2017-04-21 18:20:35 +08:00
|
|
|
|
package controllers
|
|
|
|
|
|
|
|
|
|
import (
|
2019-03-04 14:22:48 +08:00
|
|
|
|
"net/url"
|
2017-05-03 14:22:05 +08:00
|
|
|
|
"regexp"
|
2018-01-09 18:15:40 +08:00
|
|
|
|
"strings"
|
|
|
|
|
"time"
|
2017-04-21 18:20:35 +08:00
|
|
|
|
|
2021-03-23 15:09:17 +08:00
|
|
|
|
"html/template"
|
|
|
|
|
|
2021-03-23 21:55:50 +08:00
|
|
|
|
"github.com/beego/beego/v2/adapter/logs"
|
2021-03-25 11:49:39 +08:00
|
|
|
|
"github.com/beego/beego/v2/server/web"
|
2017-05-01 12:15:55 +08:00
|
|
|
|
"github.com/lifei6671/gocaptcha"
|
2021-03-23 15:09:17 +08:00
|
|
|
|
"github.com/mindoc-org/mindoc/conf"
|
|
|
|
|
"github.com/mindoc-org/mindoc/mail"
|
|
|
|
|
"github.com/mindoc-org/mindoc/models"
|
|
|
|
|
"github.com/mindoc-org/mindoc/utils"
|
2021-03-23 19:28:22 +08:00
|
|
|
|
"github.com/mindoc-org/mindoc/utils/dingtalk"
|
2017-04-21 18:20:35 +08:00
|
|
|
|
)
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// AccountController 用户登录与注册
|
2017-04-21 18:20:35 +08:00
|
|
|
|
type AccountController struct {
|
|
|
|
|
BaseController
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-27 18:00:16 +08:00
|
|
|
|
func (c *AccountController) referer() string {
|
|
|
|
|
u, _ := url.PathUnescape(c.GetString("url"))
|
|
|
|
|
if u == "" {
|
|
|
|
|
u = conf.URLFor("HomeController.Index")
|
|
|
|
|
}
|
|
|
|
|
return u
|
|
|
|
|
}
|
|
|
|
|
|
2018-11-14 12:02:52 +08:00
|
|
|
|
func (c *AccountController) Prepare() {
|
|
|
|
|
c.BaseController.Prepare()
|
2021-03-25 11:49:39 +08:00
|
|
|
|
c.EnableXSRF = web.AppConfig.DefaultBool("enablexsrf", true)
|
2019-03-04 14:22:48 +08:00
|
|
|
|
c.Data["xsrfdata"] = template.HTML(c.XSRFFormHTML())
|
2021-03-25 11:49:39 +08:00
|
|
|
|
c.Data["corpID"],_ = web.AppConfig.String("dingtalk_corpid")
|
2021-03-25 10:04:15 +08:00
|
|
|
|
if !c.EnableXSRF {
|
|
|
|
|
return
|
|
|
|
|
}
|
2018-11-14 12:02:52 +08:00
|
|
|
|
if c.Ctx.Input.IsPost() {
|
|
|
|
|
token := c.Ctx.Input.Query("_xsrf")
|
|
|
|
|
if token == "" {
|
|
|
|
|
token = c.Ctx.Request.Header.Get("X-Xsrftoken")
|
|
|
|
|
}
|
|
|
|
|
if token == "" {
|
|
|
|
|
token = c.Ctx.Request.Header.Get("X-Csrftoken")
|
|
|
|
|
}
|
|
|
|
|
if token == "" {
|
|
|
|
|
if c.IsAjax() {
|
2019-03-04 14:22:48 +08:00
|
|
|
|
c.JsonResult(403, "非法请求")
|
2018-11-14 12:02:52 +08:00
|
|
|
|
} else {
|
|
|
|
|
c.ShowErrorPage(403, "非法请求")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
xsrfToken := c.XSRFToken()
|
|
|
|
|
if xsrfToken != token {
|
|
|
|
|
if c.IsAjax() {
|
2019-03-04 14:22:48 +08:00
|
|
|
|
c.JsonResult(403, "非法请求")
|
2018-11-14 12:02:52 +08:00
|
|
|
|
} else {
|
|
|
|
|
c.ShowErrorPage(403, "非法请求")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-03-04 14:22:48 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// Login 用户登录
|
|
|
|
|
func (c *AccountController) Login() {
|
2017-04-21 18:20:35 +08:00
|
|
|
|
c.Prepare()
|
2018-11-14 12:02:52 +08:00
|
|
|
|
|
2017-05-01 19:18:44 +08:00
|
|
|
|
c.TplName = "account/login.tpl"
|
2017-04-21 18:20:35 +08:00
|
|
|
|
|
2018-01-26 17:17:38 +08:00
|
|
|
|
if member, ok := c.GetSession(conf.LoginSessionName).(models.Member); ok && member.MemberId > 0 {
|
|
|
|
|
u := c.GetString("url")
|
|
|
|
|
if u == "" {
|
|
|
|
|
u = c.Ctx.Request.Header.Get("Referer")
|
|
|
|
|
}
|
|
|
|
|
if u == "" {
|
2018-03-13 19:20:50 +08:00
|
|
|
|
u = conf.URLFor("HomeController.Index")
|
2018-01-26 17:17:38 +08:00
|
|
|
|
}
|
2018-08-16 18:33:48 +08:00
|
|
|
|
c.Redirect(u, 302)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
}
|
2018-03-09 10:55:50 +08:00
|
|
|
|
var remember CookieRemember
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 如果 Cookie 中存在登录信息
|
|
|
|
|
if cookie, ok := c.GetSecureCookie(conf.GetAppKey(), "login"); ok {
|
|
|
|
|
if err := utils.Decode(cookie, &remember); err == nil {
|
|
|
|
|
if member, err := models.NewMember().Find(remember.MemberId); err == nil {
|
2017-04-21 18:20:35 +08:00
|
|
|
|
c.SetMember(*member)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.LoggedIn(false)
|
2017-04-21 18:20:35 +08:00
|
|
|
|
c.StopRun()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if c.Ctx.Input.IsPost() {
|
2017-04-24 18:25:17 +08:00
|
|
|
|
account := c.GetString("account")
|
|
|
|
|
password := c.GetString("password")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
captcha := c.GetString("code")
|
2018-03-09 10:55:50 +08:00
|
|
|
|
isRemember := c.GetString("is_remember")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 如果开启了验证码
|
|
|
|
|
if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
|
|
|
|
|
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
|
|
|
|
|
if !ok || !strings.EqualFold(v, captcha) {
|
|
|
|
|
c.JsonResult(6001, "验证码不正确")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
2017-04-21 18:20:35 +08:00
|
|
|
|
|
2018-08-16 18:33:48 +08:00
|
|
|
|
if account == "" || password == "" {
|
|
|
|
|
c.JsonResult(6002, "账号或密码不能为空")
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
member, err := models.NewMember().Login(account, password)
|
2017-04-21 18:20:35 +08:00
|
|
|
|
if err == nil {
|
2017-05-25 18:18:43 +08:00
|
|
|
|
member.LastLoginTime = time.Now()
|
2019-05-20 17:38:37 +08:00
|
|
|
|
_ = member.Update("last_login_time")
|
2017-05-25 18:18:43 +08:00
|
|
|
|
|
2017-04-21 18:20:35 +08:00
|
|
|
|
c.SetMember(*member)
|
2018-03-09 15:44:24 +08:00
|
|
|
|
|
2018-03-09 10:55:50 +08:00
|
|
|
|
if strings.EqualFold(isRemember, "yes") {
|
2017-05-01 12:15:55 +08:00
|
|
|
|
remember.MemberId = member.MemberId
|
|
|
|
|
remember.Account = member.Account
|
|
|
|
|
remember.Time = time.Now()
|
2018-01-09 18:15:40 +08:00
|
|
|
|
v, err := utils.Encode(remember)
|
2017-05-01 12:15:55 +08:00
|
|
|
|
if err == nil {
|
2020-06-19 10:55:20 +08:00
|
|
|
|
c.SetSecureCookie(conf.GetAppKey(), "login", v, time.Now().Add(time.Hour*24*30).Unix())
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
2017-05-25 18:18:43 +08:00
|
|
|
|
|
2018-11-27 18:00:16 +08:00
|
|
|
|
c.JsonResult(0, "ok", c.referer())
|
2018-01-09 18:15:40 +08:00
|
|
|
|
} else {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error("用户登录 ->", err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(500, "账号或密码错误", nil)
|
2017-04-21 18:20:35 +08:00
|
|
|
|
}
|
2018-08-16 18:33:48 +08:00
|
|
|
|
} else {
|
2018-11-27 18:00:16 +08:00
|
|
|
|
c.Data["url"] = c.referer()
|
2018-01-09 18:15:40 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
2017-04-21 18:20:35 +08:00
|
|
|
|
|
2021-03-19 10:33:59 +08:00
|
|
|
|
// 钉钉登录
|
|
|
|
|
func (c *AccountController) DingTalkLogin() {
|
|
|
|
|
c.Prepare()
|
|
|
|
|
|
2021-03-25 10:04:15 +08:00
|
|
|
|
code := c.GetString("dingtalk_code")
|
2021-03-19 10:33:59 +08:00
|
|
|
|
if code == "" {
|
2021-03-19 16:40:54 +08:00
|
|
|
|
c.JsonResult(500, "获取身份信息失败", nil)
|
2021-03-19 10:33:59 +08:00
|
|
|
|
}
|
|
|
|
|
|
2021-03-25 11:49:39 +08:00
|
|
|
|
appKey, _ := web.AppConfig.String("dingtalk_app_key")
|
|
|
|
|
appSecret, _ := web.AppConfig.String("dingtalk_app_secret")
|
|
|
|
|
tmpReader, _ := web.AppConfig.String("dingtalk_tmp_reader")
|
2021-03-19 10:33:59 +08:00
|
|
|
|
|
|
|
|
|
if appKey == "" || appSecret == "" || tmpReader == "" {
|
|
|
|
|
c.JsonResult(500, "未开启钉钉自动登录功能", nil)
|
|
|
|
|
c.StopRun()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dingtalkAgent := dingtalk.NewDingTalkAgent(appSecret, appKey)
|
|
|
|
|
err := dingtalkAgent.GetAccesstoken()
|
|
|
|
|
if err != nil {
|
2021-03-25 11:49:39 +08:00
|
|
|
|
logs.Warn("获取钉钉临时Token失败 ->", err)
|
2021-03-19 10:33:59 +08:00
|
|
|
|
c.JsonResult(500, "自动登录失败", nil)
|
|
|
|
|
c.StopRun()
|
|
|
|
|
}
|
|
|
|
|
|
2021-03-25 10:04:15 +08:00
|
|
|
|
userid, err := dingtalkAgent.GetUserIDByCode(code)
|
|
|
|
|
if err != nil {
|
2021-03-25 11:49:39 +08:00
|
|
|
|
logs.Warn("钉钉自动登录失败 ->", err)
|
2021-03-25 10:04:15 +08:00
|
|
|
|
c.JsonResult(500, "自动登录失败", nil)
|
|
|
|
|
c.StopRun()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
username, avatar, err := dingtalkAgent.GetUserNameAndAvatarByUserID(userid)
|
2021-03-19 10:33:59 +08:00
|
|
|
|
if err != nil {
|
2021-03-25 11:49:39 +08:00
|
|
|
|
logs.Warn("钉钉自动登录失败 ->", err)
|
2021-03-19 10:33:59 +08:00
|
|
|
|
c.JsonResult(500, "自动登录失败", nil)
|
|
|
|
|
c.StopRun()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
member, err := models.NewMember().TmpLogin(tmpReader)
|
|
|
|
|
if err == nil {
|
|
|
|
|
member.LastLoginTime = time.Now()
|
|
|
|
|
_ = member.Update("last_login_time")
|
2021-03-25 10:04:15 +08:00
|
|
|
|
member.Account = username
|
|
|
|
|
if avatar != "" {
|
|
|
|
|
member.Avatar = avatar
|
|
|
|
|
}
|
2021-03-19 10:33:59 +08:00
|
|
|
|
|
|
|
|
|
c.SetMember(*member)
|
|
|
|
|
}
|
|
|
|
|
c.JsonResult(0, "ok", username)
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 登录成功后的操作,如重定向到原始请求页面
|
|
|
|
|
func (c *AccountController) LoggedIn(isPost bool) interface{} {
|
|
|
|
|
|
2018-11-27 18:00:16 +08:00
|
|
|
|
turl := c.referer()
|
2018-01-09 18:15:40 +08:00
|
|
|
|
|
|
|
|
|
if !isPost {
|
|
|
|
|
c.Redirect(turl, 302)
|
|
|
|
|
return nil
|
|
|
|
|
} else {
|
|
|
|
|
var data struct {
|
2018-01-26 17:17:38 +08:00
|
|
|
|
TURL string `json:"url"`
|
2018-01-09 18:15:40 +08:00
|
|
|
|
}
|
|
|
|
|
data.TURL = turl
|
|
|
|
|
return data
|
2017-04-21 18:20:35 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 用户注册
|
|
|
|
|
func (c *AccountController) Register() {
|
2017-05-01 12:15:55 +08:00
|
|
|
|
c.TplName = "account/register.tpl"
|
|
|
|
|
|
2018-03-01 13:43:32 +08:00
|
|
|
|
//如果用户登录了,则跳转到网站首页
|
|
|
|
|
if member, ok := c.GetSession(conf.LoginSessionName).(models.Member); ok && member.MemberId > 0 {
|
2018-08-16 18:33:48 +08:00
|
|
|
|
c.Redirect(conf.URLFor("HomeController.Index"), 302)
|
2018-03-01 13:43:32 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 如果没有开启用户注册
|
|
|
|
|
if v, ok := c.Option["ENABLED_REGISTER"]; ok && !strings.EqualFold(v, "true") {
|
2017-05-01 12:15:55 +08:00
|
|
|
|
c.Abort("404")
|
|
|
|
|
}
|
2017-04-21 18:20:35 +08:00
|
|
|
|
|
2017-05-01 12:15:55 +08:00
|
|
|
|
if c.Ctx.Input.IsPost() {
|
|
|
|
|
account := c.GetString("account")
|
|
|
|
|
password1 := c.GetString("password1")
|
|
|
|
|
password2 := c.GetString("password2")
|
|
|
|
|
email := c.GetString("email")
|
|
|
|
|
captcha := c.GetString("code")
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if ok, err := regexp.MatchString(conf.RegexpAccount, account); account == "" || !ok || err != nil {
|
|
|
|
|
c.JsonResult(6001, "账号只能由英文字母数字组成,且在3-50个字符")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if l := strings.Count(password1, ""); password1 == "" || l > 50 || l < 6 {
|
|
|
|
|
c.JsonResult(6002, "密码必须在6-50个字符之间")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
|
|
|
|
if password1 != password2 {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6003, "确认密码不正确")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if ok, err := regexp.MatchString(conf.RegexpEmail, email); !ok || err != nil || email == "" {
|
|
|
|
|
c.JsonResult(6004, "邮箱格式不正确")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 如果开启了验证码
|
|
|
|
|
if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
|
|
|
|
|
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
|
|
|
|
|
if !ok || !strings.EqualFold(v, captcha) {
|
|
|
|
|
c.JsonResult(6001, "验证码不正确")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
member := models.NewMember()
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if _, err := member.FindByAccount(account); err == nil && member.MemberId > 0 {
|
|
|
|
|
c.JsonResult(6005, "账号已存在")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
member.Account = account
|
|
|
|
|
member.Password = password1
|
|
|
|
|
member.Role = conf.MemberGeneralRole
|
|
|
|
|
member.Avatar = conf.GetDefaultAvatar()
|
|
|
|
|
member.CreateAt = 0
|
|
|
|
|
member.Email = email
|
|
|
|
|
member.Status = 0
|
|
|
|
|
if err := member.Add(); err != nil {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6006, "注册失败,请联系系统管理员处理")
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(0, "ok", member)
|
2017-05-01 12:15:55 +08:00
|
|
|
|
}
|
2017-04-21 18:20:35 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 找回密码
|
|
|
|
|
func (c *AccountController) FindPassword() {
|
2017-05-03 14:22:05 +08:00
|
|
|
|
c.TplName = "account/find_password_setp1.tpl"
|
2018-11-14 15:57:55 +08:00
|
|
|
|
mailConf := conf.GetMailConfig()
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
|
|
|
|
if c.Ctx.Input.IsPost() {
|
|
|
|
|
|
|
|
|
|
email := c.GetString("email")
|
|
|
|
|
captcha := c.GetString("code")
|
|
|
|
|
|
|
|
|
|
if email == "" {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6005, "邮箱地址不能为空")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-11-14 15:57:55 +08:00
|
|
|
|
if !mailConf.EnableMail {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6004, "未启用邮件服务")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 如果开启了验证码
|
|
|
|
|
if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
|
|
|
|
|
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
|
|
|
|
|
if !ok || !strings.EqualFold(v, captcha) {
|
|
|
|
|
c.JsonResult(6001, "验证码不正确")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
member, err := models.NewMember().FindByFieldFirst("email", email)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
if err != nil {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6006, "邮箱不存在")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
if member.Status != 0 {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6007, "账号已被禁用")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2017-05-26 14:19:27 +08:00
|
|
|
|
if member.AuthMethod == conf.AuthMethodLDAP {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6011, "当前用户不支持找回密码")
|
2017-05-26 14:19:27 +08:00
|
|
|
|
}
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
count, err := models.NewMemberToken().FindSendCount(email, time.Now().Add(-1*time.Hour), time.Now())
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6008, "发送邮件失败")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-11-14 15:57:55 +08:00
|
|
|
|
if count > mailConf.MailNumber {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6008, "发送次数太多,请稍候再试")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-11-14 15:57:55 +08:00
|
|
|
|
memberToken := models.NewMemberToken()
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-11-14 15:57:55 +08:00
|
|
|
|
memberToken.Token = string(utils.Krand(32, utils.KC_RAND_KIND_ALL))
|
|
|
|
|
memberToken.Email = email
|
|
|
|
|
memberToken.MemberId = member.MemberId
|
|
|
|
|
memberToken.IsValid = false
|
|
|
|
|
if _, err := memberToken.InsertOrUpdate(); err != nil {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6009, "邮件发送失败")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data := map[string]interface{}{
|
2018-01-09 18:15:40 +08:00
|
|
|
|
"SITE_NAME": c.Option["SITE_NAME"],
|
2018-11-14 15:57:55 +08:00
|
|
|
|
"url": conf.URLFor("AccountController.FindPassword", "token", memberToken.Token, "mail", email),
|
2018-08-16 18:33:48 +08:00
|
|
|
|
"BaseUrl": c.BaseUrl(),
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
body, err := c.ExecuteViewPathTemplate("account/mail_template.tpl", data)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6003, "邮件发送失败")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-02-02 18:41:27 +08:00
|
|
|
|
go func(mailConf *conf.SmtpConf, email string, body string) {
|
|
|
|
|
|
|
|
|
|
mailConfig := &mail.SMTPConfig{
|
|
|
|
|
Username: mailConf.SmtpUserName,
|
|
|
|
|
Password: mailConf.SmtpPassword,
|
|
|
|
|
Host: mailConf.SmtpHost,
|
|
|
|
|
Port: mailConf.SmtpPort,
|
|
|
|
|
Secure: mailConf.Secure,
|
2018-08-16 18:33:48 +08:00
|
|
|
|
Identity: "",
|
2018-02-02 18:41:27 +08:00
|
|
|
|
}
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Info(mailConfig)
|
2018-02-02 18:41:27 +08:00
|
|
|
|
|
|
|
|
|
c := mail.NewSMTPClient(mailConfig)
|
|
|
|
|
m := mail.NewMail()
|
|
|
|
|
|
|
|
|
|
m.AddFrom(mailConf.FormUserName)
|
|
|
|
|
m.AddFromName(mailConf.FormUserName)
|
|
|
|
|
m.AddSubject("找回密码")
|
|
|
|
|
m.AddHTML(body)
|
|
|
|
|
m.AddTo(email)
|
|
|
|
|
|
|
|
|
|
if e := c.Send(m); e != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error("发送邮件失败:" + e.Error())
|
2018-02-02 18:41:27 +08:00
|
|
|
|
} else {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Info("邮件发送成功:" + email)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-02-02 18:41:27 +08:00
|
|
|
|
//auth := smtp.PlainAuth(
|
|
|
|
|
// "",
|
|
|
|
|
// mail_conf.SmtpUserName,
|
|
|
|
|
// mail_conf.SmtpPassword,
|
|
|
|
|
// mail_conf.SmtpHost,
|
|
|
|
|
//)
|
|
|
|
|
//
|
|
|
|
|
//mime := "MIME-version: 1.0;\nContent-Type: text/html; charset=\"UTF-8\";\n\n"
|
|
|
|
|
//subject := "Subject: 找回密码!\n"
|
|
|
|
|
//
|
|
|
|
|
//err = smtp.SendMail(
|
|
|
|
|
// mail_conf.SmtpHost+":"+strconv.Itoa(mail_conf.SmtpPort),
|
|
|
|
|
// auth,
|
|
|
|
|
// mail_conf.FormUserName,
|
|
|
|
|
// []string{email},
|
|
|
|
|
// []byte(subject+mime+"\n"+body),
|
|
|
|
|
//)
|
|
|
|
|
//if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
// logs.Error("邮件发送失败 => ", email, err)
|
2018-02-02 18:41:27 +08:00
|
|
|
|
//}
|
2018-11-14 15:57:55 +08:00
|
|
|
|
}(mailConf, email, body)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-03-13 19:20:50 +08:00
|
|
|
|
c.JsonResult(0, "ok", conf.URLFor("AccountController.Login"))
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
token := c.GetString("token")
|
2018-11-14 15:57:55 +08:00
|
|
|
|
email := c.GetString("mail")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-11-14 15:57:55 +08:00
|
|
|
|
if token != "" && email != "" {
|
|
|
|
|
memberToken, err := models.NewMemberToken().FindByFieldFirst("token", token)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
c.Data["ErrorMessage"] = "邮件已失效"
|
|
|
|
|
c.TplName = "errors/error.tpl"
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-03-23 21:55:50 +08:00
|
|
|
|
subTime := time.Until(memberToken.SendTime)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-11-14 15:57:55 +08:00
|
|
|
|
if !strings.EqualFold(memberToken.Email, email) || subTime.Minutes() > float64(mailConf.MailExpired) || !memberToken.ValidTime.IsZero() {
|
2017-05-03 14:22:05 +08:00
|
|
|
|
c.Data["ErrorMessage"] = "验证码已过期,请重新操作。"
|
|
|
|
|
c.TplName = "errors/error.tpl"
|
|
|
|
|
return
|
|
|
|
|
}
|
2018-11-14 15:57:55 +08:00
|
|
|
|
c.Data["Email"] = memberToken.Email
|
|
|
|
|
c.Data["Token"] = memberToken.Token
|
2017-05-03 14:22:05 +08:00
|
|
|
|
c.TplName = "account/find_password_setp2.tpl"
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 校验邮件并修改密码
|
2017-05-03 14:22:05 +08:00
|
|
|
|
func (c *AccountController) ValidEmail() {
|
|
|
|
|
c.Prepare()
|
|
|
|
|
password1 := c.GetString("password1")
|
|
|
|
|
password2 := c.GetString("password2")
|
|
|
|
|
captcha := c.GetString("code")
|
|
|
|
|
token := c.GetString("token")
|
2018-11-14 15:57:55 +08:00
|
|
|
|
email := c.GetString("mail")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
|
|
|
|
if password1 == "" {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6001, "密码不能为空")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if l := strings.Count(password1, ""); l < 6 || l > 50 {
|
|
|
|
|
c.JsonResult(6001, "密码不能为空且必须在6-50个字符之间")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if password2 == "" {
|
|
|
|
|
c.JsonResult(6002, "确认密码不能为空")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
if password1 != password2 {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6003, "确认密码输入不正确")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
if captcha == "" {
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6004, "验证码不能为空")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
v, ok := c.GetSession(conf.CaptchaSessionName).(string)
|
|
|
|
|
if !ok || !strings.EqualFold(v, captcha) {
|
|
|
|
|
c.JsonResult(6001, "验证码不正确")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-11-14 15:57:55 +08:00
|
|
|
|
mailConf := conf.GetMailConfig()
|
|
|
|
|
memberToken, err := models.NewMemberToken().FindByFieldFirst("token", token)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6007, "邮件已失效")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2021-03-23 21:55:50 +08:00
|
|
|
|
subTime := time.Until(memberToken.SendTime)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-11-14 15:57:55 +08:00
|
|
|
|
if !strings.EqualFold(memberToken.Email, email) || subTime.Minutes() > float64(mailConf.MailExpired) || !memberToken.ValidTime.IsZero() {
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6008, "验证码已过期,请重新操作。")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-11-14 15:57:55 +08:00
|
|
|
|
member, err := models.NewMember().Find(memberToken.MemberId)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6005, "用户不存在")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-01-09 18:15:40 +08:00
|
|
|
|
hash, err := utils.PasswordHash(password1)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6006, "保存密码失败")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
member.Password = hash
|
|
|
|
|
|
|
|
|
|
err = member.Update("password")
|
2018-11-14 15:57:55 +08:00
|
|
|
|
memberToken.ValidTime = time.Now()
|
|
|
|
|
memberToken.IsValid = true
|
|
|
|
|
memberToken.InsertOrUpdate()
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
logs.Error(err)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.JsonResult(6006, "保存密码失败")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
2018-03-13 19:20:50 +08:00
|
|
|
|
c.JsonResult(0, "ok", conf.URLFor("AccountController.Login"))
|
2017-04-21 18:20:35 +08:00
|
|
|
|
}
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// Logout 退出登录
|
|
|
|
|
func (c *AccountController) Logout() {
|
|
|
|
|
c.SetMember(models.Member{})
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.SetSecureCookie(conf.GetAppKey(), "login", "", -3600)
|
2017-04-21 18:20:35 +08:00
|
|
|
|
|
2018-01-26 17:17:38 +08:00
|
|
|
|
u := c.Ctx.Request.Header.Get("Referer")
|
|
|
|
|
|
2018-08-16 18:33:48 +08:00
|
|
|
|
c.Redirect(conf.URLFor("AccountController.Login", "url", u), 302)
|
2017-04-21 18:20:35 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// 验证码
|
|
|
|
|
func (c *AccountController) Captcha() {
|
2017-05-01 12:15:55 +08:00
|
|
|
|
c.Prepare()
|
|
|
|
|
|
2020-06-19 10:55:20 +08:00
|
|
|
|
captchaImage := gocaptcha.NewCaptchaImage(140, 40, gocaptcha.RandLightColor())
|
2017-05-01 12:15:55 +08:00
|
|
|
|
|
2020-06-19 10:55:20 +08:00
|
|
|
|
//if err != nil {
|
2021-03-23 21:55:50 +08:00
|
|
|
|
// logs.Error(err)
|
2020-06-19 10:55:20 +08:00
|
|
|
|
// c.Abort("500")
|
|
|
|
|
//}
|
2017-05-01 12:15:55 +08:00
|
|
|
|
|
|
|
|
|
captchaImage.DrawNoise(gocaptcha.CaptchaComplexLower)
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// captchaImage.DrawTextNoise(gocaptcha.CaptchaComplexHigh)
|
2017-05-01 12:15:55 +08:00
|
|
|
|
txt := gocaptcha.RandText(4)
|
|
|
|
|
|
2018-01-09 18:15:40 +08:00
|
|
|
|
c.SetSession(conf.CaptchaSessionName, txt)
|
2017-05-01 12:15:55 +08:00
|
|
|
|
|
|
|
|
|
captchaImage.DrawText(txt)
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// captchaImage.Drawline(3);
|
2017-05-01 12:15:55 +08:00
|
|
|
|
captchaImage.DrawBorder(gocaptcha.ColorToRGB(0x17A7A7A))
|
2018-01-09 18:15:40 +08:00
|
|
|
|
// captchaImage.DrawHollowLine()
|
2017-04-30 22:13:12 +08:00
|
|
|
|
|
2017-05-01 12:15:55 +08:00
|
|
|
|
captchaImage.SaveImage(c.Ctx.ResponseWriter, gocaptcha.ImageFormatJpeg)
|
|
|
|
|
c.StopRun()
|
2018-01-09 18:15:40 +08:00
|
|
|
|
}
|