lsm/mindoc
1
0
Fork 0
mirror of https://github.com/mindoc-org/mindoc.git synced 2025-12-20 04:00:05 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

1、增加了登录后重定向至原始请求 URL 的功能;2、格式化了相关文件中的代码。

Browse Source
This commit is contained in:
Dandy Cheung
2018-01-09 18:15:40 +08:00
parent d0a1c77c43
commit 4ff6be3b6c
3 changed files with 191 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

269
controllers/account.go
View File

@@ -1,40 +1,52 @@
package controllers
import (
"time"
"strings"
"regexp"
"strconv"
"strings"
"time"
"net/smtp"
"github.com/lifei6671/mindoc/conf"
"github.com/lifei6671/mindoc/models"
"github.com/lifei6671/mindoc/utils"
"github.com/astaxie/beego"
"github.com/astaxie/beego/logs"
"github.com/lifei6671/gocaptcha"
"strconv"
"github.com/lifei6671/mindoc/conf"
"github.com/lifei6671/mindoc/models"
"github.com/lifei6671/mindoc/utils"
)
// AccountController 用户登录与注册.
// AccountController 用户登录与注册
type AccountController struct {
BaseController
}
// Login 用户登录.
// Login 用户登录
func (c *AccountController) Login() {
c.Prepare()
c.TplName = "account/login.tpl"
var remember struct { MemberId int ; Account string; Time time.Time}
var remember struct {
MemberId int
Account string
Time time.Time
}
//如果Cookie中存在登录信息
if cookie,ok := c.GetSecureCookie(conf.GetAppKey(),"login");ok{
// 显式指定的 URL 参数优先;为了统一处理,将之更新到 Session 中
turl := c.GetString("turl", "")
if turl != "" {
c.SetSession("turl", turl)
}
if err := utils.Decode(cookie,&remember); err == nil {
if member,err := models.NewMember().Find(remember.MemberId); err == nil {
beego.Info("AccountController.Login(): turl is: " + turl)
// 如果 Cookie 中存在登录信息
if cookie, ok := c.GetSecureCookie(conf.GetAppKey(), "login"); ok {
if err := utils.Decode(cookie, &remember); err == nil {
if member, err := models.NewMember().Find(remember.MemberId); err == nil {
c.SetMember(*member)
c.Redirect(beego.URLFor("HomeController.Index"), 302)
c.LoggedIn(false)
c.StopRun()
}
}
@@ -46,48 +58,72 @@ func (c *AccountController) Login() {
captcha := c.GetString("code")
is_remember := c.GetString("is_remember")
//如果开启了验证码
if v,ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v,"true") {
v,ok := c.GetSession(conf.CaptchaSessionName).(string);
if !ok || !strings.EqualFold(v,captcha){
c.JsonResult(6001,"验证码不正确")
// 如果开启了验证码
if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
if !ok || !strings.EqualFold(v, captcha) {
c.JsonResult(6001, "验证码不正确")
}
}
member,err := models.NewMember().Login(account,password)
//如果没有数据
member, err := models.NewMember().Login(account, password)
if err == nil {
member.LastLoginTime = time.Now()
member.Update()
c.SetMember(*member)
if strings.EqualFold(is_remember,"yes") {
if strings.EqualFold(is_remember, "yes") {
remember.MemberId = member.MemberId
remember.Account = member.Account
remember.Time = time.Now()
v ,err := utils.Encode(remember)
v, err := utils.Encode(remember)
if err == nil {
c.SetSecureCookie(conf.GetAppKey(),"login",v)
c.SetSecureCookie(conf.GetAppKey(), "login", v)
}
}
data := c.LoggedIn(true)
c.JsonResult(0, "ok", data)
} else {
logs.Error("用户登录 =>", err)
c.JsonResult(500, "账号或密码错误", nil)
}
c.JsonResult(0,"ok")
}else{
logs.Error("用户登录 =>",err)
c.JsonResult(500,"账号或密码错误",nil)
}
return
}
}
//用户注册.
// 登录成功后的操作,如重定向到原始请求页面
func (c *AccountController) LoggedIn(isPost bool) interface{} {
turl := ""
value := c.GetSession("turl")
if value != nil {
turl = value.(string)
}
c.DelSession("turl")
beego.Info("AccountController.LoggedIn(): turl is: " + turl)
if !isPost {
// 检查是否存在 turl 参数,如果有则重定向至 turl 处,否则进入 Home 页面
if turl == "" {
turl = beego.URLFor("HomeController.Index")
}
c.Redirect(turl, 302)
return nil
} else {
var data struct {
TURL string `json:"turl"`
}
data.TURL = turl
return data
}
}
// 用户注册
func (c *AccountController) Register() {
c.TplName = "account/register.tpl"
//如果没有开启用户注册
if v,ok := c.Option["ENABLED_REGISTER"]; ok && !strings.EqualFold(v,"true") {
// 如果没有开启用户注册
if v, ok := c.Option["ENABLED_REGISTER"]; ok && !strings.EqualFold(v, "true") {
c.Abort("404")
}
@@ -98,30 +134,30 @@ func (c *AccountController) Register() {
email := c.GetString("email")
captcha := c.GetString("code")
if ok,err := regexp.MatchString(conf.RegexpAccount,account); account == "" || !ok || err != nil {
c.JsonResult(6001,"账号只能由英文字母数字组成且在3-50个字符")
if ok, err := regexp.MatchString(conf.RegexpAccount, account); account == "" || !ok || err != nil {
c.JsonResult(6001, "账号只能由英文字母数字组成且在3-50个字符")
}
if l := strings.Count(password1,"") ; password1 == "" || l > 50 || l < 6{
c.JsonResult(6002,"密码必须在6-50个字符之间")
if l := strings.Count(password1, ""); password1 == "" || l > 50 || l < 6 {
c.JsonResult(6002, "密码必须在6-50个字符之间")
}
if password1 != password2 {
c.JsonResult(6003,"确认密码不正确")
c.JsonResult(6003, "确认密码不正确")
}
if ok,err := regexp.MatchString(conf.RegexpEmail,email); !ok || err != nil || email == "" {
c.JsonResult(6004,"邮箱格式不正确")
if ok, err := regexp.MatchString(conf.RegexpEmail, email); !ok || err != nil || email == "" {
c.JsonResult(6004, "邮箱格式不正确")
}
//如果开启了验证码
if v,ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v,"true") {
v,ok := c.GetSession(conf.CaptchaSessionName).(string);
if !ok || !strings.EqualFold(v,captcha){
c.JsonResult(6001,"验证码不正确")
// 如果开启了验证码
if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
if !ok || !strings.EqualFold(v, captcha) {
c.JsonResult(6001, "验证码不正确")
}
}
member := models.NewMember()
if _,err := member.FindByAccount(account); err == nil && member.MemberId > 0 {
c.JsonResult(6005,"账号已存在")
if _, err := member.FindByAccount(account); err == nil && member.MemberId > 0 {
c.JsonResult(6005, "账号已存在")
}
member.Account = account
@@ -133,14 +169,14 @@ func (c *AccountController) Register() {
member.Status = 0
if err := member.Add(); err != nil {
beego.Error(err)
c.JsonResult(6006,"注册失败,请联系系统管理员处理")
c.JsonResult(6006, "注册失败,请联系系统管理员处理")
}
c.JsonResult(0,"ok",member)
c.JsonResult(0, "ok", member)
}
}
//找回密码.
// 找回密码
func (c *AccountController) FindPassword() {
c.TplName = "account/find_password_setp1.tpl"
mail_conf := conf.GetMailConfig()
@@ -151,63 +187,63 @@ func (c *AccountController) FindPassword() {
captcha := c.GetString("code")
if email == "" {
c.JsonResult(6005,"邮箱地址不能为空")
c.JsonResult(6005, "邮箱地址不能为空")
}
if !mail_conf.EnableMail {
c.JsonResult(6004,"未启用邮件服务")
c.JsonResult(6004, "未启用邮件服务")
}
//如果开启了验证码
if v,ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v,"true") {
v,ok := c.GetSession(conf.CaptchaSessionName).(string);
if !ok || !strings.EqualFold(v,captcha){
c.JsonResult(6001,"验证码不正确")
// 如果开启了验证码
if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
if !ok || !strings.EqualFold(v, captcha) {
c.JsonResult(6001, "验证码不正确")
}
}
member ,err := models.NewMember().FindByFieldFirst("email",email)
member, err := models.NewMember().FindByFieldFirst("email", email)
if err != nil {
c.JsonResult(6006,"邮箱不存在")
c.JsonResult(6006, "邮箱不存在")
}
if member.Status != 0 {
c.JsonResult(6007,"账号已被禁用")
c.JsonResult(6007, "账号已被禁用")
}
if member.AuthMethod == conf.AuthMethodLDAP {
c.JsonResult(6011,"当前用户不支持找回密码")
c.JsonResult(6011, "当前用户不支持找回密码")
}
count,err := models.NewMemberToken().FindSendCount(email,time.Now().Add(-1*time.Hour),time.Now())
count, err := models.NewMemberToken().FindSendCount(email, time.Now().Add(-1*time.Hour), time.Now())
if err != nil {
beego.Error(err)
c.JsonResult(6008,"发送邮件失败")
c.JsonResult(6008, "发送邮件失败")
}
if count > mail_conf.MailNumber {
c.JsonResult(6008,"发送次数太多,请稍候再试")
c.JsonResult(6008, "发送次数太多,请稍候再试")
}
member_token := models.NewMemberToken()
member_token.Token = string(utils.Krand(32,utils.KC_RAND_KIND_ALL))
member_token.Token = string(utils.Krand(32, utils.KC_RAND_KIND_ALL))
member_token.Email = email
member_token.MemberId = member.MemberId
member_token.IsValid = false
if _,err := member_token.InsertOrUpdate(); err != nil {
c.JsonResult(6009,"邮件发送失败")
if _, err := member_token.InsertOrUpdate(); err != nil {
c.JsonResult(6009, "邮件发送失败")
}
data := map[string]interface{}{
"SITE_NAME" : c.Option["SITE_NAME"],
"url" : c.BaseUrl() + beego.URLFor("AccountController.FindPassword", "token",member_token.Token,"mail",email),
"SITE_NAME": c.Option["SITE_NAME"],
"url": c.BaseUrl() + beego.URLFor("AccountController.FindPassword", "token", member_token.Token, "mail", email),
}
body,err := c.ExecuteViewPathTemplate("account/mail_template.tpl",data)
body, err := c.ExecuteViewPathTemplate("account/mail_template.tpl", data)
if err != nil {
beego.Error(err)
c.JsonResult(6003,"邮件发送失败")
c.JsonResult(6003, "邮件发送失败")
}
go func(mail_conf *conf.SmtpConf,email string,body string) {
go func(mail_conf *conf.SmtpConf, email string, body string) {
auth := smtp.PlainAuth(
"",
mail_conf.SmtpUserName,
@@ -215,30 +251,29 @@ func (c *AccountController) FindPassword() {
mail_conf.SmtpHost,
)
mime := "MIME-version: 1.0;\nContent-Type: text/html; charset=\"UTF-8\";\n\n";
mime := "MIME-version: 1.0;\nContent-Type: text/html; charset=\"UTF-8\";\n\n"
subject := "Subject: 找回密码!\n"
err = smtp.SendMail(
mail_conf.SmtpHost + ":" + strconv.Itoa(mail_conf.SmtpPort),
mail_conf.SmtpHost+":"+strconv.Itoa(mail_conf.SmtpPort),
auth,
mail_conf.FormUserName,
[]string{ email },
[]byte(subject + mime +"\n" +body),
[]string{email},
[]byte(subject+mime+"\n"+body),
)
if err != nil {
beego.Error("邮件发送失败 => ",email,err)
beego.Error("邮件发送失败 => ", email, err)
}
}(mail_conf,email,body)
}(mail_conf, email, body)
c.JsonResult(0,"ok", c.BaseUrl() + beego.URLFor("AccountController.Login"))
c.JsonResult(0, "ok", c.BaseUrl()+beego.URLFor("AccountController.Login"))
}
token := c.GetString("token")
mail := c.GetString("mail")
if token != "" && mail != "" {
member_token,err := models.NewMemberToken().FindByFieldFirst("token",token)
member_token, err := models.NewMemberToken().FindByFieldFirst("token", token)
if err != nil {
beego.Error(err)
@@ -248,7 +283,7 @@ func (c *AccountController) FindPassword() {
}
sub_time := member_token.SendTime.Sub(time.Now())
if !strings.EqualFold(member_token.Email,mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {
if !strings.EqualFold(member_token.Email, mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {
c.Data["ErrorMessage"] = "验证码已过期,请重新操作。"
c.TplName = "errors/error.tpl"
return
@@ -260,7 +295,7 @@ func (c *AccountController) FindPassword() {
}
}
//校验邮件并修改密码.
// 校验邮件并修改密码
func (c *AccountController) ValidEmail() {
c.Prepare()
password1 := c.GetString("password1")
@@ -270,48 +305,48 @@ func (c *AccountController) ValidEmail() {
mail := c.GetString("mail")
if password1 == "" {
c.JsonResult(6001,"密码不能为空")
c.JsonResult(6001, "密码不能为空")
}
if l := strings.Count(password1,""); l <6 || l > 50{
c.JsonResult(6001,"密码不能为空且必须在6-50个字符之间")
if l := strings.Count(password1, ""); l < 6 || l > 50 {
c.JsonResult(6001, "密码不能为空且必须在6-50个字符之间")
}
if password2 == ""{
c.JsonResult(6002,"确认密码不能为空")
if password2 == "" {
c.JsonResult(6002, "确认密码不能为空")
}
if password1 != password2 {
c.JsonResult(6003,"确认密码输入不正确")
c.JsonResult(6003, "确认密码输入不正确")
}
if captcha == "" {
c.JsonResult(6004,"验证码不能为空")
c.JsonResult(6004, "验证码不能为空")
}
v,ok := c.GetSession(conf.CaptchaSessionName).(string);
if !ok || !strings.EqualFold(v,captcha){
c.JsonResult(6001,"验证码不正确")
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
if !ok || !strings.EqualFold(v, captcha) {
c.JsonResult(6001, "验证码不正确")
}
mail_conf := conf.GetMailConfig()
member_token,err := models.NewMemberToken().FindByFieldFirst("token",token)
member_token, err := models.NewMemberToken().FindByFieldFirst("token", token)
if err != nil {
beego.Error(err)
c.JsonResult(6007,"邮件已失效")
c.JsonResult(6007, "邮件已失效")
}
sub_time := member_token.SendTime.Sub(time.Now())
if !strings.EqualFold(member_token.Email,mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {
if !strings.EqualFold(member_token.Email, mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {
c.JsonResult(6008,"验证码已过期,请重新操作。")
c.JsonResult(6008, "验证码已过期,请重新操作。")
}
member ,err := models.NewMember().Find(member_token.MemberId)
if err != nil{
member, err := models.NewMember().Find(member_token.MemberId)
if err != nil {
beego.Error(err)
c.JsonResult(6005,"用户不存在")
c.JsonResult(6005, "用户不存在")
}
hash ,err := utils.PasswordHash(password1);
hash, err := utils.PasswordHash(password1)
if err != nil {
beego.Error(err)
c.JsonResult(6006,"保存密码失败")
c.JsonResult(6006, "保存密码失败")
}
member.Password = hash
@@ -323,22 +358,21 @@ func (c *AccountController) ValidEmail() {
if err != nil {
beego.Error(err)
c.JsonResult(6006,"保存密码失败")
c.JsonResult(6006, "保存密码失败")
}
c.JsonResult(0,"ok",c.BaseUrl() + beego.URLFor("AccountController.Login"))
c.JsonResult(0, "ok", c.BaseUrl()+beego.URLFor("AccountController.Login"))
}
// Logout 退出登录
func (c *AccountController) Logout() {
c.SetMember(models.Member{})
// Logout 退出登录.
func (c *AccountController) Logout(){
c.SetMember(models.Member{});
c.SetSecureCookie(conf.GetAppKey(), "login", "", -3600)
c.SetSecureCookie(conf.GetAppKey(),"login","",-3600)
c.Redirect(beego.URLFor("AccountController.Login"),302)
c.Redirect(beego.URLFor("AccountController.Login"), 302)
}
//验证码.
// 验证码
func (c *AccountController) Captcha() {
c.Prepare()
@@ -351,16 +385,15 @@ func (c *AccountController) Captcha() {
captchaImage.DrawNoise(gocaptcha.CaptchaComplexLower)
//captchaImage.DrawTextNoise(gocaptcha.CaptchaComplexHigh)
// captchaImage.DrawTextNoise(gocaptcha.CaptchaComplexHigh)
txt := gocaptcha.RandText(4)
c.SetSession(conf.CaptchaSessionName,txt)
c.SetSession(conf.CaptchaSessionName, txt)
captchaImage.DrawText(txt)
//captchaImage.Drawline(3);
// captchaImage.Drawline(3);
captchaImage.DrawBorder(gocaptcha.ColorToRGB(0x17A7A7A))
//captchaImage.DrawHollowLine()
// captchaImage.DrawHollowLine()
captchaImage.SaveImage(c.Ctx.ResponseWriter, gocaptcha.ImageFormatJpeg)
c.StopRun()

5
controllers/document.go
View File

@@ -99,6 +99,11 @@ func isUserLoggedIn(c *DocumentController) bool {
}
func promptUserToLogIn(c *DocumentController) {
beego.Info("Access " + c.Ctx.Request.URL.RequestURI() + " not permitted.")
beego.Info(" Access will be redirected to login page(SessionId: " + c.CruSession.SessionID() + ").")
c.SetSession("turl", c.Ctx.Request.URL.RequestURI())
if c.IsAjax() {
c.JsonResult(6000, "需要[重]登录。")
} else {

56
views/account/login.tpl
View File

@@ -92,60 +92,63 @@
<script src="{{cdnjs "/static/layer/layer.js"}}" type="text/javascript"></script>
<script type="text/javascript">
$(function () {
$("#account,#passwd,#code").on('focus',function () {
$(this).tooltip('destroy').parents('.form-group').removeClass('has-error');;
$("#account,#passwd,#code").on('focus', function () {
$(this).tooltip('destroy').parents('.form-group').removeClass('has-error');
});
$(document).keydown(function (e) {
var event = document.all ? window.event : e;
if(event.keyCode === 13){
if (event.keyCode === 13) {
$("#btn-login").click();
}
});
$("#btn-login").on('click',function () {
$("#btn-login").on('click', function () {
var $btn = $(this).button('loading');
var account = $.trim($("#account").val());
var password = $.trim($("#password").val());
var code = $("#code").val();
if(account === ""){
$("#account").tooltip({placement:"auto",title : "账号不能为空",trigger : 'manual'})
.tooltip('show')
.parents('.form-group').addClass('has-error');
$btn.button('reset');
return false;
}else if(password === ""){
$("#password").tooltip({title : '密码不能为空',trigger : 'manual'})
if (account === "") {
$("#account").tooltip({ placement: "auto", title: "账号不能为空", trigger: 'manual' })
.tooltip('show')
.parents('.form-group').addClass('has-error');
$btn.button('reset');
return false;
}else if(code !== undefined && code === ""){
$("#code").tooltip({title : '验证码不能为空',trigger : 'manual'})
} else if (password === "") {
$("#password").tooltip({ title: '码不能为空', trigger: 'manual' })
.tooltip('show')
.parents('.form-group').addClass('has-error');
$btn.button('reset');
return false;
}else{
} else if (code !== undefined && code === "") {
$("#code").tooltip({ title: '验证码不能为空', trigger: 'manual' })
.tooltip('show')
.parents('.form-group').addClass('has-error');
$btn.button('reset');
return false;
} else {
$.ajax({
url : "{{urlfor "AccountController.Login"}}",
data : $("form").serializeArray(),
dataType : "json",
type : "POST",
success : function (res) {
if(res.errcode !== 0){
url: "{{urlfor "AccountController.Login"}}",
data: $("form").serializeArray(),
dataType: "json",
type: "POST",
success: function (res) {
if (res.errcode !== 0) {
$("#captcha-img").click();
$("#code").val('');
layer.msg(res.message);
$btn.button('reset');
}else{
window.location = "/";
} else {
turl = res.data.turl;
if (turl === "") {
turl = "/";
}
window.location = turl;
}
},
error :function () {
error: function () {
$("#captcha-img").click();
$("#code").val('');
layer.msg('系统错误');
@@ -154,7 +157,6 @@
});
}
return false;
});
});