fix: check cn phone regex bug and add check to verification code

Signed-off-by: Kininaru <shiftregister233@outlook.com>
2025-05-23 02:35:49 +08:00 · 2021-05-13 09:55:37 +08:00 · 2021-05-13 09:55:37 +08:00 · 1589da0a62
commit 1589da0a62
parent 892cb39e3e
5 changed files with 16 additions and 7 deletions
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -19,6 +19,7 @@ import (
 	"strings"

 	"github.com/casdoor/casdoor/object"
+	"github.com/casdoor/casdoor/util"
 )

 func (c *ApiController) SendVerificationCode() {
@ -47,8 +48,16 @@ func (c *ApiController) SendVerificationCode() {
 	ret := "Invalid dest type."
 	switch destType {
 	case "email":
+		if !util.IsEmailValid(dest) {
+			c.ResponseError("Invalid Email address")
+			return
+		}
 		ret = object.SendVerificationCodeToEmail(remoteAddr, dest)
 	case "phone":
+		if !util.IsPhoneCnValid(dest) {
+			c.ResponseError("Invalid phone number")
+			return
+		}
 		org := object.GetOrganizationByName(user.Owner)
 		phonePrefix := "86"
 		if org != nil && org.PhonePrefix != "" {
--- a/object/verification.go
+++ b/object/verification.go
@ -17,7 +17,6 @@ package object
 import (
 	"fmt"
 	"math/rand"
-	"strings"
 	"time"
 )

@ -30,9 +29,6 @@ type VerificationRecord struct {
 }

 func SendVerificationCodeToEmail(remoteAddr, dest string) string {
-	if strings.Index(dest, "@") < 0 {
-		return "Invalid Email address"
-	}
 	title := "Casdoor Code"
 	sender := "Casdoor Admin"
 	code := getRandomCode(5)
--- a/util/regex.go
+++ b/util/regex.go
@ -21,7 +21,7 @@ var rePhoneCn *regexp.Regexp

 func init() {
 	reEmail, _ = regexp.Compile(`^[0-9a-z][_.0-9a-z-]{0,31}@([0-9a-z][0-9a-z-]{0,30}[0-9a-z]\.){1,4}[a-z]{2,4}$`)
-	rePhoneCn, _ = regexp.Compile("^((13[0-9])|(14[5,7])|(15[0-3,5-9])|(17[0,3,5-8])|(18[0-9])|166|198|199|(147))\\d{8}$")
+	rePhoneCn, _ = regexp.Compile("^((13[0-9])|(14[5,7])|(15[0-3,5-9])|(17[0,3,5-8])|(18[0-9])|166|191|198|199|(147))\\d{8}$")
 }

 func IsEmailValid(email string) bool {
--- a/web/src/locales/en.json
+++ b/web/src/locales/en.json
@ -135,7 +135,9 @@
    "You can only send one code in 60s.": "You can only send one code in 60s.",
    "Code has not been sent yet!": "Code has not been sent yet!",
    "You should verify your code in 5 min!": "You should verify your code in 5 min!",
-    "Wrong code!": "Wrong code!"
+    "Wrong code!": "Wrong code!",
+    "Invalid phone number": "Invalid phone number",
+    "Invalid Email address": "Invalid Email address"
  },
  "application":
  {
--- a/web/src/locales/zh.json
+++ b/web/src/locales/zh.json
@ -137,7 +137,9 @@
    "You can only send one code in 60s.": "每分钟你只能发送一次验证码",
    "Code has not been sent yet!": "你还没有发送验证码",
    "You should verify your code in 5 min!": "验证码已超时。你应该在 5 分钟内完成验证。",
-    "Wrong code!": "验证码错误！"
+    "Wrong code!": "验证码错误！",
+    "Invalid phone number": "手机号格式错误",
+    "Invalid Email address": "邮箱格式错误"
  },
  "application":
  {