llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-09-09 15:12:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Return code for /api/login

Browse Source
This commit is contained in:
Yang Luo
2021-03-20 13:05:34 +08:00
parent 7049e09570
commit 63a4066a8d
6 changed files with 32 additions and 75 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
controllers/auth.go
View File

@@ -31,7 +31,7 @@ func (c *ApiController) HandleLoggedIn(userId string, form *RequestForm) *Respon
if form.Type == ResponseTypeLogin { if form.Type == ResponseTypeLogin {
c.SetSessionUser(userId) c.SetSessionUser(userId)
util.LogInfo(c.Ctx, "API: [%s] signed in", userId) util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
resp = nil resp = &Response{Status: "ok", Msg: "", Data: userId}
} else if form.Type == ResponseTypeCode { } else if form.Type == ResponseTypeCode {
clientId := c.Input().Get("clientId") clientId := c.Input().Get("clientId")
responseType := c.Input().Get("responseType") responseType := c.Input().Get("responseType")
@@ -67,7 +67,7 @@ func (c *ApiController) GetApplicationLogin() {
} }
func (c *ApiController) Login() { func (c *ApiController) Login() {
var resp Response resp := &Response{Status: "null", Msg: ""}
var form RequestForm var form RequestForm
err := json.Unmarshal(c.Ctx.Input.RequestBody, &form) err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)
if err != nil { if err != nil {
@@ -75,22 +75,23 @@ func (c *ApiController) Login() {
} }
if form.Username != "" { if form.Username != "" {
if form.Type == ResponseTypeLogin {
if c.GetSessionUser() != "" { if c.GetSessionUser() != "" {
resp = Response{Status: "error", Msg: "please log out first before signing in", Data: c.GetSessionUser()} resp = &Response{Status: "error", Msg: "please log out first before signing in", Data: c.GetSessionUser()}
c.Data["json"] = resp c.Data["json"] = resp
c.ServeJSON() c.ServeJSON()
return return
} }
}
userId := fmt.Sprintf("%s/%s", form.Organization, form.Username) userId := fmt.Sprintf("%s/%s", form.Organization, form.Username)
password := form.Password password := form.Password
msg := object.CheckUserLogin(userId, password) msg := object.CheckUserLogin(userId, password)
if msg != "" { if msg != "" {
resp = Response{Status: "error", Msg: msg, Data: ""} resp = &Response{Status: "error", Msg: msg, Data: ""}
} else { } else {
c.HandleLoggedIn(userId, &form) resp = c.HandleLoggedIn(userId, &form)
resp = Response{Status: "ok", Msg: "", Data: userId}
} }
} else if form.Provider != "" { } else if form.Provider != "" {
application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application)) application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
@@ -105,7 +106,7 @@ func (c *ApiController) Login() {
var res authResponse var res authResponse
if form.State != beego.AppConfig.String("AuthState") { if form.State != beego.AppConfig.String("AuthState") {
resp = Response{Status: "error", Msg: "unauthorized", Data: res} resp = &Response{Status: "error", Msg: "unauthorized", Data: res}
c.ServeJSON() c.ServeJSON()
return return
} }
@@ -118,7 +119,7 @@ func (c *ApiController) Login() {
} }
if !token.Valid() { if !token.Valid() {
resp = Response{Status: "error", Msg: "unauthorized", Data: res} resp = &Response{Status: "error", Msg: "unauthorized", Data: res}
c.Data["json"] = resp c.Data["json"] = resp
c.ServeJSON() c.ServeJSON()
return return
@@ -126,7 +127,7 @@ func (c *ApiController) Login() {
res.Email, res.Method, res.Avatar, err = idProvider.GetUserInfo(httpClient, token) res.Email, res.Method, res.Avatar, err = idProvider.GetUserInfo(httpClient, token)
if err != nil { if err != nil {
resp = Response{Status: "error", Msg: "Login failed, please try again."} resp = &Response{Status: "error", Msg: "Login failed, please try again."}
c.Data["json"] = resp c.Data["json"] = resp
c.ServeJSON() c.ServeJSON()
return return
@@ -151,7 +152,7 @@ func (c *ApiController) Login() {
// object.LinkMemberAccount(userId, "avatar", avatar) // object.LinkMemberAccount(userId, "avatar", avatar)
//} //}
c.HandleLoggedIn(userId, &form) resp = c.HandleLoggedIn(userId, &form)
} else { } else {
//if object.IsForbidden(userId) { //if object.IsForbidden(userId) {
// c.forbiddenAccountResp(userId) // c.forbiddenAccountResp(userId)
@@ -159,7 +160,7 @@ func (c *ApiController) Login() {
//} //}
if userId := object.GetUserIdByField(application, "email", res.Email); userId != "" { if userId := object.GetUserIdByField(application, "email", res.Email); userId != "" {
c.HandleLoggedIn(userId, &form) resp = c.HandleLoggedIn(userId, &form)
if provider.Type == "github" { if provider.Type == "github" {
_ = object.LinkUserAccount(userId, "github", res.Method) _ = object.LinkUserAccount(userId, "github", res.Method)
@@ -168,11 +169,11 @@ func (c *ApiController) Login() {
} }
} }
} }
resp = Response{Status: "ok", Msg: "success", Data: res} //resp = &Response{Status: "ok", Msg: "", Data: res}
} else { } else {
userId := c.GetSessionUser() userId := c.GetSessionUser()
if userId == "" { if userId == "" {
resp = Response{Status: "error", Msg: "user doesn't exist", Data: res} resp = &Response{Status: "error", Msg: "user doesn't exist", Data: res}
c.Data["json"] = resp c.Data["json"] = resp
c.ServeJSON() c.ServeJSON()
return return
@@ -185,9 +186,9 @@ func (c *ApiController) Login() {
linkRes = object.LinkUserAccount(userId, "google", res.Email) linkRes = object.LinkUserAccount(userId, "google", res.Email)
} }
if linkRes { if linkRes {
resp = Response{Status: "ok", Msg: "success", Data: linkRes} resp = &Response{Status: "ok", Msg: "", Data: linkRes}
} else { } else {
resp = Response{Status: "error", Msg: "link account failed", Data: linkRes} resp = &Response{Status: "error", Msg: "link account failed", Data: linkRes}
} }
//if len(object.GetMemberAvatar(userId)) == 0 { //if len(object.GetMemberAvatar(userId)) == 0 {
// avatar := UploadAvatarToOSS(tempUserAccount.AvatarUrl, userId) // avatar := UploadAvatarToOSS(tempUserAccount.AvatarUrl, userId)

15
controllers/token.go
View File

@@ -73,23 +73,10 @@ func codeToResponse(code *object.Code) *Response {
if code.Code == "" { if code.Code == "" {
return &Response{Status: "error", Msg: code.Message, Data: code.Code} return &Response{Status: "error", Msg: code.Message, Data: code.Code}
} else { } else {
return &Response{Status: "ok", Msg: "success", Data: code.Code} return &Response{Status: "ok", Msg: "", Data: code.Code}
} }
} }
func (c *ApiController) GetOAuthCode() {
userId := c.GetSessionUser()
clientId := c.Input().Get("clientId")
responseType := c.Input().Get("responseType")
redirectUri := c.Input().Get("redirectUri")
scope := c.Input().Get("scope")
state := c.Input().Get("state")
code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state)
c.Data["json"] = codeToResponse(code)
c.ServeJSON()
}
func (c *ApiController) GetOAuthToken() { func (c *ApiController) GetOAuthToken() {
grantType := c.Input().Get("grant_type") grantType := c.Input().Get("grant_type")
clientId := c.Input().Get("client_id") clientId := c.Input().Get("client_id")

34
object/token.go
View File

@@ -148,13 +148,6 @@ func CheckOAuthLogin(clientId string, responseType string, redirectUri string, s
} }
func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string) *Code { func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string) *Code {
if userId == "" {
return &Code{
Message: "please sign in first",
Code: "",
}
}
user := GetUser(userId) user := GetUser(userId)
if user == nil { if user == nil {
return &Code{ return &Code{
@@ -163,31 +156,10 @@ func GetOAuthCode(userId string, clientId string, responseType string, redirectU
} }
} }
application := getApplicationByClientId(clientId) msg, application := CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
if application == nil { if msg != "" {
return &Code{ return &Code{
Message: "invalid client_id", Message: msg,
Code: "",
}
}
if responseType != "code" {
return &Code{
Message: "response_type should be \"code\"",
Code: "",
}
}
validUri := false
for _, tmpUri := range application.RedirectUris {
if strings.Contains(redirectUri, tmpUri) {
validUri = true
break
}
}
if !validUri {
return &Code{
Message: "redirect_uri doesn't exist in the allowed Redirect URL list",
Code: "", Code: "",
} }
} }

1
routers/router.go
View File

@@ -70,6 +70,5 @@ func initAPI() {
beego.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken") beego.Router("/api/update-token", &controllers.ApiController{}, "POST:UpdateToken")
beego.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken") beego.Router("/api/add-token", &controllers.ApiController{}, "POST:AddToken")
beego.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken") beego.Router("/api/delete-token", &controllers.ApiController{}, "POST:DeleteToken")
beego.Router("/api/oauth/code", &controllers.ApiController{}, "GET:GetOAuthCode")
beego.Router("/api/oauth/token", &controllers.ApiController{}, "GET:GetOAuthToken") beego.Router("/api/oauth/token", &controllers.ApiController{}, "GET:GetOAuthToken")
} }

7
web/src/auth/AuthBackend.js
View File

@@ -51,13 +51,6 @@ export function logout() {
}).then(res => res.json()); }).then(res => res.json());
} }
export function getOAuthCode(clientId, responseType, redirectUri, scope, state) {
return fetch(`${authConfig.serverUrl}/api/oauth/code?clientId=${clientId}&responseType=${responseType}&redirectUri=${redirectUri}&scope=${scope}&state=${state}`, {
method: 'GET',
credentials: 'include',
}).then(res => res.json());
}
export function getApplication(owner, name) { export function getApplication(owner, name) {
return fetch(`${authConfig.serverUrl}/api/get-application?id=${owner}/${encodeURIComponent(name)}`, { return fetch(`${authConfig.serverUrl}/api/get-application?id=${owner}/${encodeURIComponent(name)}`, {
method: "GET", method: "GET",

5
web/src/auth/Face.js
View File

@@ -86,12 +86,17 @@ class Face extends React.Component {
} }
onFinish(values) { onFinish(values) {
values.type = this.state.type;
AuthBackend.login(values) AuthBackend.login(values)
.then((res) => { .then((res) => {
if (res.status === 'ok') { if (res.status === 'ok') {
if (this.state.type === "login") {
this.props.onLoggedIn(); this.props.onLoggedIn();
Util.showMessage("success", `Logged in successfully`); Util.showMessage("success", `Logged in successfully`);
Util.goToLink("/"); Util.goToLink("/");
} else if (this.state.type === "code") {
Util.showMessage("success", `Authorization code: ${res.data}`);
}
} else { } else {
Util.showMessage("error", `Log in failed${res.msg}`); Util.showMessage("error", `Log in failed${res.msg}`);
} }