mirror of
https://github.com/casdoor/casdoor.git
synced 2025-05-24 08:20:31 +08:00
Merge pull request #153 from Kininaru/auto-login
feat: auto login session will expire after 24h
This commit is contained in:
Yang Luo
GitHub
commit
4ff4961312
@ -52,6 +52,8 @@ type RequestForm struct {
|
||||
EmailCode string `json:"emailCode"`
|
||||
PhoneCode string `json:"phoneCode"`
|
||||
PhonePrefix string `json:"phonePrefix"`
|
||||
|
||||
AutoSignin bool `json:"autoSignin"`
|
||||
}
|
||||
|
||||
type Response struct {
|
||||
@ -78,8 +80,8 @@ type HumanCheck struct {
|
||||
func (c *ApiController) Signup() {
|
||||
var resp Response
|
||||
|
||||
if c.GetSessionUser() != "" {
|
||||
c.ResponseErrorWithData("Please sign out first before signing up", c.GetSessionUser())
|
||||
if c.GetSessionUsername() != "" {
|
||||
c.ResponseErrorWithData("Please sign out first before signing up", c.GetSessionUsername())
|
||||
return
|
||||
}
|
||||
|
||||
@ -161,7 +163,7 @@ func (c *ApiController) Signup() {
|
||||
|
||||
if application.HasPromptPage() {
|
||||
// The prompt page needs the user to be signed in
|
||||
c.SetSessionUser(user.GetId())
|
||||
c.SetSessionUsername(user.GetId())
|
||||
}
|
||||
|
||||
object.DisableVerificationCode(form.Email)
|
||||
@ -181,10 +183,11 @@ func (c *ApiController) Signup() {
|
||||
func (c *ApiController) Logout() {
|
||||
var resp Response
|
||||
|
||||
user := c.GetSessionUser()
|
||||
user := c.GetSessionUsername()
|
||||
util.LogInfo(c.Ctx, "API: [%s] logged out", user)
|
||||
|
||||
c.SetSessionUser("")
|
||||
c.SetSessionUsername("")
|
||||
c.SetSessionData(nil)
|
||||
|
||||
resp = Response{Status: "ok", Msg: "", Data: user}
|
||||
|
||||
|
||||
@ -19,6 +19,7 @@ import (
|
||||
"fmt"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
"github.com/casdoor/casdoor/idp"
|
||||
@ -38,7 +39,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
userId := user.GetId()
|
||||
resp := &Response{}
|
||||
if form.Type == ResponseTypeLogin {
|
||||
c.SetSessionUser(userId)
|
||||
c.SetSessionUsername(userId)
|
||||
util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId}
|
||||
} else if form.Type == ResponseTypeCode {
|
||||
@ -53,11 +54,21 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
|
||||
if application.HasPromptPage() {
|
||||
// The prompt page needs the user to be signed in
|
||||
c.SetSessionUser(userId)
|
||||
c.SetSessionUsername(userId)
|
||||
}
|
||||
} else {
|
||||
resp = &Response{Status: "error", Msg: fmt.Sprintf("Unknown response type: %s", form.Type)}
|
||||
}
|
||||
|
||||
// if user did not check auto signin
|
||||
if resp.Status == "ok" && !form.AutoSignin {
|
||||
timestamp := time.Now().Unix()
|
||||
timestamp += 3600 * 24
|
||||
c.SetSessionData(&SessionData{
|
||||
ExpireTime: timestamp,
|
||||
})
|
||||
}
|
||||
|
||||
return resp
|
||||
}
|
||||
|
||||
@ -108,8 +119,8 @@ func (c *ApiController) Login() {
|
||||
|
||||
if form.Username != "" {
|
||||
if form.Type == ResponseTypeLogin {
|
||||
if c.GetSessionUser() != "" {
|
||||
resp = &Response{Status: "error", Msg: "Please log out first before signing in", Data: c.GetSessionUser()}
|
||||
if c.GetSessionUsername() != "" {
|
||||
resp = &Response{Status: "error", Msg: "Please log out first before signing in", Data: c.GetSessionUsername()}
|
||||
c.Data["json"] = resp
|
||||
c.ServeJSON()
|
||||
return
|
||||
@ -315,7 +326,7 @@ func (c *ApiController) Login() {
|
||||
}
|
||||
//resp = &Response{Status: "ok", Msg: "", Data: res}
|
||||
} else { // form.Method != "signup"
|
||||
userId := c.GetSessionUser()
|
||||
userId := c.GetSessionUsername()
|
||||
if userId == "" {
|
||||
resp = &Response{Status: "error", Msg: "The account does not exist", Data: userInfo}
|
||||
c.Data["json"] = resp
|
||||
|
||||
@ -14,13 +14,32 @@
|
||||
|
||||
package controllers
|
||||
|
||||
import "github.com/astaxie/beego"
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/astaxie/beego"
|
||||
"github.com/casdoor/casdoor/util"
|
||||
)
|
||||
|
||||
type ApiController struct {
|
||||
beego.Controller
|
||||
}
|
||||
|
||||
func (c *ApiController) GetSessionUser() string {
|
||||
type SessionData struct {
|
||||
ExpireTime int64
|
||||
}
|
||||
|
||||
func (c *ApiController) GetSessionUsername() string {
|
||||
// check if user session expired
|
||||
sessionData := c.GetSessionData()
|
||||
if sessionData != nil &&
|
||||
sessionData.ExpireTime != 0 &&
|
||||
sessionData.ExpireTime < time.Now().Unix() {
|
||||
c.SetSessionUsername("")
|
||||
c.SetSessionData(nil)
|
||||
return ""
|
||||
}
|
||||
|
||||
user := c.GetSession("username")
|
||||
if user == nil {
|
||||
return ""
|
||||
@ -29,10 +48,34 @@ func (c *ApiController) GetSessionUser() string {
|
||||
return user.(string)
|
||||
}
|
||||
|
||||
func (c *ApiController) SetSessionUser(user string) {
|
||||
func (c *ApiController) SetSessionUsername(user string) {
|
||||
c.SetSession("username", user)
|
||||
}
|
||||
|
||||
func (c *ApiController) GetSessionData() *SessionData {
|
||||
session := c.GetSession("SessionData")
|
||||
if session == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
sessionData := &SessionData{}
|
||||
err := util.JsonToStruct(session.(string), sessionData)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return sessionData
|
||||
}
|
||||
|
||||
func (c *ApiController) SetSessionData(s *SessionData) {
|
||||
if s == nil {
|
||||
c.DelSession("SessionData")
|
||||
return
|
||||
}
|
||||
|
||||
c.SetSession("SessionData", util.StructToJson(s))
|
||||
}
|
||||
|
||||
func wrapActionResponse(affected bool) *Response {
|
||||
if affected {
|
||||
return &Response{Status: "ok", Msg: "", Data: "Affected"}
|
||||
|
||||
@ -170,7 +170,7 @@ func (c *ApiController) SetPassword() {
|
||||
oldPassword := c.Ctx.Request.Form.Get("oldPassword")
|
||||
newPassword := c.Ctx.Request.Form.Get("newPassword")
|
||||
|
||||
requestUserId := c.GetSessionUser()
|
||||
requestUserId := c.GetSessionUsername()
|
||||
if requestUserId == "" {
|
||||
c.ResponseError("Please login first.")
|
||||
return
|
||||
@ -223,7 +223,7 @@ func (c *ApiController) SetPassword() {
|
||||
return
|
||||
}
|
||||
|
||||
c.SetSessionUser("")
|
||||
c.SetSessionUsername("")
|
||||
|
||||
targetUser.Password = newPassword
|
||||
object.SetUserField(targetUser, "password", targetUser.Password)
|
||||
|
||||
@ -60,7 +60,7 @@ func (c *ApiController) ResponseErrorWithData(error string, data interface{}) {
|
||||
}
|
||||
|
||||
func (c *ApiController) RequireSignedIn() (string, bool) {
|
||||
userId := c.GetSessionUser()
|
||||
userId := c.GetSessionUsername()
|
||||
if userId == "" {
|
||||
resp := Response{Status: "error", Msg: "Please sign in first"}
|
||||
c.Data["json"] = resp
|
||||
|
||||
@ -24,7 +24,7 @@ import (
|
||||
|
||||
func (c *ApiController) getCurrentUser() *object.User {
|
||||
var user *object.User
|
||||
userId := c.GetSessionUser()
|
||||
userId := c.GetSessionUsername()
|
||||
if userId == "" {
|
||||
user = nil
|
||||
} else {
|
||||
|
||||
@ -25,3 +25,7 @@ func StructToJson(v interface{}) string {
|
||||
|
||||
return string(data)
|
||||
}
|
||||
|
||||
func JsonToStruct(data string, v interface{}) error {
|
||||
return json.Unmarshal([]byte(data), v)
|
||||
}
|
||||
|
||||
@ -278,7 +278,7 @@ class LoginPage extends React.Component {
|
||||
/>
|
||||
</Form.Item>
|
||||
<Form.Item>
|
||||
<Form.Item name="remember" valuePropName="checked" noStyle>
|
||||
<Form.Item name="autoSignin" valuePropName="checked" noStyle>
|
||||
<Checkbox style={{float: "left"}} disabled={!application.enablePassword}>
|
||||
{i18next.t("login:Auto login")}
|
||||
</Checkbox>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user