llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 04:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: add dynamic mode for provider to enable verification code when the login password is wrong (#1753)

Browse Source 
* fix: update webAuthnBufferDecode to support Base64URL for WebAuthn updates

* feat: enable verification code when the login password is wrong

* fix: only enable captcha when login in password

* fix: disable login error limits when captcha on

* fix: pass "enableCaptcha" as an optional param

* fix: change enbleCapctah to optional bool param
This commit is contained in:
XDTD
2023-04-22 16:16:25 +08:00
committed by GitHub
parent ee8c2650c3
commit 6d6cbc7e6f
31 changed files with 150 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
object/check.go
View File

@ -157,10 +157,16 @@ func checkSigninErrorTimes(user *User, lang string) string {
return ""
}
func CheckPassword(user *User, password string, lang string) string {
func CheckPassword(user *User, password string, lang string, options ...bool) string {
enableCaptcha := false
if len(options) > 0 {
enableCaptcha = options[0]
}
// check the login error times
if msg := checkSigninErrorTimes(user, lang); msg != "" {
return msg
if !enableCaptcha {
if msg := checkSigninErrorTimes(user, lang); msg != "" {
return msg
}
}
organization := GetOrganizationByUser(user)
@ -182,7 +188,7 @@ func CheckPassword(user *User, password string, lang string) string {
return ""
}
return recordSigninErrorInfo(user, lang)
return recordSigninErrorInfo(user, lang, enableCaptcha)
} else {
return fmt.Sprintf(i18n.Translate(lang, "check:unsupported password type: %s"), organization.PasswordType)
}
@ -231,7 +237,11 @@ func checkLdapUserPassword(user *User, password string, lang string) string {
return ""
}
func CheckUserPassword(organization string, username string, password string, lang string) (*User, string) {
func CheckUserPassword(organization string, username string, password string, lang string, options ...bool) (*User, string) {
enableCaptcha := false
if len(options) > 0 {
enableCaptcha = options[0]
}
user := GetUserByFields(organization, username)
if user == nil || user.IsDeleted == true {
return nil, fmt.Sprintf(i18n.Translate(lang, "general:The user: %s doesn't exist"), util.GetId(organization, username))
@ -250,7 +260,7 @@ func CheckUserPassword(organization string, username string, password string, la
return nil, msg
}
} else {
if msg := CheckPassword(user, password, lang); msg != "" {
if msg := CheckPassword(user, password, lang, enableCaptcha); msg != "" {
return nil, msg
}
}
@ -380,7 +390,7 @@ func CheckUpdateUser(oldUser, user *User, lang string) string {
return ""
}
func CheckToEnableCaptcha(application *Application) bool {
func CheckToEnableCaptcha(application *Application, organization, username string) bool {
if len(application.Providers) == 0 {
return false
}
@ -390,6 +400,10 @@ func CheckToEnableCaptcha(application *Application) bool {
continue
}
if providerItem.Provider.Category == "Captcha" {
if providerItem.Rule == "Dynamic" {
user := GetUserByFields(organization, username)
return user != nil && user.SigninWrongTimes >= SigninWrongTimesLimit
}
return providerItem.Rule == "Always"
}
}