mirror of https://github.com/mindoc-org/mindoc.git
perf:优化部分代码
parent
9f73286115
commit
cd61aa14db
|
@ -8,7 +8,6 @@ import (
|
|||
|
||||
"github.com/lifei6671/mindoc/mail"
|
||||
"github.com/astaxie/beego"
|
||||
"github.com/astaxie/beego/logs"
|
||||
"github.com/lifei6671/gocaptcha"
|
||||
"github.com/lifei6671/mindoc/conf"
|
||||
"github.com/lifei6671/mindoc/models"
|
||||
|
@ -25,7 +24,6 @@ func (c *AccountController) Login() {
|
|||
c.Prepare()
|
||||
c.TplName = "account/login.tpl"
|
||||
|
||||
|
||||
if member, ok := c.GetSession(conf.LoginSessionName).(models.Member); ok && member.MemberId > 0 {
|
||||
u := c.GetString("url")
|
||||
if u == "" {
|
||||
|
@ -34,7 +32,7 @@ func (c *AccountController) Login() {
|
|||
if u == "" {
|
||||
u = conf.URLFor("HomeController.Index")
|
||||
}
|
||||
c.Redirect(u,302)
|
||||
c.Redirect(u, 302)
|
||||
}
|
||||
var remember CookieRemember
|
||||
// 如果 Cookie 中存在登录信息
|
||||
|
@ -62,6 +60,10 @@ func (c *AccountController) Login() {
|
|||
}
|
||||
}
|
||||
|
||||
if account == "" || password == "" {
|
||||
c.JsonResult(6002, "账号或密码不能为空")
|
||||
}
|
||||
|
||||
member, err := models.NewMember().Login(account, password)
|
||||
if err == nil {
|
||||
member.LastLoginTime = time.Now()
|
||||
|
@ -75,10 +77,10 @@ func (c *AccountController) Login() {
|
|||
remember.Time = time.Now()
|
||||
v, err := utils.Encode(remember)
|
||||
if err == nil {
|
||||
c.SetSecureCookie(conf.GetAppKey(), "login", v,time.Now().Add(time.Hour * 24 * 30).Unix())
|
||||
c.SetSecureCookie(conf.GetAppKey(), "login", v, time.Now().Add(time.Hour * 24 * 30).Unix())
|
||||
}
|
||||
}
|
||||
u,_ := url.PathUnescape(c.GetString("url"))
|
||||
u, _ := url.PathUnescape(c.GetString("url"))
|
||||
if u == "" {
|
||||
u = c.Ctx.Request.Header.Get("Referer")
|
||||
}
|
||||
|
@ -88,11 +90,11 @@ func (c *AccountController) Login() {
|
|||
|
||||
c.JsonResult(0, "ok", u)
|
||||
} else {
|
||||
logs.Error("用户登录 =>", err)
|
||||
beego.Error("用户登录 ->", err)
|
||||
c.JsonResult(500, "账号或密码错误", nil)
|
||||
}
|
||||
}else{
|
||||
u,_ := url.PathUnescape(c.GetString("url"))
|
||||
} else {
|
||||
u, _ := url.PathUnescape(c.GetString("url"))
|
||||
if u == "" {
|
||||
u = c.Ctx.Request.Header.Get("Referer")
|
||||
}
|
||||
|
@ -130,7 +132,7 @@ func (c *AccountController) Register() {
|
|||
|
||||
//如果用户登录了,则跳转到网站首页
|
||||
if member, ok := c.GetSession(conf.LoginSessionName).(models.Member); ok && member.MemberId > 0 {
|
||||
c.Redirect(conf.URLFor("HomeController.Index"),302)
|
||||
c.Redirect(conf.URLFor("HomeController.Index"), 302)
|
||||
}
|
||||
// 如果没有开启用户注册
|
||||
if v, ok := c.Option["ENABLED_REGISTER"]; ok && !strings.EqualFold(v, "true") {
|
||||
|
@ -261,7 +263,7 @@ func (c *AccountController) FindPassword() {
|
|||
Host: mailConf.SmtpHost,
|
||||
Port: mailConf.SmtpPort,
|
||||
Secure: mailConf.Secure,
|
||||
Identity:"",
|
||||
Identity: "",
|
||||
}
|
||||
beego.Info(mailConfig)
|
||||
|
||||
|
@ -406,7 +408,7 @@ func (c *AccountController) Logout() {
|
|||
|
||||
u := c.Ctx.Request.Header.Get("Referer")
|
||||
|
||||
c.Redirect(conf.URLFor("AccountController.Login","url",u), 302)
|
||||
c.Redirect(conf.URLFor("AccountController.Login", "url", u), 302)
|
||||
}
|
||||
|
||||
// 验证码
|
||||
|
|
|
@ -23,24 +23,24 @@ const (
|
|||
//加密密码
|
||||
func PasswordHash(pass string) (string, error) {
|
||||
|
||||
salt_secret, err := salt_secret()
|
||||
saltSecret, err := salt_secret()
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
salt, err := salt(salt_local_secret + salt_secret)
|
||||
salt, err := salt(salt_local_secret + saltSecret)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
interation := randInt(1, 20)
|
||||
|
||||
hash, err := hash(pass, salt_secret, salt, int64(interation))
|
||||
hash, err := hash(pass, saltSecret, salt, int64(interation))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
interation_string := strconv.Itoa(interation)
|
||||
password := salt_secret + delmiter + interation_string + delmiter + hash + delmiter + salt
|
||||
interationString := strconv.Itoa(interation)
|
||||
password := saltSecret + delmiter + interationString + delmiter + hash + delmiter + salt
|
||||
|
||||
return password, nil
|
||||
|
||||
|
@ -48,7 +48,7 @@ func PasswordHash(pass string) (string, error) {
|
|||
|
||||
//校验密码是否有效
|
||||
func PasswordVerify(hashing string, pass string) (bool, error) {
|
||||
data := trim_salt_hash(hashing)
|
||||
data := trimSaltHash(hashing)
|
||||
|
||||
interation, _ := strconv.ParseInt(data["interation_string"], 10, 64)
|
||||
|
||||
|
@ -66,40 +66,48 @@ func PasswordVerify(hashing string, pass string) (bool, error) {
|
|||
}
|
||||
|
||||
func hash(pass string, salt_secret string, salt string, interation int64) (string, error) {
|
||||
var pass_salt string = salt_secret + pass + salt + salt_secret + pass + salt + pass + pass + salt
|
||||
var passSalt = salt_secret + pass + salt + salt_secret + pass + salt + pass + pass + salt
|
||||
var i int
|
||||
|
||||
hash_pass := salt_local_secret
|
||||
hash_start := sha512.New()
|
||||
hash_center := sha256.New()
|
||||
hash_output := sha256.New224()
|
||||
hashPass := salt_local_secret
|
||||
hashStart := sha512.New()
|
||||
hashCenter := sha256.New()
|
||||
hashOutput := sha256.New224()
|
||||
|
||||
i = 0
|
||||
for i <= stretching_password {
|
||||
i = i + 1
|
||||
hash_start.Write([]byte(pass_salt + hash_pass))
|
||||
hash_pass = hex.EncodeToString(hash_start.Sum(nil))
|
||||
_, err := hashStart.Write([]byte(passSalt + hashPass))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
hashPass = hex.EncodeToString(hashStart.Sum(nil))
|
||||
}
|
||||
|
||||
i = 0
|
||||
for int64(i) <= interation {
|
||||
i = i + 1
|
||||
hash_pass = hash_pass + hash_pass
|
||||
hashPass = hashPass + hashPass
|
||||
}
|
||||
|
||||
i = 0
|
||||
for i <= stretching_password {
|
||||
i = i + 1
|
||||
hash_center.Write([]byte(hash_pass + salt_secret))
|
||||
hash_pass = hex.EncodeToString(hash_center.Sum(nil))
|
||||
_, err := hashCenter.Write([]byte(hashPass + salt_secret))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
hash_output.Write([]byte(hash_pass + salt_local_secret))
|
||||
hash_pass = hex.EncodeToString(hash_output.Sum(nil))
|
||||
hashPass = hex.EncodeToString(hashCenter.Sum(nil))
|
||||
}
|
||||
if _,err := hashOutput.Write([]byte(hashPass + salt_local_secret)); err != nil {
|
||||
return "", err
|
||||
}
|
||||
hashPass = hex.EncodeToString(hashOutput.Sum(nil))
|
||||
|
||||
return hash_pass, nil
|
||||
return hashPass, nil
|
||||
}
|
||||
|
||||
func trim_salt_hash(hash string) map[string]string {
|
||||
func trimSaltHash(hash string) map[string]string {
|
||||
str := strings.Split(hash, delmiter)
|
||||
|
||||
return map[string]string{
|
||||
|
|
Loading…
Reference in New Issue