casdoor/object/check.go

// Copyright 2021 The casbin Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package object

import (
	"fmt"
	"regexp"

	"github.com/casdoor/casdoor/util"
)

var reWhiteSpace *regexp.Regexp

func init() {
	reWhiteSpace, _ = regexp.Compile("\\s")
}

func CheckUserSignup(organization string, username string, password string, displayName string, email string, phonePrefix string, phone string, affiliation string) string {
	if len(username) == 0 {
		return "username cannot be blank"
	} else if len(password) == 0 {
		return "password cannot be blank"
	} else if getOrganization("admin", organization) == nil {
		return "organization does not exist"
	} else if reWhiteSpace.MatchString(username) {
		return "username cannot contain white spaces"
	} else if HasUserByField(organization, "name", username) {
		return "username already exists"
	} else if HasUserByField(organization, "email", email) {
		return "email already exists"
	} else if HasUserByField(organization, "phone", phone) {
		return "phone already exists"
	} else if displayName == "" {
		return "displayName cannot be blank"
	} else if affiliation == "" {
		return "affiliation cannot be blank"
	} else if !util.IsEmailValid(email) {
		return "email is invalid"
	} else if phonePrefix == "86" && !util.IsPhoneCnValid(phone) {
		return "phone number is invalid"
	} else {
		return ""
	}
}

func checkPassword(user *User, password string) string {
	if user.PasswordType == "plain" {
		if password == user.Password {
			return ""
		} else {
			return "password incorrect"
		}
	} else if user.PasswordType == "salt" {
		if getSaltedPassword(password) == user.Password {
			return ""
		} else {
			return "password incorrect"
		}
	} else {
		return fmt.Sprintf("unsupported password type: %s", user.PasswordType)
	}
}

func CheckUserLogin(organization string, username string, password string) (*User, string) {
	user := GetUserByFields(organization, username)
	if user == nil {
		return nil, "the user does not exist, please sign up first"
	}

	msg := checkPassword(user, password)
	if msg != "" {
		return nil, msg
	}

	if user.IsForbidden {
		return nil, "the user is forbidden to sign in, please contact the administrator"
	}

	return user, ""
}

func (user *User) GetId() string {
	return fmt.Sprintf("%s/%s", user.Owner, user.Name)
}
Update license header. 2021-03-13 23:06:03 +08:00			`// Copyright 2021 The casbin Authors. All Rights Reserved.`
Add clientId and clientSecret to app. 2021-03-06 16:39:17 +08:00			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

Add account APIs. 2021-02-11 22:56:08 +08:00			`package object`

Add username check. 2021-05-01 16:50:47 +08:00			`import (`
			`"fmt"`
			`"regexp"`
Improve CheckUserSignup(). 2021-05-01 17:45:01 +08:00
			`"github.com/casdoor/casdoor/util"`
Add username check. 2021-05-01 16:50:47 +08:00			`)`

			`var reWhiteSpace *regexp.Regexp`

			`func init() {`
			`reWhiteSpace, _ = regexp.Compile("\\s")`
			`}`
Fix github login. 2021-02-14 01:04:51 +08:00
Check more in CheckUserSignup(). 2021-05-01 18:39:40 +08:00			`func CheckUserSignup(organization string, username string, password string, displayName string, email string, phonePrefix string, phone string, affiliation string) string {`
			`if len(username) == 0 {`
			`return "username cannot be blank"`
			`} else if len(password) == 0 {`
			`return "password cannot be blank"`
			`} else if getOrganization("admin", organization) == nil {`
			`return "organization does not exist"`
			`} else if reWhiteSpace.MatchString(username) {`
Add username check. 2021-05-01 16:50:47 +08:00			`return "username cannot contain white spaces"`
Check more in CheckUserSignup(). 2021-05-01 18:39:40 +08:00			`} else if HasUserByField(organization, "name", username) {`
Add account APIs. 2021-02-11 22:56:08 +08:00			`return "username already exists"`
Check more in CheckUserSignup(). 2021-05-01 18:39:40 +08:00			`} else if HasUserByField(organization, "email", email) {`
			`return "email already exists"`
			`} else if HasUserByField(organization, "phone", phone) {`
			`return "phone already exists"`
Improve CheckUserSignup(). 2021-05-01 17:45:01 +08:00			`} else if displayName == "" {`
			`return "displayName cannot be blank"`
			`} else if affiliation == "" {`
			`return "affiliation cannot be blank"`
			`} else if !util.IsEmailValid(email) {`
			`return "email is invalid"`
			`} else if phonePrefix == "86" && !util.IsPhoneCnValid(phone) {`
			`return "phone number is invalid"`
Add account APIs. 2021-02-11 22:56:08 +08:00			`} else {`
			`return ""`
			`}`
			`}`

Add checkPassword(). 2021-05-03 10:13:32 +08:00			`func checkPassword(user *User, password string) string {`
			`if user.PasswordType == "plain" {`
			`if password == user.Password {`
			`return ""`
			`} else {`
			`return "password incorrect"`
			`}`
			`} else if user.PasswordType == "salt" {`
			`if getSaltedPassword(password) == user.Password {`
			`return ""`
			`} else {`
			`return "password incorrect"`
			`}`
			`} else {`
			`return fmt.Sprintf("unsupported password type: %s", user.PasswordType)`
			`}`
			`}`

Improve CheckUserLogin(). 2021-05-01 19:45:40 +08:00			`func CheckUserLogin(organization string, username string, password string) (*User, string) {`
Support Email and phone login. 2021-05-01 20:23:20 +08:00			`user := GetUserByFields(organization, username)`
Improve CheckUserLogin(). 2021-05-01 19:45:40 +08:00			`if user == nil {`
Support Email and phone login. 2021-05-01 20:23:20 +08:00			`return nil, "the user does not exist, please sign up first"`
Add account APIs. 2021-02-11 22:56:08 +08:00			`}`

Add checkPassword(). 2021-05-03 10:13:32 +08:00			`msg := checkPassword(user, password)`
			`if msg != "" {`
			`return nil, msg`
Add account APIs. 2021-02-11 22:56:08 +08:00			`}`

Add User's IsForbidden. 2021-05-02 12:18:28 +08:00			`if user.IsForbidden {`
			`return nil, "the user is forbidden to sign in, please contact the administrator"`
			`}`

Improve CheckUserLogin(). 2021-05-01 19:45:40 +08:00			`return user, ""`
Add account APIs. 2021-02-11 22:56:08 +08:00			`}`
Add github oauth. 2021-02-14 00:22:24 +08:00
Improve CheckUserLogin(). 2021-05-01 19:45:40 +08:00			`func (user *User) GetId() string {`
Fix github login. 2021-02-14 01:04:51 +08:00			`return fmt.Sprintf("%s/%s", user.Owner, user.Name)`
			`}`