feat: add dynamic mode for provider to enable verification code when the login password is wrong (#1753)

* fix: update webAuthnBufferDecode to support Base64URL for WebAuthn updates * feat: enable verification code when the login password is wrong * fix: only enable captcha when login in password * fix: disable login error limits when captcha on * fix: pass "enableCaptcha" as an optional param * fix: change enbleCapctah to optional bool param
2025-07-02 03:00:18 +08:00 · 2023-04-22 16:16:25 +08:00
parent ee8c2650c3
commit 6d6cbc7e6f
31 changed files with 150 additions and 29 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -281,8 +281,8 @@ func (c *ApiController) Login() {
 				c.ResponseError(c.T("auth:The login method: login with password is not enabled for the application"))
 				return
 			}
-
-			if object.CheckToEnableCaptcha(application) {
+			var enableCaptcha bool
+			if enableCaptcha = object.CheckToEnableCaptcha(application, form.Organization, form.Username); enableCaptcha {
 				isHuman, err := captcha.VerifyCaptchaByCaptchaType(form.CaptchaType, form.CaptchaToken, form.ClientSecret)
 				if err != nil {
 					c.ResponseError(err.Error())
@ -296,7 +296,8 @@ func (c *ApiController) Login() {
 			}

 			password := form.Password
-			user, msg = object.CheckUserPassword(form.Organization, form.Username, password, c.GetAcceptLanguage())
+			user, msg = object.CheckUserPassword(form.Organization, form.Username, password, c.GetAcceptLanguage(), enableCaptcha)
+
 		}

 		if msg != "" {
@ -610,3 +611,21 @@ func (c *ApiController) GetWebhookEventType() {
 	wechatScanType = ""
 	c.ServeJSON()
 }
+
+// GetCaptchaStatus
+// @Title GetCaptchaStatus
+// @Tag Token API
+// @Description Get Login Error Counts
+// @Param   id     query    string  true        "The id ( owner/name ) of user"
+// @Success 200 {object} controllers.Response The Response object
+// @router /api/get-captcha-status [get]
+func (c *ApiController) GetCaptchaStatus() {
+	organization := c.Input().Get("organization")
+	userId := c.Input().Get("user_id")
+	user := object.GetUserByFields(organization, userId)
+	var captchaEnabled bool
+	if user != nil && user.SigninWrongTimes >= object.SigninWrongTimesLimit {
+		captchaEnabled = true
+	}
+	c.ResponseOk(captchaEnabled)
+}