msb-public
/
cloudreve
mirror of https://github.com/cloudreve/Cloudreve
1
0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5b44606276'
${ noResults }
cloudreve/service/user/login.go

203 lines
6.8 KiB
Raw Normal View History Unescape

Feat: User login
5 years ago
package user
import (
Feat: reset password by Email
4 years ago
"fmt"
"net/url"
"strings"
Fix: missing deps in login recaptcha service
4 years ago
"time"
Comply with Golang semantic import versioning (#630) * Code: compatible with semantic import versioning * Tools & Docs: compatible with semantic import versioning * Clean go.mod & go.sum
4 years ago
model "github.com/cloudreve/Cloudreve/v3/models"
"github.com/cloudreve/Cloudreve/v3/pkg/cache"
"github.com/cloudreve/Cloudreve/v3/pkg/email"
"github.com/cloudreve/Cloudreve/v3/pkg/hashid"
"github.com/cloudreve/Cloudreve/v3/pkg/recaptcha"
"github.com/cloudreve/Cloudreve/v3/pkg/serializer"
"github.com/cloudreve/Cloudreve/v3/pkg/util"
"github.com/gin-gonic/gin"
"github.com/mojocn/base64Captcha"
"github.com/pquerna/otp/totp"
Feat: User login
5 years ago
)
// UserLoginService 管理用户登录的服务
type UserLoginService struct {
//TODO 细致调整验证规则
UserName string `form:"userName" json:"userName" binding:"required,email"`
Password string `form:"Password" json:"Password" binding:"required,min=4,max=64"`
CaptchaCode string `form:"captchaCode" json:"captchaCode"`
}
Feat: reset password by Email
4 years ago
// UserResetEmailService 发送密码重设邮件服务
type UserResetEmailService struct {
UserName string `form:"userName" json:"userName" binding:"required,email"`
CaptchaCode string `form:"captchaCode" json:"captchaCode"`
}
// UserResetService 密码重设服务
type UserResetService struct {
Password string `form:"Password" json:"Password" binding:"required,min=4,max=64"`
ID string `json:"id" binding:"required"`
Secret string `json:"secret" binding:"required"`
}
// Reset 重设密码
func (service *UserResetService) Reset(c *gin.Context) serializer.Response {
// 取得原始用户ID
uid, err := hashid.DecodeHashID(service.ID, hashid.UserID)
if err != nil {
return serializer.Err(serializer.CodeNotFound, "重设链接无效", err)
}
// 检查重设会话
resetSession, exist := cache.Get(fmt.Sprintf("user_reset_%d", uid))
if !exist || resetSession.(string) != service.Secret {
return serializer.Err(serializer.CodeNotFound, "链接已过期", err)
}
// 重设用户密码
user, err := model.GetActiveUserByID(uid)
if err != nil {
return serializer.Err(serializer.CodeNotFound, "用户不存在", err)
}
user.SetPassword(service.Password)
if err := user.Update(map[string]interface{}{"password": user.Password}); err != nil {
return serializer.DBErr("无法重设密码", err)
}
cache.Deletes([]string{fmt.Sprintf("%d", uid)}, "user_reset_")
return serializer.Response{}
}
// Reset 发送密码重设邮件
func (service *UserResetEmailService) Reset(c *gin.Context) serializer.Response {
// 检查验证码
isCaptchaRequired := model.IsTrueVal(model.GetSettingByName("forget_captcha"))
Feat: ReCaptcha support (#292) * Add custom mysql database port. * Modify: add cloudreve bin file to .gitignore * Feat:增加后端对ReCaptcha的支持 P.S.必须要执行迁移
4 years ago
useRecaptcha := model.IsTrueVal(model.GetSettingByName("captcha_IsUseReCaptcha"))
recaptchaSecret := model.GetSettingByName("captcha_ReCaptchaSecret")
if isCaptchaRequired && !useRecaptcha {
Feat: reset password by Email
4 years ago
captchaID := util.GetSession(c, "captchaID")
util.DeleteSession(c, "captchaID")
if captchaID == nil || !base64Captcha.VerifyCaptcha(captchaID.(string), service.CaptchaCode) {
return serializer.ParamErr("验证码错误", nil)
}
Feat: ReCaptcha support (#292) * Add custom mysql database port. * Modify: add cloudreve bin file to .gitignore * Feat:增加后端对ReCaptcha的支持 P.S.必须要执行迁移
4 years ago
} else if isCaptchaRequired && useRecaptcha {
captcha, err := recaptcha.NewReCAPTCHA(recaptchaSecret, recaptcha.V2, 10*time.Second)
if err != nil {
util.Log().Error(err.Error())
}
err = captcha.Verify(service.CaptchaCode)
if err != nil {
util.Log().Error(err.Error())
return serializer.ParamErr("验证失败,请刷新网页后再次验证", nil)
}
Feat: reset password by Email
4 years ago
}
// 查找用户
if user, err := model.GetUserByEmail(service.UserName); err == nil {
// 创建密码重设会话
secret := util.RandStringRunes(32)
cache.Set(fmt.Sprintf("user_reset_%d", user.ID), secret, 3600)
// 生成用户访问的重设链接
controller, _ := url.Parse("/reset")
finalURL := model.GetSiteURL().ResolveReference(controller)
queries := finalURL.Query()
queries.Add("id", hashid.HashID(user.ID, hashid.UserID))
queries.Add("sign", secret)
finalURL.RawQuery = queries.Encode()
// 发送密码重设邮件
title, body := email.NewResetEmail(user.Nick, strings.ReplaceAll(finalURL.String(), "/reset", "/#/reset"))
if err := email.Send(user.Email, title, body); err != nil {
return serializer.Err(serializer.CodeInternalSetting, "无法发送密码重设邮件", err)
}
}
return serializer.Response{}
}
Feat: 2-FA login verification
4 years ago
// Login 二步验证继续登录
func (service *Enable2FA) Login(c *gin.Context) serializer.Response {
if uid, ok := util.GetSession(c, "2fa_user_id").(uint); ok {
// 查找用户
expectedUser, err := model.GetActiveUserByID(uid)
if err != nil {
return serializer.Err(serializer.CodeNotFound, "用户不存在", nil)
}
// 验证二步验证代码
if !totp.Validate(service.Code, expectedUser.TwoFactor) {
return serializer.ParamErr("验证代码不正确", nil)
}
//登陆成功清空并设置session
util.DeleteSession(c, "2fa_user_id")
util.SetSession(c, map[string]interface{}{
"user_id": expectedUser.ID,
})
return serializer.BuildUserResponse(expectedUser)
}
return serializer.Err(serializer.CodeNotFound, "登录会话不存在", nil)
}
Feat: User login
5 years ago
// Login 用户登录函数
func (service *UserLoginService) Login(c *gin.Context) serializer.Response {
isCaptchaRequired := model.GetSettingByName("login_captcha")
Feat: ReCaptcha support (#292) * Add custom mysql database port. * Modify: add cloudreve bin file to .gitignore * Feat:增加后端对ReCaptcha的支持 P.S.必须要执行迁移
4 years ago
useRecaptcha := model.GetSettingByName("captcha_IsUseReCaptcha")
recaptchaSecret := model.GetSettingByName("captcha_ReCaptchaSecret")
Feat: User login
5 years ago
expectedUser, err := model.GetUserByEmail(service.UserName)
Feat: ReCaptcha support (#292) * Add custom mysql database port. * Modify: add cloudreve bin file to .gitignore * Feat:增加后端对ReCaptcha的支持 P.S.必须要执行迁移
4 years ago
if (model.IsTrueVal(isCaptchaRequired)) && !(model.IsTrueVal(useRecaptcha)) {
// TODO 验证码校验
Feat: captcha
5 years ago
captchaID := util.GetSession(c, "captchaID")
Feat: user register / send activate email
4 years ago
util.DeleteSession(c, "captchaID")
Feat: captcha
5 years ago
if captchaID == nil || !base64Captcha.VerifyCaptcha(captchaID.(string), service.CaptchaCode) {
return serializer.ParamErr("验证码错误", nil)
}
Feat: ReCaptcha support (#292) * Add custom mysql database port. * Modify: add cloudreve bin file to .gitignore * Feat:增加后端对ReCaptcha的支持 P.S.必须要执行迁移
4 years ago
} else if (model.IsTrueVal(isCaptchaRequired)) && (model.IsTrueVal(useRecaptcha)) {
captcha, err := recaptcha.NewReCAPTCHA(recaptchaSecret, recaptcha.V2, 10*time.Second)
if err != nil {
util.Log().Error(err.Error())
}
err = captcha.Verify(service.CaptchaCode)
if err != nil {
util.Log().Error(err.Error())
return serializer.ParamErr("验证失败,请刷新网页后再次验证", nil)
}
Feat: User login
5 years ago
}
// 一系列校验
if err != nil {
return serializer.Err(401, "用户邮箱或密码错误", err)
}
if authOK, _ := expectedUser.CheckPassword(service.Password); !authOK {
return serializer.Err(401, "用户邮箱或密码错误", nil)
}
Feat: cron / Fix: users status check
4 years ago
if expectedUser.Status == model.Baned || expectedUser.Status == model.OveruseBaned {
Feat: User login
5 years ago
return serializer.Err(403, "该账号已被封禁", nil)
}
if expectedUser.Status == model.NotActivicated {
return serializer.Err(403, "该账号未激活", nil)
}
if expectedUser.TwoFactor != "" {
Feat: 2-FA login verification
4 years ago
// 需要二步验证
util.SetSession(c, map[string]interface{}{
"2fa_user_id": expectedUser.ID,
})
return serializer.Response{Code: 203}
Feat: User login
5 years ago
}
//登陆成功清空并设置session
Test: middleware/auth
5 years ago
util.SetSession(c, map[string]interface{}{
Feat: User login
5 years ago
"user_id": expectedUser.ID,
})
Feat: User/Me
5 years ago
return serializer.BuildUserResponse(expectedUser)
Feat: User login
5 years ago
}