llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 02:35:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Return code for /api/login

Browse Source
This commit is contained in:
Yang Luo 2021-03-20 13:05:34 +08:00
parent 7049e09570
commit 63a4066a8d
6 changed files with 32 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
controllers/auth.go
View File

@ -31,7 +31,7 @@ func (c *ApiController) HandleLoggedIn(userId string, form *RequestForm) *Respon
if form.Type == ResponseTypeLogin {
c.SetSessionUser(userId)
util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
resp = nil
resp = &Response{Status: "ok", Msg: "", Data: userId}
} else if form.Type == ResponseTypeCode {
clientId := c.Input().Get("clientId")
responseType := c.Input().Get("responseType")
@ -67,7 +67,7 @@ func (c *ApiController) GetApplicationLogin() {
}
func (c *ApiController) Login() {
var resp Response
resp := &Response{Status: "null", Msg: ""}
var form RequestForm
err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)
if err != nil {
@ -75,11 +75,13 @@ func (c *ApiController) Login() {
}
if form.Username != "" {
if c.GetSessionUser() != "" {
resp = Response{Status: "error", Msg: "please log out first before signing in", Data: c.GetSessionUser()}
c.Data["json"] = resp
c.ServeJSON()
return
if form.Type == ResponseTypeLogin {
if c.GetSessionUser() != "" {
resp = &Response{Status: "error", Msg: "please log out first before signing in", Data: c.GetSessionUser()}
c.Data["json"] = resp
c.ServeJSON()
return
}
}
userId := fmt.Sprintf("%s/%s", form.Organization, form.Username)
@ -87,10 +89,9 @@ func (c *ApiController) Login() {
msg := object.CheckUserLogin(userId, password)
if msg != "" {
resp = Response{Status: "error", Msg: msg, Data: ""}
resp = &Response{Status: "error", Msg: msg, Data: ""}
} else {
c.HandleLoggedIn(userId, &form)
resp = Response{Status: "ok", Msg: "", Data: userId}
resp = c.HandleLoggedIn(userId, &form)
}
} else if form.Provider != "" {
application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
@ -105,7 +106,7 @@ func (c *ApiController) Login() {
var res authResponse
if form.State != beego.AppConfig.String("AuthState") {
resp = Response{Status: "error", Msg: "unauthorized", Data: res}
resp = &Response{Status: "error", Msg: "unauthorized", Data: res}
c.ServeJSON()
return
}
@ -118,7 +119,7 @@ func (c *ApiController) Login() {
}
if !token.Valid() {
resp = Response{Status: "error", Msg: "unauthorized", Data: res}
resp = &Response{Status: "error", Msg: "unauthorized", Data: res}
c.Data["json"] = resp
c.ServeJSON()
return
@ -126,7 +127,7 @@ func (c *ApiController) Login() {
res.Email, res.Method, res.Avatar, err = idProvider.GetUserInfo(httpClient, token)
if err != nil {
resp = Response{Status: "error", Msg: "Login failed, please try again."}
resp = &Response{Status: "error", Msg: "Login failed, please try again."}
c.Data["json"] = resp
c.ServeJSON()
return
@ -151,7 +152,7 @@ func (c *ApiController) Login() {
// object.LinkMemberAccount(userId, "avatar", avatar)
//}
c.HandleLoggedIn(userId, &form)
resp = c.HandleLoggedIn(userId, &form)
} else {
//if object.IsForbidden(userId) {
// c.forbiddenAccountResp(userId)
@ -159,7 +160,7 @@ func (c *ApiController) Login() {
//}
if userId := object.GetUserIdByField(application, "email", res.Email); userId != "" {
c.HandleLoggedIn(userId, &form)
resp = c.HandleLoggedIn(userId, &form)
if provider.Type == "github" {
_ = object.LinkUserAccount(userId, "github", res.Method)
@ -168,11 +169,11 @@ func (c *ApiController) Login() {
}
}
}
resp = Response{Status: "ok", Msg: "success", Data: res}
//resp = &Response{Status: "ok", Msg: "", Data: res}
} else {
userId := c.GetSessionUser()
if userId == "" {
resp = Response{Status: "error", Msg: "user doesn't exist", Data: res}
resp = &Response{Status: "error", Msg: "user doesn't exist", Data: res}
c.Data["json"] = resp
c.ServeJSON()
return
@ -185,9 +186,9 @@ func (c *ApiController) Login() {
linkRes = object.LinkUserAccount(userId, "google", res.Email)
}
if linkRes {
resp = Response{Status: "ok", Msg: "success", Data: linkRes}
resp = &Response{Status: "ok", Msg: "", Data: linkRes}
} else {
resp = Response{Status: "error", Msg: "link account failed", Data: linkRes}
resp = &Response{Status: "error", Msg: "link account failed", Data: linkRes}
}
//if len(object.GetMemberAvatar(userId)) == 0 {
// avatar := UploadAvatarToOSS(tempUserAccount.AvatarUrl, userId)

15
controllers/token.go
View File

@ -73,23 +73,10 @@ func codeToResponse(code *object.Code) *Response {
if code.Code == "" {
return &Response{Status: "error", Msg: code.Message, Data: code.Code}
} else {
return &Response{Status: "ok", Msg: "success", Data: code.Code}
return &Response{Status: "ok", Msg: "", Data: code.Code}
}
}
func (c *ApiController) GetOAuthCode() {
userId := c.GetSessionUser()
clientId := c.Input().Get("clientId")
responseType := c.Input().Get("responseType")
redirectUri := c.Input().Get("redirectUri")
scope := c.Input().Get("scope")
state := c.Input().Get("state")
code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state)
c.Data["json"] = codeToResponse(code)
c.ServeJSON()
}
func (c *ApiController) GetOAuthToken() {
grantType := c.Input().Get("grant_type")
clientId := c.Input().Get("client_id")

34
object/token.go
View File

@ -148,13 +148,6 @@ func CheckOAuthLogin(clientId string, responseType string, redirectUri string, s
}
func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string) *Code {
if userId == "" {
return &Code{
Message: "please sign in first",
Code: "",
}
}
user := GetUser(userId)
if user == nil {
return &Code{
@ -163,31 +156,10 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
}
}
application := getApplicationByClientId(clientId)
if application == nil {
msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
if msg != "" {
return &Code{
Message: "invalid client_id",
Code: "",
}
}
if responseType != "code" {
return &Code{
Message: "response_type should be \"code\"",
Code: "",
}
}
validUri := false
for _, tmpUri := range application.RedirectUris {
if strings.Contains(redirectUri, tmpUri) {
validUri = true
break
}
}
if !validUri {
return &Code{
Message: "redirect_uri doesn't exist in the allowed Redirect URL list",
Message: msg,
Code: "",
}
}

1
routers/router.go
View File

@ -70,6 +70,5 @@ func initAPI() {
beego.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken")
beego.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken")
beego.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken")
beego.Router("/api/oauth/code", &controllers.ApiController{}, "GET:GetOAuthCode")
beego.Router("/api/oauth/token", &controllers.ApiController{}, "GET:GetOAuthToken")
}

7
web/src/auth/AuthBackend.js
View File

@ -51,13 +51,6 @@ export function logout() {
}).then(res => res.json());
}
export function getOAuthCode(clientId, responseType, redirectUri, scope, state) {
return fetch(`${authConfig.serverUrl}/api/oauth/code?clientId=${clientId}&responseType=${responseType}&redirectUri=${redirectUri}&scope=${scope}&state=${state}`, {
method: 'GET',
credentials: 'include',
}).then(res => res.json());
}
export function getApplication(owner, name) {
return fetch(`${authConfig.serverUrl}/api/get-application?id=${owner}/${encodeURIComponent(name)}`, {
method: "GET",

11
web/src/auth/Face.js
View File

@ -86,12 +86,17 @@ class Face extends React.Component {
}
onFinish(values) {
values.type = this.state.type;
AuthBackend.login(values)
.then((res) => {
if (res.status === 'ok') {
this.props.onLoggedIn();
Util.showMessage("success", `Logged in successfully`);
Util.goToLink("/");
if (this.state.type === "login") {
this.props.onLoggedIn();
Util.showMessage("success", `Logged in successfully`);
Util.goToLink("/");
} else if (this.state.type === "code") {
Util.showMessage("success", `Authorization code: ${res.data}`);
}
} else {
Util.showMessage("error", `Log in failed${res.msg}`);
}