添加临时Token登录接口

controllers/AccountController.go

@@ -1,18 +1,23 @@
 package controllers
 
 import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/base64"
+	"fmt"
 	"net/url"
 	"regexp"
 	"strings"
 	"time"
 
+	"html/template"
+
 	"github.com/astaxie/beego"
 	"github.com/lifei6671/gocaptcha"
 	"github.com/lifei6671/mindoc/conf"
 	"github.com/lifei6671/mindoc/mail"
 	"github.com/lifei6671/mindoc/models"
 	"github.com/lifei6671/mindoc/utils"
-	"html/template"
 )
 
 // AccountController 用户登录与注册
@@ -131,6 +136,67 @@ func (c *AccountController) Login() {
 	}
 }
 
+// 临时登录
+func (c *AccountController) TmpLogin() {
+	if c.Member != nil {
+		c.Redirect(conf.URLFor("HomeController.Index"), 302)
+	}
+
+	tmpToken := c.GetString("tmpToken")
+	if tmpToken == "" {
+		c.Redirect(conf.URLFor("AccountController.Login"), 302)
+	}
+
+	tmp, err := base64.URLEncoding.DecodeString(tmpToken)
+	if err != nil {
+		c.Redirect(conf.URLFor("AccountController.Login"), 302)
+	}
+
+	tmpToken = string(tmp)
+	var remember CookieRemember
+	// 如果 Cookie 中存在登录信息
+	cookie, ok := c.GetSecureCookie(conf.GetAppKey(), "login")
+	if !ok {
+		cookie, ok = parseHelper(tmpToken)
+	}
+
+	// 解析用户，并登录
+	if ok {
+		if err := utils.Decode(cookie, &remember); err == nil {
+			if member, err := models.NewMember().Find(remember.MemberId); err == nil {
+				c.SetMember(*member)
+				c.LoggedIn(false)
+				c.StopRun()
+			}
+		}
+	}
+	c.Redirect(conf.URLFor("AccountController.Login"), 302)
+
+}
+
+func parseHelper(value string) (string, bool) {
+
+	parts := strings.SplitN(value, "|", 3)
+
+	if len(parts) != 3 {
+		return "", false
+	}
+
+	vs := parts[0]
+	timestamp := parts[1]
+	sig := parts[2]
+
+	h := hmac.New(sha1.New, []byte(conf.GetAppKey()))
+	fmt.Fprintf(h, "%s%s", vs, timestamp)
+
+	if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
+		return "", false
+	}
+	res, _ := base64.URLEncoding.DecodeString(vs)
+	return string(res), true
+
+}
+
 // 登录成功后的操作，如重定向到原始请求页面
 func (c *AccountController) LoggedIn(isPost bool) interface{} {