llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-02 11:20:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: fix bug of using email provider from wrong application (#869)

Browse Source
This commit is contained in:
leoshine
2022-07-10 00:40:52 +08:00
committed by GitHub
parent 0baae87390
commit b9404f14dc
8 changed files with 23 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
controllers/verification.go
View File

@ -42,14 +42,14 @@ func (c *ApiController) getCurrentUser() *object.User {
func (c *ApiController) SendVerificationCode() { func (c *ApiController) SendVerificationCode() {
destType := c.Ctx.Request.Form.Get("type") destType := c.Ctx.Request.Form.Get("type")
dest := c.Ctx.Request.Form.Get("dest") dest := c.Ctx.Request.Form.Get("dest")
orgId := c.Ctx.Request.Form.Get("organizationId")
checkType := c.Ctx.Request.Form.Get("checkType") checkType := c.Ctx.Request.Form.Get("checkType")
checkId := c.Ctx.Request.Form.Get("checkId") checkId := c.Ctx.Request.Form.Get("checkId")
checkKey := c.Ctx.Request.Form.Get("checkKey") checkKey := c.Ctx.Request.Form.Get("checkKey")
checkUser := c.Ctx.Request.Form.Get("checkUser") checkUser := c.Ctx.Request.Form.Get("checkUser")
applicationId := c.Ctx.Request.Form.Get("applicationId")
remoteAddr := util.GetIPFromRequest(c.Ctx.Request) remoteAddr := util.GetIPFromRequest(c.Ctx.Request)
if len(destType) == 0 || len(dest) == 0 || len(orgId) == 0 || !strings.Contains(orgId, "/") || len(checkType) == 0 { if destType == "" || dest == "" || applicationId == "" || !strings.Contains(applicationId, "/") || checkType == "" {
c.ResponseError("Missing parameter.") c.ResponseError("Missing parameter.")
return return
} }
@ -74,8 +74,8 @@ func (c *ApiController) SendVerificationCode() {
} }
user := c.getCurrentUser() user := c.getCurrentUser()
organization := object.GetOrganization(orgId) application := object.GetApplication(applicationId)
application := object.GetApplicationByOrganizationName(organization.Name) organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil { if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
c.ResponseError("Please login first") c.ResponseError("Please login first")
@ -85,7 +85,7 @@ func (c *ApiController) SendVerificationCode() {
sendResp := errors.New("Invalid dest type") sendResp := errors.New("Invalid dest type")
if user == nil && checkUser != "" && checkUser != "true" { if user == nil && checkUser != "" && checkUser != "true" {
_, name := util.GetOwnerAndNameFromId(orgId) name := application.Organization
user = object.GetUser(fmt.Sprintf("%s/%s", name, checkUser)) user = object.GetUser(fmt.Sprintf("%s/%s", name, checkUser))
} }
switch destType { switch destType {
@ -108,13 +108,12 @@ func (c *ApiController) SendVerificationCode() {
c.ResponseError("Invalid phone number") c.ResponseError("Invalid phone number")
return return
} }
org := object.GetOrganization(orgId) if organization == nil {
if org == nil { c.ResponseError("The organization doesn't exist.")
c.ResponseError("Missing parameter.")
return return
} }
dest = fmt.Sprintf("+%s%s", org.PhonePrefix, dest) dest = fmt.Sprintf("+%s%s", organization.PhonePrefix, dest)
provider := application.GetSmsProvider() provider := application.GetSmsProvider()
sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, dest) sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, dest)
} }

4
web/src/ResetModal.js
View File

@ -25,7 +25,7 @@ export const ResetModal = (props) => {
const [confirmLoading, setConfirmLoading] = React.useState(false); const [confirmLoading, setConfirmLoading] = React.useState(false);
const [dest, setDest] = React.useState(""); const [dest, setDest] = React.useState("");
const [code, setCode] = React.useState(""); const [code, setCode] = React.useState("");
const {buttonText, destType, org} = props; const {buttonText, destType, application} = props;
const showModal = () => { const showModal = () => {
setVisible(true); setVisible(true);
@ -89,7 +89,7 @@ export const ResetModal = (props) => {
<CountDownInput <CountDownInput
textBefore={i18next.t("code:Code You Received")} textBefore={i18next.t("code:Code You Received")}
onChange={setCode} onChange={setCode}
onButtonClickArgs={[dest, destType, `${org?.owner}/${org?.name}`]} onButtonClickArgs={[dest, destType, Setting.getApplicationName(application)]}
/> />
</Row> </Row>
</Col> </Col>

4
web/src/Setting.js
View File

@ -817,6 +817,10 @@ export function getApplicationOrgName(application) {
return `${application?.organizationObj.owner}/${application?.organizationObj.name}`; return `${application?.organizationObj.owner}/${application?.organizationObj.name}`;
} }
export function getApplicationName(application) {
return `${application?.owner}/${application?.name}`;
}
export function getRandomName() { export function getRandomName() {
return Math.random().toString(36).slice(-6); return Math.random().toString(36).slice(-6);
} }

4
web/src/UserEditPage.js
View File

@ -289,7 +289,7 @@ class UserEditPage extends React.Component {
}} /> }} />
</Col> </Col>
<Col span={11} > <Col span={11} >
{ this.state.user.id === this.props.account?.id ? (<ResetModal org={this.state.application?.organizationObj} buttonText={i18next.t("user:Reset Email...")} destType={"email"} />) : null} { this.state.user.id === this.props.account?.id ? (<ResetModal application={this.state.application} buttonText={i18next.t("user:Reset Email...")} destType={"email"} />) : null}
</Col> </Col>
</Row> </Row>
) )
@ -307,7 +307,7 @@ class UserEditPage extends React.Component {
}}/> }}/>
</Col> </Col>
<Col span={11} > <Col span={11} >
{ this.state.user.id === this.props.account?.id ? (<ResetModal org={this.state.application?.organizationObj} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null} { this.state.user.id === this.props.account?.id ? (<ResetModal application={this.state.application} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
</Col> </Col>
</Row> </Row>
) )

4
web/src/auth/ForgetPage.js
View File

@ -351,12 +351,12 @@ class ForgetPage extends React.Component {
{this.state.verifyType === "email" ? ( {this.state.verifyType === "email" ? (
<CountDownInput <CountDownInput
disabled={this.state.username === "" || this.state.verifyType === ""} disabled={this.state.username === "" || this.state.verifyType === ""}
onButtonClickArgs={[this.state.email, "email", Setting.getApplicationOrgName(this.state.application), this.state.name]} onButtonClickArgs={[this.state.email, "email", Setting.getApplicationName(this.state.application), this.state.name]}
/> />
) : ( ) : (
<CountDownInput <CountDownInput
disabled={this.state.username === "" || this.state.verifyType === ""} disabled={this.state.username === "" || this.state.verifyType === ""}
onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationOrgName(this.state.application), this.state.name]} onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationName(this.state.application), this.state.name]}
/> />
)} )}
</Form.Item> </Form.Item>

2
web/src/auth/LoginPage.js
View File

@ -455,7 +455,7 @@ class LoginPage extends React.Component {
> >
<CountDownInput <CountDownInput
disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone} disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone}
onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationOrgName(application)]} onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationName(application)]}
/> />
</Form.Item> </Form.Item>
) : ( ) : (

4
web/src/auth/SignupPage.js
View File

@ -343,7 +343,7 @@ class SignupPage extends React.Component {
> >
<CountDownInput <CountDownInput
disabled={!this.state.validEmail} disabled={!this.state.validEmail}
onButtonClickArgs={[this.state.email, "email", Setting.getApplicationOrgName(application)]} onButtonClickArgs={[this.state.email, "email", Setting.getApplicationName(application)]}
/> />
</Form.Item> </Form.Item>
} }
@ -395,7 +395,7 @@ class SignupPage extends React.Component {
> >
<CountDownInput <CountDownInput
disabled={!this.state.validPhone} disabled={!this.state.validPhone}
onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationOrgName(application)]} onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationName(application)]}
/> />
</Form.Item> </Form.Item>
</React.Fragment> </React.Fragment>

4
web/src/backend/UserBackend.js
View File

@ -88,14 +88,14 @@ export function setPassword(userOwner, userName, oldPassword, newPassword) {
}).then(res => res.json()); }).then(res => res.json());
} }
export function sendCode(checkType, checkId, checkKey, dest, type, orgId, checkUser) { export function sendCode(checkType, checkId, checkKey, dest, type, applicationId, checkUser) {
let formData = new FormData(); let formData = new FormData();
formData.append("checkType", checkType); formData.append("checkType", checkType);
formData.append("checkId", checkId); formData.append("checkId", checkId);
formData.append("checkKey", checkKey); formData.append("checkKey", checkKey);
formData.append("dest", dest); formData.append("dest", dest);
formData.append("type", type); formData.append("type", type);
formData.append("organizationId", orgId); formData.append("applicationId", applicationId);
formData.append("checkUser", checkUser); formData.append("checkUser", checkUser);
return fetch(`${Setting.ServerUrl}/api/send-verification-code`, { return fetch(`${Setting.ServerUrl}/api/send-verification-code`, {
method: "POST", method: "POST",