diff --git a/controllers/auth.go b/controllers/auth.go index c1558487..cae2c614 100644 --- a/controllers/auth.go +++ b/controllers/auth.go @@ -139,53 +139,35 @@ func (c *ApiController) Login() { if form.Password == "" { var verificationCodeType string + var checkResult string // check result through Email or Phone - if strings.Contains(form.Email, "@") { + if strings.Contains(form.Username, "@") { verificationCodeType = "email" - checkResult := object.CheckVerificationCode(form.Email, form.EmailCode) - if len(checkResult) != 0 { - responseText := fmt.Sprintf("Email%s", checkResult) - c.ResponseError(responseText) - return - } + checkResult = object.CheckVerificationCode(form.Username, form.Code) } else { verificationCodeType = "phone" - checkPhone := fmt.Sprintf("+%s%s", form.PhonePrefix, form.Email) - checkResult := object.CheckVerificationCode(checkPhone, form.EmailCode) - if len(checkResult) != 0 { - responseText := fmt.Sprintf("Phone%s", checkResult) + if len(form.PhonePrefix) == 0 { + responseText := fmt.Sprintf("%s%s", verificationCodeType, "No phone prefix") c.ResponseError(responseText) return } + checkPhone := fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username) + checkResult = object.CheckVerificationCode(checkPhone, form.Code) } - - // get user - var userId string - if form.Username == "" { - userId, _ = c.RequireSignedIn() - } else { - userId = fmt.Sprintf("%s/%s", form.Organization, form.Username) - } - - user = object.GetUser(userId) - if user == nil { - c.ResponseError("No such user.") + if len(checkResult) != 0 { + responseText := fmt.Sprintf("%s%s", verificationCodeType, checkResult) + c.ResponseError(responseText) return } // disable the verification code - switch verificationCodeType { - case "email": - if user.Email != form.Email { - c.ResponseError("wrong email!") - } - object.DisableVerificationCode(form.Email) - case "phone": - if user.Phone != form.Email { - c.ResponseError("wrong phone!") - } - object.DisableVerificationCode(form.Email) + object.DisableVerificationCode(form.Username) + + user = object.GetUserByFields(form.Organization, form.Username) + if user == nil { + c.ResponseError("No such user.") + return } } else { password := form.Password diff --git a/controllers/verification.go b/controllers/verification.go index 37c23305..5729b715 100644 --- a/controllers/verification.go +++ b/controllers/verification.go @@ -45,6 +45,7 @@ func (c *ApiController) SendVerificationCode() { checkType := c.Ctx.Request.Form.Get("checkType") checkId := c.Ctx.Request.Form.Get("checkId") checkKey := c.Ctx.Request.Form.Get("checkKey") + checkUser := c.Ctx.Request.Form.Get("checkUser") remoteAddr := util.GetIPFromRequest(c.Ctx.Request) if len(destType) == 0 || len(dest) == 0 || len(orgId) == 0 || !strings.Contains(orgId, "/") || len(checkType) == 0 || len(checkId) == 0 || len(checkKey) == 0 { @@ -67,6 +68,12 @@ func (c *ApiController) SendVerificationCode() { organization := object.GetOrganization(orgId) application := object.GetApplicationByOrganizationName(organization.Name) + if checkUser == "true" && user == nil && + object.GetUserByFields(organization.Name, dest) == nil { + c.ResponseError("No such user.") + return + } + sendResp := errors.New("Invalid dest type.") switch destType { case "email": diff --git a/web/src/auth/ForgetPage.js b/web/src/auth/ForgetPage.js index 7e02f5f3..181e0a8f 100644 --- a/web/src/auth/ForgetPage.js +++ b/web/src/auth/ForgetPage.js @@ -136,10 +136,9 @@ class ForgetPage extends React.Component { AuthBackend.login({ application: forms.step2.getFieldValue("application"), organization: forms.step2.getFieldValue("organization"), - email: forms.step2.getFieldValue("email"), - emailCode: forms.step2.getFieldValue("emailCode"), + username: forms.step2.getFieldValue("email"), + code: forms.step2.getFieldValue("emailCode"), phonePrefix: this.state.application?.organizationObj.phonePrefix, - username: this.state.username, type: "login" }, oAuthParams).then(res => { if (res.status === "ok") { diff --git a/web/src/auth/LoginPage.js b/web/src/auth/LoginPage.js index ba9d72d6..0b910968 100644 --- a/web/src/auth/LoginPage.js +++ b/web/src/auth/LoginPage.js @@ -49,6 +49,7 @@ class LoginPage extends React.Component { isCodeSignin: false, msg: null, username: null, + validEmailOrPhone: false }; } @@ -109,6 +110,7 @@ class LoginPage extends React.Component { const application = this.getApplicationObj(); const ths = this; values["type"] = this.state.type; + values["phonePrefix"] = this.getApplicationObj()?.organizationObj.phonePrefix; const oAuthParams = Util.getOAuthGetParameters(); AuthBackend.login(values, oAuthParams) @@ -288,11 +290,28 @@ class LoginPage extends React.Component { { + if (this.state.isCodeSignin) { + if (this.state.email !== "" && !Setting.isValidEmail(this.state.username) && !Setting.isValidPhone(this.state.username)) { + this.setState({validEmailOrPhone: false}); + return Promise.reject(i18next.t("login:The input is not valid Email or Phone!")); + } + } + this.setState({validEmailOrPhone: true}); + return Promise.resolve(); + } + } + ]} > } - placeholder={i18next.t("login:username, Email or phone")} + placeholder={ this.state.isCodeSignin ? i18next.t("login:Email or phone") : i18next.t("login:username, Email or phone") } disabled={!application.enablePassword} onChange={e => { this.setState({ @@ -308,8 +327,8 @@ class LoginPage extends React.Component { rules={[{ required: true, message: i18next.t("login:Please input your code!") }]} > ) : ( diff --git a/web/src/backend/UserBackend.js b/web/src/backend/UserBackend.js index 6e8707e6..3ee4313a 100644 --- a/web/src/backend/UserBackend.js +++ b/web/src/backend/UserBackend.js @@ -88,7 +88,7 @@ export function setPassword(userOwner, userName, oldPassword, newPassword) { }).then(res => res.json()); } -export function sendCode(checkType, checkId, checkKey, dest, type, orgId) { +export function sendCode(checkType, checkId, checkKey, dest, type, orgId, checkUser) { let formData = new FormData(); formData.append("checkType", checkType); formData.append("checkId", checkId); @@ -96,6 +96,7 @@ export function sendCode(checkType, checkId, checkKey, dest, type, orgId) { formData.append("dest", dest); formData.append("type", type); formData.append("organizationId", orgId); + formData.append("checkUser", checkUser); return fetch(`${Setting.ServerUrl}/api/send-verification-code`, { method: "POST", credentials: "include", diff --git a/web/src/component/CountDownInput.js b/web/src/component/CountDownInput.js index 23aa0262..ade81940 100644 --- a/web/src/component/CountDownInput.js +++ b/web/src/component/CountDownInput.js @@ -18,6 +18,8 @@ import * as Setting from "../Setting"; import i18next from "i18next"; import * as UserBackend from "../backend/UserBackend"; import {SafetyOutlined} from "@ant-design/icons"; +import * as Util from "../auth/Util"; +import {isValidEmail, isValidPhone} from "../Setting"; const { Search } = Input; @@ -40,6 +42,14 @@ export const CountDownInput = (props) => { const handleOk = () => { setVisible(false); + if (isValidEmail(onButtonClickArgs[0])) { + onButtonClickArgs[1] = "email"; + } else if (isValidPhone(onButtonClickArgs[0])) { + onButtonClickArgs[1] = "phone"; + } else { + Util.showMessage("error", i18next.t("login:Invalid Email or phone")) + return; + } UserBackend.sendCode(checkType, checkId, key, ...onButtonClickArgs).then(res => { setKey(""); if (res) { diff --git a/web/src/locales/de/data.json b/web/src/locales/de/data.json index 67ba4eb4..13507d56 100644 --- a/web/src/locales/de/data.json +++ b/web/src/locales/de/data.json @@ -177,6 +177,7 @@ "Please input your code!": "Please input your code!", "Please input your password!": "Please input your password!", "Please input your password, at least 6 characters!": "Please input your password, at least 6 characters!", + "Please input your Email or phone!": "Please input your Email or phone!", "Please input your username, Email or phone!": "Please input your username, Email or phone!", "Sign In": "Sign In", "Sign in with code": "Sign in with code", @@ -185,7 +186,10 @@ "Signing in...": "Signing in...", "To access": "To access", "sign up now": "sign up now", - "username, Email or phone": "username, Email or phone" + "Email or phone": "Email or phone", + "username, Email or phone": "username, Email or phone", + "Invalid Email or phone": "Invalid Email or phone", + "The input is not valid Email or Phone!": "The input is not valid Email or Phone!" }, "organization": { "Default avatar": "Default avatar", diff --git a/web/src/locales/en/data.json b/web/src/locales/en/data.json index aedee081..6a711343 100644 --- a/web/src/locales/en/data.json +++ b/web/src/locales/en/data.json @@ -177,6 +177,7 @@ "Please input your code!": "Please input your code!", "Please input your password!": "Please input your password!", "Please input your password, at least 6 characters!": "Please input your password, at least 6 characters!", + "Please input your Email or phone!": "Please input your Email or phone!", "Please input your username, Email or phone!": "Please input your username, Email or phone!", "Sign In": "Sign In", "Sign in with code": "Sign in with code", @@ -185,7 +186,10 @@ "Signing in...": "Signing in...", "To access": "To access", "sign up now": "sign up now", - "username, Email or phone": "username, Email or phone" + "Email or phone": "Email or phone", + "username, Email or phone": "username, Email or phone", + "Invalid Email or phone": "Invalid Email or phone", + "The input is not valid Email or Phone!": "The input is not valid Email or Phone!" }, "organization": { "Default avatar": "Default avatar", diff --git a/web/src/locales/fr/data.json b/web/src/locales/fr/data.json index 67ba4eb4..13507d56 100644 --- a/web/src/locales/fr/data.json +++ b/web/src/locales/fr/data.json @@ -177,6 +177,7 @@ "Please input your code!": "Please input your code!", "Please input your password!": "Please input your password!", "Please input your password, at least 6 characters!": "Please input your password, at least 6 characters!", + "Please input your Email or phone!": "Please input your Email or phone!", "Please input your username, Email or phone!": "Please input your username, Email or phone!", "Sign In": "Sign In", "Sign in with code": "Sign in with code", @@ -185,7 +186,10 @@ "Signing in...": "Signing in...", "To access": "To access", "sign up now": "sign up now", - "username, Email or phone": "username, Email or phone" + "Email or phone": "Email or phone", + "username, Email or phone": "username, Email or phone", + "Invalid Email or phone": "Invalid Email or phone", + "The input is not valid Email or Phone!": "The input is not valid Email or Phone!" }, "organization": { "Default avatar": "Default avatar", diff --git a/web/src/locales/ja/data.json b/web/src/locales/ja/data.json index 67ba4eb4..13507d56 100644 --- a/web/src/locales/ja/data.json +++ b/web/src/locales/ja/data.json @@ -177,6 +177,7 @@ "Please input your code!": "Please input your code!", "Please input your password!": "Please input your password!", "Please input your password, at least 6 characters!": "Please input your password, at least 6 characters!", + "Please input your Email or phone!": "Please input your Email or phone!", "Please input your username, Email or phone!": "Please input your username, Email or phone!", "Sign In": "Sign In", "Sign in with code": "Sign in with code", @@ -185,7 +186,10 @@ "Signing in...": "Signing in...", "To access": "To access", "sign up now": "sign up now", - "username, Email or phone": "username, Email or phone" + "Email or phone": "Email or phone", + "username, Email or phone": "username, Email or phone", + "Invalid Email or phone": "Invalid Email or phone", + "The input is not valid Email or Phone!": "The input is not valid Email or Phone!" }, "organization": { "Default avatar": "Default avatar", diff --git a/web/src/locales/ko/data.json b/web/src/locales/ko/data.json index 67ba4eb4..13507d56 100644 --- a/web/src/locales/ko/data.json +++ b/web/src/locales/ko/data.json @@ -177,6 +177,7 @@ "Please input your code!": "Please input your code!", "Please input your password!": "Please input your password!", "Please input your password, at least 6 characters!": "Please input your password, at least 6 characters!", + "Please input your Email or phone!": "Please input your Email or phone!", "Please input your username, Email or phone!": "Please input your username, Email or phone!", "Sign In": "Sign In", "Sign in with code": "Sign in with code", @@ -185,7 +186,10 @@ "Signing in...": "Signing in...", "To access": "To access", "sign up now": "sign up now", - "username, Email or phone": "username, Email or phone" + "Email or phone": "Email or phone", + "username, Email or phone": "username, Email or phone", + "Invalid Email or phone": "Invalid Email or phone", + "The input is not valid Email or Phone!": "The input is not valid Email or Phone!" }, "organization": { "Default avatar": "Default avatar", diff --git a/web/src/locales/ru/data.json b/web/src/locales/ru/data.json index 67ba4eb4..13507d56 100644 --- a/web/src/locales/ru/data.json +++ b/web/src/locales/ru/data.json @@ -177,6 +177,7 @@ "Please input your code!": "Please input your code!", "Please input your password!": "Please input your password!", "Please input your password, at least 6 characters!": "Please input your password, at least 6 characters!", + "Please input your Email or phone!": "Please input your Email or phone!", "Please input your username, Email or phone!": "Please input your username, Email or phone!", "Sign In": "Sign In", "Sign in with code": "Sign in with code", @@ -185,7 +186,10 @@ "Signing in...": "Signing in...", "To access": "To access", "sign up now": "sign up now", - "username, Email or phone": "username, Email or phone" + "Email or phone": "Email or phone", + "username, Email or phone": "username, Email or phone", + "Invalid Email or phone": "Invalid Email or phone", + "The input is not valid Email or Phone!": "The input is not valid Email or Phone!" }, "organization": { "Default avatar": "Default avatar", diff --git a/web/src/locales/zh/data.json b/web/src/locales/zh/data.json index 816186f0..a3dce27a 100644 --- a/web/src/locales/zh/data.json +++ b/web/src/locales/zh/data.json @@ -177,6 +177,7 @@ "Please input your code!": "请输入您的验证码!", "Please input your password!": "请输入您的密码!", "Please input your password, at least 6 characters!": "请输入您的密码,不少于6位", + "Please input your Email or phone!": "请输入您的Email或手机号!", "Please input your username, Email or phone!": "请输入您的用户名、Email或手机号!", "Sign In": "登录", "Sign in with code": "验证码登录", @@ -185,7 +186,10 @@ "Signing in...": "正在登录...", "To access": "访问", "sign up now": "立即注册", - "username, Email or phone": "用户名、Email或手机号" + "Email or phone": "Email或手机号", + "username, Email or phone": "用户名、Email或手机号", + "Invalid Email or phone": "无效的Email或手机号", + "The input is not valid Email or Phone!": "您输入的电子邮箱格式或手机号有误!" }, "organization": { "Default avatar": "默认头像",