llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-09-10 12:50:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve CheckUserLogin().

Browse Source
This commit is contained in:
Yang Luo
2021-05-01 19:45:40 +08:00
parent 7b32207443
commit 5b1b8662ac
2 changed files with 15 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
controllers/auth.go
View File

@@ -32,7 +32,8 @@ func codeToResponse(code *object.Code) *Response {
} }
} }
func (c *ApiController) HandleLoggedIn(userId string, form *RequestForm) *Response { func (c *ApiController) HandleLoggedIn(user *object.User, form *RequestForm) *Response {
userId := user.GetId()
resp := &Response{} resp := &Response{}
if form.Type == ResponseTypeLogin { if form.Type == ResponseTypeLogin {
c.SetSessionUser(userId) c.SetSessionUser(userId)
@@ -105,14 +106,13 @@ func (c *ApiController) Login() {
} }
} }
userId := fmt.Sprintf("%s/%s", form.Organization, form.Username)
password := form.Password password := form.Password
msg := object.CheckUserLogin(userId, password) user, msg := object.CheckUserLogin(form.Organization, form.Username, password)
if msg != "" { if msg != "" {
resp = &Response{Status: "error", Msg: msg, Data: ""} resp = &Response{Status: "error", Msg: msg, Data: ""}
} else { } else {
resp = c.HandleLoggedIn(userId, &form) resp = c.HandleLoggedIn(user, &form)
} }
} else if form.Provider != "" { } else if form.Provider != "" {
application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application)) application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
@@ -153,8 +153,8 @@ func (c *ApiController) Login() {
} }
if form.Method == "signup" { if form.Method == "signup" {
userId := object.GetUserIdByField(application, provider.Type, userInfo.Username) user := object.GetUserByField(application.Organization, provider.Type, userInfo.Username)
if userId != "" { if user != nil {
//if object.IsForbidden(userId) { //if object.IsForbidden(userId) {
// c.forbiddenAccountResp(userId) // c.forbiddenAccountResp(userId)
// return // return
@@ -165,7 +165,7 @@ func (c *ApiController) Login() {
// object.LinkMemberAccount(userId, "avatar", avatar) // object.LinkMemberAccount(userId, "avatar", avatar)
//} //}
resp = c.HandleLoggedIn(userId, &form) resp = c.HandleLoggedIn(user, &form)
} else { } else {
//if userId := object.GetUserIdByField(application, "email", userInfo.Email); userId != "" { //if userId := object.GetUserIdByField(application, "email", userInfo.Email); userId != "" {
// resp = c.HandleLoggedIn(userId, &form) // resp = c.HandleLoggedIn(userId, &form)

23
object/check.go
View File

@@ -55,26 +55,19 @@ func CheckUserSignup(organization string, username string, password string, disp
} }
} }
func CheckUserLogin(userId string, password string) string { func CheckUserLogin(organization string, username string, password string) (*User, string) {
if !HasUser(userId) { user := GetUserByField(organization, "name", username)
return "username does not exist, please sign up first" if user == nil {
return nil, "username does not exist, please sign up first"
} }
if !IsPasswordCorrect(userId, password) { if user.Password != password {
return "password incorrect" return nil, "password incorrect"
} }
return "" return user, ""
} }
func (user *User) getId() string { func (user *User) GetId() string {
return fmt.Sprintf("%s/%s", user.Owner, user.Name) return fmt.Sprintf("%s/%s", user.Owner, user.Name)
} }
func GetUserIdByField(application *Application, field string, value string) string {
user := GetUserByField(application.Organization, field, value)
if user != nil {
return user.getId()
}
return ""
}