router			/api/v1/memo [POST]
 //
 // NOTES:
@@ -398,7 +396,6 @@ func (s *APIV1Service) CreateMemo(c echo.Context) error {
 //	@Param			offset	query		int				false	"Offset"
 //	@Success		200		{object}	[]store.Memo	"Memo list"
 //	@Failure		500		{object}	nil				"Failed to get memo display with updated ts setting value | Failed to fetch all memo list | Failed to compose memo response"
-//	@Security		ApiKeyAuth
 //	@Router			/api/v1/memo/all [GET]
 //
 //	NOTES:
@@ -575,7 +572,6 @@ func (s *APIV1Service) GetMemo(c echo.Context) error {
 //	@Failure	401		{object}	nil		"Missing user in session | Unauthorized"
 //	@Failure	404		{object}	nil		"Memo not found: %d"
 //	@Failure	500		{object}	nil		"Failed to find memo | Failed to delete memo ID: %v"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/memo/{memoId} [DELETE]
 func (s *APIV1Service) DeleteMemo(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -624,7 +620,6 @@ func (s *APIV1Service) DeleteMemo(c echo.Context) error {
 //	@Failure		401		{object}	nil					"Missing user in session | Unauthorized"
 //	@Failure		404		{object}	nil					"Memo not found: %d"
 //	@Failure		500		{object}	nil					"Failed to find memo | Failed to patch memo | Failed to upsert memo resource | Failed to delete memo resource | Failed to compose memo response"
-//	@Security		ApiKeyAuth
 //	@Router			/api/v1/memo/{memoId} [PATCH]
 //
 // NOTES:

--- a/api/v1/memo_organizer.go
+++ b/api/v1/memo_organizer.go
@@ -37,7 +37,6 @@ func (s *APIV1Service) registerMemoOrganizerRoutes(g *echo.Group) {
 //	@Failure	401		{object}	nil							"Missing user in session | Unauthorized"
 //	@Failure	404		{object}	nil							"Memo not found: %v"
 //	@Failure	500		{object}	nil							"Failed to find memo | Failed to upsert memo organizer | Failed to find memo by ID: %v | Failed to compose memo response"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/memo/{memoId}/organizer [POST]
 func (s *APIV1Service) CreateMemoOrganizer(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/memo_resource.go
+++ b/api/v1/memo_resource.go
@@ -82,7 +82,6 @@ func (s *APIV1Service) GetMemoResourceList(c echo.Context) error {
 //	@Failure	400		{object}	nil							"ID is not a number: %s | Malformatted post memo resource request | Resource not found"
 //	@Failure	401		{object}	nil							"Missing user in session | Unauthorized to bind this resource"
 //	@Failure	500		{object}	nil							"Failed to fetch resource | Failed to upsert memo resource"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/memo/{memoId}/resource [POST]
 //
 // NOTES:
@@ -140,7 +139,6 @@ func (s *APIV1Service) BindMemoResource(c echo.Context) error {
 //	@Failure	400			{object}	nil		"Memo ID is not a number: %s | Resource ID is not a number: %s | Memo not found"
 //	@Failure	401			{object}	nil		"Missing user in session | Unauthorized"
 //	@Failure	500			{object}	nil		"Failed to find memo | Failed to fetch resource list"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/memo/{memoId}/resource/{resourceId} [DELETE]
 func (s *APIV1Service) UnbindMemoResource(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/resource.go
+++ b/api/v1/resource.go
@@ -100,7 +100,6 @@ func (s *APIV1Service) registerResourcePublicRoutes(g *echo.Group) {
 //	@Success	200		{object}	[]store.Resource	"Resource list"
 //	@Failure	401		{object}	nil					"Missing user in session"
 //	@Failure	500		{object}	nil					"Failed to fetch resource list"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/resource [GET]
 func (s *APIV1Service) GetResourceList(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -140,7 +139,6 @@ func (s *APIV1Service) GetResourceList(c echo.Context) error {
 //	@Failure	400		{object}	nil						"Malformatted post resource request | Invalid external link | Invalid external link scheme | Failed to request %s | Failed to read %s | Failed to read mime from %s"
 //	@Failure	401		{object}	nil						"Missing user in session"
 //	@Failure	500		{object}	nil						"Failed to save resource | Failed to create resource | Failed to create activity"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/resource [POST]
 func (s *APIV1Service) CreateResource(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -192,7 +190,6 @@ func (s *APIV1Service) CreateResource(c echo.Context) error {
 //	@Failure	400		{object}	nil				"Upload file not found | File size exceeds allowed limit of %d MiB | Failed to parse upload data"
 //	@Failure	401		{object}	nil				"Missing user in session"
 //	@Failure	500		{object}	nil				"Failed to get uploading file | Failed to open file | Failed to save resource | Failed to create resource | Failed to create activity"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/resource/blob [POST]
 func (s *APIV1Service) UploadResource(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -265,7 +262,6 @@ func (s *APIV1Service) UploadResource(c echo.Context) error {
 //	@Failure	401			{object}	nil		"Missing user in session"
 //	@Failure	404			{object}	nil		"Resource not found: %d"
 //	@Failure	500			{object}	nil		"Failed to find resource | Failed to delete resource"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/resource/{resourceId} [DELETE]
 func (s *APIV1Service) DeleteResource(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -322,7 +318,6 @@ func (s *APIV1Service) DeleteResource(c echo.Context) error {
 //	@Failure	401			{object}	nil						"Missing user in session | Unauthorized"
 //	@Failure	404			{object}	nil						"Resource not found: %d"
 //	@Failure	500			{object}	nil						"Failed to find resource | Failed to patch resource"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/resource/{resourceId} [PATCH]
 func (s *APIV1Service) UpdateResource(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/storage.go
+++ b/api/v1/storage.go
@@ -77,7 +77,6 @@ func (s *APIV1Service) registerStorageRoutes(g *echo.Group) {
 //	@Success	200	{object}	[]store.Storage	"List of storages"
 //	@Failure	401	{object}	nil				"Missing user in session | Unauthorized"
 //	@Failure	500	{object}	nil				"Failed to find user | Failed to convert storage"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/storage [GET]
 func (s *APIV1Service) GetStorageList(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -124,7 +123,6 @@ func (s *APIV1Service) GetStorageList(c echo.Context) error {
 //	@Failure	400		{object}	nil						"Malformatted post storage request"
 //	@Failure	401		{object}	nil						"Missing user in session"
 //	@Failure	500		{object}	nil						"Failed to find user | Failed to create storage | Failed to convert storage"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/storage [POST]
 func (s *APIV1Service) CreateStorage(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -182,7 +180,6 @@ func (s *APIV1Service) CreateStorage(c echo.Context) error {
 //	@Failure	400			{object}	nil		"ID is not a number: %s | Storage service %d is using"
 //	@Failure	401			{object}	nil		"Missing user in session | Unauthorized"
 //	@Failure	500			{object}	nil		"Failed to find user | Failed to find storage | Failed to unmarshal storage service id | Failed to delete storage"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/storage/{storageId} [DELETE]
 //
 // NOTES:
@@ -241,7 +238,6 @@ func (s *APIV1Service) DeleteStorage(c echo.Context) error {
 //	@Failure	400			{object}	nil						"ID is not a number: %s | Malformatted patch storage request | Malformatted post storage request"
 //	@Failure	401			{object}	nil						"Missing user in session | Unauthorized"
 //	@Failure	500			{object}	nil						"Failed to find user | Failed to patch storage | Failed to convert storage"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/storage/{storageId} [PATCH]
 func (s *APIV1Service) UpdateStorage(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/swagger.yaml
+++ b/api/v1/swagger.yaml
--- a/api/v1/system.go
+++ b/api/v1/system.go
@@ -163,7 +163,6 @@ func (s *APIV1Service) GetSystemStatus(c echo.Context) error {
 //	@Success	200	{boolean}	true	"Database vacuumed"
 //	@Failure	401	{object}	nil		"Missing user in session | Unauthorized"
 //	@Failure	500	{object}	nil		"Failed to find user | Failed to ExecVacuum database"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/system/vacuum [POST]
 func (s *APIV1Service) ExecVacuum(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/system_setting.go
+++ b/api/v1/system_setting.go
@@ -90,7 +90,6 @@ func (s *APIV1Service) registerSystemSettingRoutes(g *echo.Group) {
 //	@Success	200	{object}	[]SystemSetting	"System setting list"
 //	@Failure	401	{object}	nil				"Missing user in session | Unauthorized"
 //	@Failure	500	{object}	nil				"Failed to find user | Failed to find system setting list"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/system/setting [GET]
 func (s *APIV1Service) GetSystemSettingList(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -133,7 +132,6 @@ func (s *APIV1Service) GetSystemSettingList(c echo.Context) error {
 //	@Failure	401		{object}	nil							"Missing user in session | Unauthorized"
 //	@Failure	403		{object}	nil							"Cannot disable passwords if no SSO identity provider is configured."
 //	@Failure	500		{object}	nil							"Failed to find user | Failed to upsert system setting"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/system/setting [POST]
 func (s *APIV1Service) CreateSystemSetting(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/tag.go
+++ b/api/v1/tag.go
@@ -41,7 +41,6 @@ func (s *APIV1Service) registerTagRoutes(g *echo.Group) {
 //	@Success	200	{object}	[]string	"Tag list"
 //	@Failure	400	{object}	nil			"Missing user id to find tag"
 //	@Failure	500	{object}	nil			"Failed to find tag list"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/tag [GET]
 func (s *APIV1Service) GetTagList(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -75,7 +74,6 @@ func (s *APIV1Service) GetTagList(c echo.Context) error {
 //	@Failure	400		{object}	nil					"Malformatted post tag request | Tag name shouldn't be empty"
 //	@Failure	401		{object}	nil					"Missing user in session"
 //	@Failure	500		{object}	nil					"Failed to upsert tag | Failed to create activity"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/tag [POST]
 func (s *APIV1Service) CreateTag(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -117,7 +115,6 @@ func (s *APIV1Service) CreateTag(c echo.Context) error {
 //	@Failure	400		{object}	nil					"Malformatted post tag request | Tag name shouldn't be empty"
 //	@Failure	401		{object}	nil					"Missing user in session"
 //	@Failure	500		{object}	nil					"Failed to delete tag name: %v"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/tag/delete [POST]
 func (s *APIV1Service) DeleteTag(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -152,7 +149,6 @@ func (s *APIV1Service) DeleteTag(c echo.Context) error {
 //	@Success	200	{object}	[]string	"Tag list"
 //	@Failure	400	{object}	nil			"Missing user session"
 //	@Failure	500	{object}	nil			"Failed to find memo list | Failed to find tag list"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/tag/suggestion [GET]
 func (s *APIV1Service) GetTagSuggestion(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/user.go
+++ b/api/v1/user.go
@@ -43,7 +43,6 @@ type User struct {
 	Email           string         `json:"email"`
 	Nickname        string         `json:"nickname"`
 	PasswordHash    string         `json:"-"`
-	OpenID          string         `json:"openId"`
 	AvatarURL       string         `json:"avatarUrl"`
 	UserSettingList []*UserSetting `json:"userSettingList"`
 }
@@ -57,13 +56,12 @@ type CreateUserRequest struct {
 }

 type UpdateUserRequest struct {
-	RowStatus   *RowStatus `json:"rowStatus"`
-	Username    *string    `json:"username"`
-	Email       *string    `json:"email"`
-	Nickname    *string    `json:"nickname"`
-	Password    *string    `json:"password"`
-	ResetOpenID *bool      `json:"resetOpenId"`
-	AvatarURL   *string    `json:"avatarUrl"`
+	RowStatus *RowStatus `json:"rowStatus"`
+	Username  *string    `json:"username"`
+	Email     *string    `json:"email"`
+	Nickname  *string    `json:"nickname"`
+	Password  *string    `json:"password"`
+	AvatarURL *string    `json:"avatarUrl"`
 }

 func (s *APIV1Service) registerUserRoutes(g *echo.Group) {
@@ -96,7 +94,6 @@ func (s *APIV1Service) GetUserList(c echo.Context) error {
 	for _, user := range list {
 		userMessage := convertUserFromStore(user)
 		// data desensitize
-		userMessage.OpenID = ""
 		userMessage.Email = ""
 		userMessageList = append(userMessageList, userMessage)
 	}
@@ -158,7 +155,6 @@ func (s *APIV1Service) CreateUser(c echo.Context) error {
 		Email:        userCreate.Email,
 		Nickname:     userCreate.Nickname,
 		PasswordHash: string(passwordHash),
-		OpenID:       util.GenUUID(),
 	})
 	if err != nil {
 		return echo.NewHTTPError(http.StatusInternalServerError, "Failed to create user").SetInternal(err)
@@ -179,7 +175,6 @@ func (s *APIV1Service) CreateUser(c echo.Context) error {
 //	@Success	200	{object}	store.User	"Current user"
 //	@Failure	401	{object}	nil			"Missing auth session"
 //	@Failure	500	{object}	nil			"Failed to find user | Failed to find userSettingList"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/user/me [GET]
 func (s *APIV1Service) GetCurrentUser(c echo.Context) error {
 	ctx := c.Request().Context()
@@ -234,7 +229,6 @@ func (s *APIV1Service) GetUserByUsername(c echo.Context) error {

 	userMessage := convertUserFromStore(user)
 	// data desensitize
-	userMessage.OpenID = ""
 	userMessage.Email = ""
 	return c.JSON(http.StatusOK, userMessage)
 }
@@ -267,7 +261,6 @@ func (s *APIV1Service) GetUserByID(c echo.Context) error {

 	userMessage := convertUserFromStore(user)
 	// data desensitize
-	userMessage.OpenID = ""
 	userMessage.Email = ""
 	return c.JSON(http.StatusOK, userMessage)
 }
@@ -385,10 +378,6 @@ func (s *APIV1Service) UpdateUser(c echo.Context) error {
 		passwordHashStr := string(passwordHash)
 		userUpdate.PasswordHash = &passwordHashStr
 	}
-	if request.ResetOpenID != nil && *request.ResetOpenID {
-		openID := util.GenUUID()
-		userUpdate.OpenID = &openID
-	}
 	if request.AvatarURL != nil {
 		userUpdate.AvatarURL = request.AvatarURL
 	}
@@ -508,7 +497,6 @@ func convertUserFromStore(user *store.User) *User {
 		Email:        user.Email,
 		Nickname:     user.Nickname,
 		PasswordHash: user.PasswordHash,
-		OpenID:       user.OpenID,
 		AvatarURL:    user.AvatarURL,
 	}
 }
--- a/api/v1/user_setting.go
+++ b/api/v1/user_setting.go
@@ -92,7 +92,6 @@ func (s *APIV1Service) registerUserSettingRoutes(g *echo.Group) {
 //	@Failure	400		{object}	nil							"Malformatted post user setting upsert request | Invalid user setting format"
 //	@Failure	401		{object}	nil							"Missing auth session"
 //	@Failure	500		{object}	nil							"Failed to upsert user setting"
-//	@Security	ApiKeyAuth
 //	@Router		/api/v1/user/setting [POST]
 func (s *APIV1Service) UpsertUserSetting(c echo.Context) error {
 	ctx := c.Request().Context()

--- a/api/v1/v1.go
+++ b/api/v1/v1.go
@@ -27,12 +27,7 @@ type APIV1Service struct {
 // @BasePath					/
 //
 // @externalDocs.url			https://usememos.com/
-// @externalDocs.description	Find out more about Memos
-//
-// @securitydefinitions.apikey	ApiKeyAuth
-// @in							query
-// @name						openId
-// @description				Insert your Open ID API Key here.
+// @externalDocs.description	Find out more about Memos.
 func NewAPIV1Service(secret string, profile *profile.Profile, store *store.Store, telegramBot *telegram.Bot) *APIV1Service {
 	return &APIV1Service{
 		Secret:      secret,

--- a/api/v2/user_service.go
+++ b/api/v2/user_service.go
@@ -9,7 +9,6 @@ import (
 	"github.com/labstack/echo/v4"
 	"github.com/pkg/errors"
 	"github.com/usememos/memos/api/auth"
-	"github.com/usememos/memos/common/util"
 	apiv2pb "github.com/usememos/memos/proto/gen/api/v2"
 	storepb "github.com/usememos/memos/proto/gen/store"
 	"github.com/usememos/memos/store"
@@ -47,12 +46,6 @@ func (s *UserService) GetUser(ctx context.Context, request *apiv2pb.GetUserReque
 	}

 	userMessage := convertUserFromStore(user)
-	currentUser, _ := getCurrentUser(ctx, s.Store)
-	if currentUser == nil || currentUser.ID != user.ID {
-		// Data desensitization.
-		userMessage.OpenId = ""
-	}
-
 	response := &apiv2pb.GetUserResponse{
 		User: userMessage,
 	}
@@ -88,9 +81,6 @@ func (s *UserService) UpdateUser(ctx context.Context, request *apiv2pb.UpdateUse
 		} else if path == "role" {
 			role := convertUserRoleToStore(request.User.Role)
 			update.Role = &role
-		} else if path == "reset_open_id" {
-			openID := util.GenUUID()
-			update.OpenID = &openID
 		} else if path == "password" {
 			passwordHash, err := bcrypt.GenerateFromPassword([]byte(request.User.Password), bcrypt.DefaultCost)
 			if err != nil {
@@ -283,7 +273,6 @@ func convertUserFromStore(user *store.User) *apiv2pb.User {
 		Role:       convertUserRoleFromStore(user.Role),
 		Email:      user.Email,
 		Nickname:   user.Nickname,
-		OpenId:     user.OpenID,
 		AvatarUrl:  user.AvatarURL,
 	}
 }

--- a/cmd/setup.go
+++ b/cmd/setup.go
@@ -101,7 +101,6 @@ func (s setupService) createUser(ctx context.Context, hostUsername, hostPassword
 		// The new signup user should be normal user by default.
 		Role:     store.RoleHost,
 		Nickname: hostUsername,
-		OpenID:   util.GenUUID(),
 	}

 	if len(userCreate.Username) < 3 {

--- a/docs/api/v1.md
+++ b/docs/api/v1.md
--- a/proto/api/v2/user_service.proto
+++ b/proto/api/v2/user_service.proto
@@ -59,17 +59,15 @@ message User {

  string nickname = 5;

-  string open_id = 6;
+  string avatar_url = 6;

-  string avatar_url = 7;
+  string password = 7 [(google.api.field_behavior) = INPUT_ONLY];

-  string password = 8 [(google.api.field_behavior) = INPUT_ONLY];
+  RowStatus row_status = 8;

-  RowStatus row_status = 9;
+  google.protobuf.Timestamp create_time = 9;

-  google.protobuf.Timestamp create_time = 10;
-
-  google.protobuf.Timestamp update_time = 11;
+  google.protobuf.Timestamp update_time = 10;
 }

 message GetUserRequest {

--- a/proto/gen/api/v2/README.md
+++ b/proto/gen/api/v2/README.md
@@ -554,7 +554,6 @@
 | role | [User.Role](#memos-api-v2-User-Role) |  |  |
 | email | [string](#string) |  |  |
 | nickname | [string](#string) |  |  |
-| open_id | [string](#string) |  |  |
 | avatar_url | [string](#string) |  |  |
 | password | [string](#string) |  |  |
 | row_status | [RowStatus](#memos-api-v2-RowStatus) |  |  |

--- a/proto/gen/api/v2/user_service.pb.go
+++ b/proto/gen/api/v2/user_service.pb.go
--- a/store/db/migration/dev/LATEST__SCHEMA.sql
+++ b/store/db/migration/dev/LATEST__SCHEMA.sql
@@ -23,7 +23,6 @@ CREATE TABLE user (
  email TEXT NOT NULL DEFAULT '',
  nickname TEXT NOT NULL DEFAULT '',
  password_hash TEXT NOT NULL,
-  open_id TEXT NOT NULL UNIQUE,
  avatar_url TEXT NOT NULL DEFAULT ''
 );


--- a/store/db/migration/prod/0.15/00__drop_user_open_id.sql
+++ b/store/db/migration/prod/0.15/00__drop_user_open_id.sql
+DROP TABLE IF EXISTS user_temp;
+
+CREATE TABLE user_temp (
+  id INTEGER PRIMARY KEY AUTOINCREMENT,
+  created_ts BIGINT NOT NULL DEFAULT (strftime('%s', 'now')),
+  updated_ts BIGINT NOT NULL DEFAULT (strftime('%s', 'now')),
+  row_status TEXT NOT NULL CHECK (row_status IN ('NORMAL', 'ARCHIVED')) DEFAULT 'NORMAL',
+  username TEXT NOT NULL UNIQUE,
+  role TEXT NOT NULL CHECK (role IN ('HOST', 'ADMIN', 'USER')) DEFAULT 'USER',
+  email TEXT NOT NULL DEFAULT '',
+  nickname TEXT NOT NULL DEFAULT '',
+  password_hash TEXT NOT NULL,
+  avatar_url TEXT NOT NULL DEFAULT ''
+);
+
+INSERT INTO
+  user_temp (id, created_ts, updated_ts, row_status, username, role, email, nickname, password_hash, avatar_url)
+SELECT
+  id, created_ts, updated_ts, row_status, username, role, email, nickname, password_hash, avatar_url
+FROM
+  user;
+
+DROP TABLE user;
+
+ALTER TABLE user_temp_temp RENAME TO user_temp;
--- a/store/db/migration/prod/LATEST__SCHEMA.sql
+++ b/store/db/migration/prod/LATEST__SCHEMA.sql
@@ -23,7 +23,6 @@ CREATE TABLE user (
  email TEXT NOT NULL DEFAULT '',
  nickname TEXT NOT NULL DEFAULT '',
  password_hash TEXT NOT NULL,
-  open_id TEXT NOT NULL UNIQUE,
  avatar_url TEXT NOT NULL DEFAULT ''
 );


--- a/store/user.go
+++ b/store/user.go
@@ -43,7 +43,6 @@ type User struct {
 	Email        string
 	Nickname     string
 	PasswordHash string
-	OpenID       string
 	AvatarURL    string
 }

@@ -59,7 +58,6 @@ type UpdateUser struct {
 	Password     *string
 	AvatarURL    *string
 	PasswordHash *string
-	OpenID       *string
 }

 type FindUser struct {
@@ -69,7 +67,6 @@ type FindUser struct {
 	Role      *Role
 	Email     *string
 	Nickname  *string
-	OpenID    *string
 }

 type DeleteUser struct {
@@ -83,10 +80,9 @@ func (s *Store) CreateUser(ctx context.Context, create *User) (*User, error) {
 			role,
 			email,
 			nickname,
-			password_hash,
-			open_id
+			password_hash
 		)
-		VALUES (?, ?, ?, ?, ?, ?)
+		VALUES (?, ?, ?, ?, ?)
 		RETURNING id, avatar_url, created_ts, updated_ts, row_status
 	`
 	if err := s.db.QueryRowContext(
@@ -97,7 +93,6 @@ func (s *Store) CreateUser(ctx context.Context, create *User) (*User, error) {
 		create.Email,
 		create.Nickname,
 		create.PasswordHash,
-		create.OpenID,
 	).Scan(
 		&create.ID,
 		&create.AvatarURL,
@@ -136,16 +131,13 @@ func (s *Store) UpdateUser(ctx context.Context, update *UpdateUser) (*User, erro
 	if v := update.PasswordHash; v != nil {
 		set, args = append(set, "password_hash = ?"), append(args, *v)
 	}
-	if v := update.OpenID; v != nil {
-		set, args = append(set, "open_id = ?"), append(args, *v)
-	}
 	args = append(args, update.ID)

 	query := `
 		UPDATE user
 		SET ` + strings.Join(set, ", ") + `
 		WHERE id = ?
-		RETURNING id, username, role, email, nickname, password_hash, open_id, avatar_url, created_ts, updated_ts, row_status
+		RETURNING id, username, role, email, nickname, password_hash, avatar_url, created_ts, updated_ts, row_status
 	`
 	user := &User{}
 	if err := s.db.QueryRowContext(ctx, query, args...).Scan(
@@ -155,7 +147,6 @@ func (s *Store) UpdateUser(ctx context.Context, update *UpdateUser) (*User, erro
 		&user.Email,
 		&user.Nickname,
 		&user.PasswordHash,
-		&user.OpenID,
 		&user.AvatarURL,
 		&user.CreatedTs,
 		&user.UpdatedTs,
@@ -186,9 +177,6 @@ func (s *Store) ListUsers(ctx context.Context, find *FindUser) ([]*User, error)
 	if v := find.Nickname; v != nil {
 		where, args = append(where, "nickname = ?"), append(args, *v)
 	}
-	if v := find.OpenID; v != nil {
-		where, args = append(where, "open_id = ?"), append(args, *v)
-	}

 	query := `
 		SELECT 
@@ -198,7 +186,6 @@ func (s *Store) ListUsers(ctx context.Context, find *FindUser) ([]*User, error)
 			email,
 			nickname,
 			password_hash,
-			open_id,
 			avatar_url,
 			created_ts,
 			updated_ts,
@@ -223,7 +210,6 @@ func (s *Store) ListUsers(ctx context.Context, find *FindUser) ([]*User, error)
 			&user.Email,
 			&user.Nickname,
 			&user.PasswordHash,
-			&user.OpenID,
 			&user.AvatarURL,
 			&user.CreatedTs,
 			&user.UpdatedTs,

--- a/test/store/user_test.go
+++ b/test/store/user_test.go
@@ -42,7 +42,6 @@ func createTestingHostUser(ctx context.Context, ts *store.Store) (*store.User, e
 		Role:     store.RoleHost,
 		Email:    "test@test.com",
 		Nickname: "test_nickname",
-		OpenID:   "test_open_id",
 	}
 	passwordHash, err := bcrypt.GenerateFromPassword([]byte("test_password"), bcrypt.DefaultCost)
 	if err != nil {

--- a/web/src/components/Settings/MyAccountSection.tsx
+++ b/web/src/components/Settings/MyAccountSection.tsx
-import { Button, Input, Textarea } from "@mui/joy";
+import { Button } from "@mui/joy";
 import useCurrentUser from "@/hooks/useCurrentUser";
-import { useUserV1Store } from "@/store/v1";
 import { useTranslate } from "@/utils/i18n";
 import showChangePasswordDialog from "../ChangePasswordDialog";
-import { showCommonDialog } from "../Dialog/CommonDialog";
-import Icon from "../Icon";
 import showUpdateAccountDialog from "../UpdateAccountDialog";
 import UserAvatar from "../UserAvatar";

 const MyAccountSection = () => {
  const t = useTranslate();
-  const userV1Store = useUserV1Store();
  const user = useCurrentUser();
-  const openAPIRoute = `${window.location.origin}/api/v1/memo?openId=${user.openId}`;
-
-  const handleResetOpenIdBtnClick = async () => {
-    showCommonDialog({
-      title: t("setting.account-section.openapi-reset"),
-      content: t("setting.account-section.openapi-reset-warning"),
-      style: "warning",
-      dialogName: "reset-openid-dialog",
-      onConfirm: async () => {
-        await userV1Store.updateUser(
-          {
-            username: user.username,
-          },
-          ["reset_open_id"]
-        );
-      },
-    });
-  };
-
-  const exampleWithCurl = `curl '${openAPIRoute}' -H 'Content-Type: application/json' --data-raw '{"content":"Hello world!"}'`;

  return (
    <>
@@ -52,17 +28,6 @@ const MyAccountSection = () => {
          </Button>
        </div>
      </div>
-      <div className="section-container openapi-section-container mt-6">
-        <p className="title-text">Open ID</p>
-        <div className="w-full flex flex-row justify-start items-center">
-          <Input className="grow mr-2" value={user.openId} readOnly />
-          <Button className="shrink-0" color="neutral" variant="outlined" onClick={handleResetOpenIdBtnClick}>
-            <Icon.RefreshCw className="h-4 w-4" />
-          </Button>
-        </div>
-        <p className="title-text">Open API Example with cURL</p>
-        <Textarea className="w-full !font-mono !text-sm whitespace-pre" value={exampleWithCurl} readOnly />
-      </div>
    </>
  );
 };

--- a/web/src/types/modules/user.d.ts
+++ b/web/src/types/modules/user.d.ts
@@ -12,7 +12,6 @@ interface User {
  role: UserRole;
  email: string;
  nickname: string;
-  openId: string;
  avatarUrl: string;
  userSettingList: UserSetting[];

@@ -34,7 +33,6 @@ interface UserPatch {
  nickname?: string;
  avatarUrl?: string;
  password?: string;
-  resetOpenId?: boolean;
 }

 interface UserDelete {

--- a/web/src/types/proto/api/v2/user_service_pb.d.ts
+++ b/web/src/types/proto/api/v2/user_service_pb.d.ts
@@ -37,32 +37,27 @@ export declare class User extends Message<User> {
  nickname: string;

  /**
-   * @generated from field: string open_id = 6;
-   */
-  openId: string;
-
-  /**
-   * @generated from field: string avatar_url = 7;
+   * @generated from field: string avatar_url = 6;
   */
  avatarUrl: string;

  /**
-   * @generated from field: string password = 8;
+   * @generated from field: string password = 7;
   */
  password: string;

  /**
-   * @generated from field: memos.api.v2.RowStatus row_status = 9;
+   * @generated from field: memos.api.v2.RowStatus row_status = 8;
   */
  rowStatus: RowStatus;

  /**
-   * @generated from field: google.protobuf.Timestamp create_time = 10;
+   * @generated from field: google.protobuf.Timestamp create_time = 9;
   */
  createTime?: Timestamp;

  /**
-   * @generated from field: google.protobuf.Timestamp update_time = 11;
+   * @generated from field: google.protobuf.Timestamp update_time = 10;
   */
  updateTime?: Timestamp;


--- a/web/src/types/proto/api/v2/user_service_pb.js
+++ b/web/src/types/proto/api/v2/user_service_pb.js
@@ -17,12 +17,11 @@ export const User = proto3.makeMessageType(
    { no: 3, name: "role", kind: "enum", T: proto3.getEnumType(User_Role) },
    { no: 4, name: "email", kind: "scalar", T: 9 /* ScalarType.STRING */ },
    { no: 5, name: "nickname", kind: "scalar", T: 9 /* ScalarType.STRING */ },
-    { no: 6, name: "open_id", kind: "scalar", T: 9 /* ScalarType.STRING */ },
-    { no: 7, name: "avatar_url", kind: "scalar", T: 9 /* ScalarType.STRING */ },
-    { no: 8, name: "password", kind: "scalar", T: 9 /* ScalarType.STRING */ },
-    { no: 9, name: "row_status", kind: "enum", T: proto3.getEnumType(RowStatus) },
-    { no: 10, name: "create_time", kind: "message", T: Timestamp },
-    { no: 11, name: "update_time", kind: "message", T: Timestamp },
+    { no: 6, name: "avatar_url", kind: "scalar", T: 9 /* ScalarType.STRING */ },
+    { no: 7, name: "password", kind: "scalar", T: 9 /* ScalarType.STRING */ },
+    { no: 8, name: "row_status", kind: "enum", T: proto3.getEnumType(RowStatus) },
+    { no: 9, name: "create_time", kind: "message", T: Timestamp },
+    { no: 10, name: "update_time", kind: "message", T: Timestamp },
  ],
 );