feat: check user email and phone when signing up

Signed-off-by: Kininaru <shiftregister233@outlook.com> phone prefix error Signed-off-by: Kininaru <shiftregister233@outlook.com> fix i18n Signed-off-by: Kininaru <shiftregister233@outlook.com> fix i18n error Signed-off-by: Kininaru <shiftregister233@outlook.com> removed useless file Signed-off-by: Kininaru <shiftregister233@outlook.com> move timeout to app.conf Signed-off-by: Kininaru <shiftregister233@outlook.com> i18n Signed-off-by: Kininaru <shiftregister233@outlook.com> made verification code reusable Signed-off-by: Kininaru <shiftregister233@outlook.com>
2025-07-03 12:30:19 +08:00 · 2021-05-18 20:11:03 +08:00
parent 9bc29e25ef
commit 66d953a6c1
14 changed files with 151 additions and 37 deletions
--- a/controllers/account.go
+++ b/controllers/account.go
@ -46,6 +46,10 @@ type RequestForm struct {
 	State       string `json:"state"`
 	RedirectUri string `json:"redirectUri"`
 	Method      string `json:"method"`
+
+	EmailCode   string `json:"emailCode"`
+	PhoneCode   string `json:"phoneCode"`
+	PhonePrefix string `json:"phonePrefix"`
 }

 type Response struct {
@ -77,6 +81,21 @@ func (c *ApiController) Signup() {
 		panic(err)
 	}

+	checkResult := object.CheckVerificationCode(form.Email, form.EmailCode)
+	if len(checkResult) != 0 {
+		responseText := fmt.Sprintf("Email%s", checkResult)
+		c.ResponseError(responseText)
+		return
+	}
+
+	checkPhone := fmt.Sprintf("+%s%s", form.PhonePrefix, form.Phone)
+	checkResult = object.CheckVerificationCode(checkPhone, form.PhoneCode)
+	if len(checkResult) != 0 {
+		responseText := fmt.Sprintf("Phone%s", checkResult)
+		c.ResponseError(responseText)
+		return
+	}
+
 	application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 	if !application.EnableSignUp {
 		resp = Response{Status: "error", Msg: "The application does not allow to sign up new account", Data: c.GetSessionUser()}
@ -110,6 +129,8 @@ func (c *ApiController) Signup() {

 		//c.SetSessionUser(user)

+		object.DisableVerificationCode(form.Email)
+		object.DisableVerificationCode(checkPhone)
 		util.LogInfo(c.Ctx, "API: [%s] is signed up as new user", userId)
 		resp = Response{Status: "ok", Msg: "", Data: userId}
 	}
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -23,25 +23,14 @@ import (
 )

 func (c *ApiController) SendVerificationCode() {
-	userId, ok := c.RequireSignedIn()
-	if !ok {
-		return
-	}
-
-	user := object.GetUser(userId)
-	if user == nil {
-		c.ResponseError("No such user.")
-		return
-	}
-
 	destType := c.Ctx.Request.Form.Get("type")
 	dest := c.Ctx.Request.Form.Get("dest")
+	orgId := c.Ctx.Request.Form.Get("organizationId")
 	remoteAddr := c.Ctx.Request.RemoteAddr
 	remoteAddr = remoteAddr[:strings.LastIndex(remoteAddr, ":")]

-	if len(destType) == 0 || len(dest) == 0 {
-		c.Data["json"] = Response{Status: "error", Msg: "Missing parameter."}
-		c.ServeJSON()
+	if len(destType) == 0 || len(dest) == 0 || len(orgId) == 0 || strings.Index(orgId, "/") < 0 {
+		c.ResponseError("Missing parameter.")
 		return
 	}

@ -58,12 +47,12 @@ func (c *ApiController) SendVerificationCode() {
 			c.ResponseError("Invalid phone number")
 			return
 		}
-		org := object.GetOrganizationByUser(user)
-		phonePrefix := "86"
-		if org != nil && org.PhonePrefix != "" {
-			phonePrefix = org.PhonePrefix
+		org := object.GetOrganization(orgId)
+		if org == nil {
+			c.ResponseError("Missing parameter.")
+			return
 		}
-		dest = fmt.Sprintf("+%s%s", phonePrefix, dest)
+		dest = fmt.Sprintf("+%s%s", org.PhonePrefix, dest)
 		msg = object.SendVerificationCodeToPhone(remoteAddr, dest)
 	}

@ -122,6 +111,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 		return
 	}

+	object.DisableVerificationCode(checkDest)
 	c.Data["json"] = Response{Status: "ok"}
 	c.ServeJSON()
 }