llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-03 04:10:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Add /api/get-app-login

Browse Source
This commit is contained in:
Yang Luo
2021-03-20 10:51:00 +08:00
parent c8cd37058e
commit 9980ef1975
5 changed files with 74 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
controllers/account.go
View File

@ -25,6 +25,11 @@ import (
"github.com/casdoor/casdoor/util" "github.com/casdoor/casdoor/util"
) )
const (
ResponseTypeLogin = "login"
ResponseTypeCode = "code"
)
type RequestForm struct { type RequestForm struct {
Type string `json:"type"` Type string `json:"type"`

47
controllers/auth.go
View File

@ -26,9 +26,44 @@ import (
"golang.org/x/oauth2" "golang.org/x/oauth2"
) )
func (c *ApiController) HandleLoggedIn(userId string) { func (c *ApiController) HandleLoggedIn(userId string, form *RequestForm) *Response {
c.SetSessionUser(userId) resp := &Response{}
util.LogInfo(c.Ctx, "API: [%s] signed in", userId) if form.Type == ResponseTypeLogin {
c.SetSessionUser(userId)
util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
resp = nil
} else if form.Type == ResponseTypeCode {
clientId := c.Input().Get("clientId")
responseType := c.Input().Get("responseType")
redirectUri := c.Input().Get("redirectUri")
scope := c.Input().Get("scope")
state := c.Input().Get("state")
code := object.GetOAuthCode(userId, clientId, responseType, redirectUri, scope, state)
resp = codeToResponse(code)
} else {
resp = &Response{Status: "error", Msg: fmt.Sprintf("unknown response type: %s", form.Type)}
}
return resp
}
func (c *ApiController) GetApplicationLogin() {
var resp Response
clientId := c.Input().Get("clientId")
responseType := c.Input().Get("responseType")
redirectUri := c.Input().Get("redirectUri")
scope := c.Input().Get("scope")
state := c.Input().Get("state")
msg, application := object.CheckOAuthLogin(clientId, responseType, redirectUri, scope, state)
if msg != "" {
resp = Response{Status: "error", Msg: msg, Data: application}
} else {
resp = Response{Status: "ok", Msg: "", Data: application}
}
c.Data["json"] = resp
c.ServeJSON()
} }
func (c *ApiController) Login() { func (c *ApiController) Login() {
@ -54,7 +89,7 @@ func (c *ApiController) Login() {
if msg != "" { if msg != "" {
resp = Response{Status: "error", Msg: msg, Data: ""} resp = Response{Status: "error", Msg: msg, Data: ""}
} else { } else {
c.HandleLoggedIn(userId) c.HandleLoggedIn(userId, &form)
resp = Response{Status: "ok", Msg: "", Data: userId} resp = Response{Status: "ok", Msg: "", Data: userId}
} }
} else if form.Provider != "" { } else if form.Provider != "" {
@ -116,7 +151,7 @@ func (c *ApiController) Login() {
// object.LinkMemberAccount(userId, "avatar", avatar) // object.LinkMemberAccount(userId, "avatar", avatar)
//} //}
c.HandleLoggedIn(userId) c.HandleLoggedIn(userId, &form)
} else { } else {
//if object.IsForbidden(userId) { //if object.IsForbidden(userId) {
// c.forbiddenAccountResp(userId) // c.forbiddenAccountResp(userId)
@ -124,7 +159,7 @@ func (c *ApiController) Login() {
//} //}
if userId := object.GetUserIdByField(application, "email", res.Email); userId != "" { if userId := object.GetUserIdByField(application, "email", res.Email); userId != "" {
c.HandleLoggedIn(userId) c.HandleLoggedIn(userId, &form)
if provider.Type == "github" { if provider.Type == "github" {
_ = object.LinkUserAccount(userId, "github", res.Method) _ = object.LinkUserAccount(userId, "github", res.Method)

6
controllers/token.go
View File

@ -69,11 +69,11 @@ func (c *ApiController) DeleteToken() {
c.ServeJSON() c.ServeJSON()
} }
func codeToResponse(code *object.Code) Response { func codeToResponse(code *object.Code) *Response {
if code.Code == "" { if code.Code == "" {
return Response{Status: "error", Msg: code.Message, Data: code.Code} return &Response{Status: "error", Msg: code.Message, Data: code.Code}
} else { } else {
return Response{Status: "ok", Msg: "success", Data: code.Code} return &Response{Status: "ok", Msg: "success", Data: code.Code}
} }
} }

24
object/token.go
View File

@ -123,6 +123,30 @@ func DeleteToken(token *Token) bool {
return affected != 0 return affected != 0
} }
func CheckOAuthLogin(clientId string, responseType string, redirectUri string, scope string, state string) (string, *Application) {
if responseType != "code" {
return "response_type should be \"code\"", nil
}
application := getApplicationByClientId(clientId)
if application == nil {
return "invalid client_id", nil
}
validUri := false
for _, tmpUri := range application.RedirectUris {
if strings.Contains(redirectUri, tmpUri) {
validUri = true
break
}
}
if !validUri {
return "redirect_uri doesn't exist in the allowed Redirect URL list", application
}
return "", application
}
func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string) *Code { func GetOAuthCode(userId string, clientId string, responseType string, redirectUri string, scope string, state string) *Code {
if userId == "" { if userId == "" {
return &Code{ return &Code{

1
routers/router.go
View File

@ -35,6 +35,7 @@ func initAPI() {
beego.Router("/api/register", &controllers.ApiController{}, "POST:Register") beego.Router("/api/register", &controllers.ApiController{}, "POST:Register")
beego.Router("/api/login", &controllers.ApiController{}, "POST:Login") beego.Router("/api/login", &controllers.ApiController{}, "POST:Login")
beego.Router("/api/get-app-login", &controllers.ApiController{}, "GET:GetApplicationLogin")
beego.Router("/api/logout", &controllers.ApiController{}, "POST:Logout") beego.Router("/api/logout", &controllers.ApiController{}, "POST:Logout")
beego.Router("/api/get-account", &controllers.ApiController{}, "GET:GetAccount") beego.Router("/api/get-account", &controllers.ApiController{}, "GET:GetAccount")