mirror of
https://github.com/casdoor/casdoor.git
synced 2025-07-02 11:20:18 +08:00
feat: fix bug of using email provider from wrong application (#869)
This commit is contained in:
leoshine
@ -42,14 +42,14 @@ func (c *ApiController) getCurrentUser() *object.User {
|
||||
func (c *ApiController) SendVerificationCode() {
|
||||
destType := c.Ctx.Request.Form.Get("type")
|
||||
dest := c.Ctx.Request.Form.Get("dest")
|
||||
orgId := c.Ctx.Request.Form.Get("organizationId")
|
||||
checkType := c.Ctx.Request.Form.Get("checkType")
|
||||
checkId := c.Ctx.Request.Form.Get("checkId")
|
||||
checkKey := c.Ctx.Request.Form.Get("checkKey")
|
||||
checkUser := c.Ctx.Request.Form.Get("checkUser")
|
||||
applicationId := c.Ctx.Request.Form.Get("applicationId")
|
||||
remoteAddr := util.GetIPFromRequest(c.Ctx.Request)
|
||||
|
||||
if len(destType) == 0 || len(dest) == 0 || len(orgId) == 0 || !strings.Contains(orgId, "/") || len(checkType) == 0 {
|
||||
if destType == "" || dest == "" || applicationId == "" || !strings.Contains(applicationId, "/") || checkType == "" {
|
||||
c.ResponseError("Missing parameter.")
|
||||
return
|
||||
}
|
||||
@ -74,8 +74,8 @@ func (c *ApiController) SendVerificationCode() {
|
||||
}
|
||||
|
||||
user := c.getCurrentUser()
|
||||
organization := object.GetOrganization(orgId)
|
||||
application := object.GetApplicationByOrganizationName(organization.Name)
|
||||
application := object.GetApplication(applicationId)
|
||||
organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
|
||||
|
||||
if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
|
||||
c.ResponseError("Please login first")
|
||||
@ -85,7 +85,7 @@ func (c *ApiController) SendVerificationCode() {
|
||||
sendResp := errors.New("Invalid dest type")
|
||||
|
||||
if user == nil && checkUser != "" && checkUser != "true" {
|
||||
_, name := util.GetOwnerAndNameFromId(orgId)
|
||||
name := application.Organization
|
||||
user = object.GetUser(fmt.Sprintf("%s/%s", name, checkUser))
|
||||
}
|
||||
switch destType {
|
||||
@ -108,13 +108,12 @@ func (c *ApiController) SendVerificationCode() {
|
||||
c.ResponseError("Invalid phone number")
|
||||
return
|
||||
}
|
||||
org := object.GetOrganization(orgId)
|
||||
if org == nil {
|
||||
c.ResponseError("Missing parameter.")
|
||||
if organization == nil {
|
||||
c.ResponseError("The organization doesn't exist.")
|
||||
return
|
||||
}
|
||||
|
||||
dest = fmt.Sprintf("+%s%s", org.PhonePrefix, dest)
|
||||
dest = fmt.Sprintf("+%s%s", organization.PhonePrefix, dest)
|
||||
provider := application.GetSmsProvider()
|
||||
sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, dest)
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ export const ResetModal = (props) => {
|
||||
const [confirmLoading, setConfirmLoading] = React.useState(false);
|
||||
const [dest, setDest] = React.useState("");
|
||||
const [code, setCode] = React.useState("");
|
||||
const {buttonText, destType, org} = props;
|
||||
const {buttonText, destType, application} = props;
|
||||
|
||||
const showModal = () => {
|
||||
setVisible(true);
|
||||
@ -89,7 +89,7 @@ export const ResetModal = (props) => {
|
||||
<CountDownInput
|
||||
textBefore={i18next.t("code:Code You Received")}
|
||||
onChange={setCode}
|
||||
onButtonClickArgs={[dest, destType, `${org?.owner}/${org?.name}`]}
|
||||
onButtonClickArgs={[dest, destType, Setting.getApplicationName(application)]}
|
||||
/>
|
||||
</Row>
|
||||
</Col>
|
||||
|
||||
@ -817,6 +817,10 @@ export function getApplicationOrgName(application) {
|
||||
return `${application?.organizationObj.owner}/${application?.organizationObj.name}`;
|
||||
}
|
||||
|
||||
export function getApplicationName(application) {
|
||||
return `${application?.owner}/${application?.name}`;
|
||||
}
|
||||
|
||||
export function getRandomName() {
|
||||
return Math.random().toString(36).slice(-6);
|
||||
}
|
||||
|
||||
@ -289,7 +289,7 @@ class UserEditPage extends React.Component {
|
||||
}} />
|
||||
</Col>
|
||||
<Col span={11} >
|
||||
{ this.state.user.id === this.props.account?.id ? (<ResetModal org={this.state.application?.organizationObj} buttonText={i18next.t("user:Reset Email...")} destType={"email"} />) : null}
|
||||
{ this.state.user.id === this.props.account?.id ? (<ResetModal application={this.state.application} buttonText={i18next.t("user:Reset Email...")} destType={"email"} />) : null}
|
||||
</Col>
|
||||
</Row>
|
||||
)
|
||||
@ -307,7 +307,7 @@ class UserEditPage extends React.Component {
|
||||
}}/>
|
||||
</Col>
|
||||
<Col span={11} >
|
||||
{ this.state.user.id === this.props.account?.id ? (<ResetModal org={this.state.application?.organizationObj} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
|
||||
{ this.state.user.id === this.props.account?.id ? (<ResetModal application={this.state.application} buttonText={i18next.t("user:Reset Phone...")} destType={"phone"} />) : null}
|
||||
</Col>
|
||||
</Row>
|
||||
)
|
||||
|
||||
@ -351,12 +351,12 @@ class ForgetPage extends React.Component {
|
||||
{this.state.verifyType === "email" ? (
|
||||
<CountDownInput
|
||||
disabled={this.state.username === "" || this.state.verifyType === ""}
|
||||
onButtonClickArgs={[this.state.email, "email", Setting.getApplicationOrgName(this.state.application), this.state.name]}
|
||||
onButtonClickArgs={[this.state.email, "email", Setting.getApplicationName(this.state.application), this.state.name]}
|
||||
/>
|
||||
) : (
|
||||
<CountDownInput
|
||||
disabled={this.state.username === "" || this.state.verifyType === ""}
|
||||
onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationOrgName(this.state.application), this.state.name]}
|
||||
onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationName(this.state.application), this.state.name]}
|
||||
/>
|
||||
)}
|
||||
</Form.Item>
|
||||
|
||||
@ -455,7 +455,7 @@ class LoginPage extends React.Component {
|
||||
>
|
||||
<CountDownInput
|
||||
disabled={this.state.username?.length === 0 || !this.state.validEmailOrPhone}
|
||||
onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationOrgName(application)]}
|
||||
onButtonClickArgs={[this.state.username, this.state.validEmail ? "email" : "phone", Setting.getApplicationName(application)]}
|
||||
/>
|
||||
</Form.Item>
|
||||
) : (
|
||||
|
||||
@ -343,7 +343,7 @@ class SignupPage extends React.Component {
|
||||
>
|
||||
<CountDownInput
|
||||
disabled={!this.state.validEmail}
|
||||
onButtonClickArgs={[this.state.email, "email", Setting.getApplicationOrgName(application)]}
|
||||
onButtonClickArgs={[this.state.email, "email", Setting.getApplicationName(application)]}
|
||||
/>
|
||||
</Form.Item>
|
||||
}
|
||||
@ -395,7 +395,7 @@ class SignupPage extends React.Component {
|
||||
>
|
||||
<CountDownInput
|
||||
disabled={!this.state.validPhone}
|
||||
onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationOrgName(application)]}
|
||||
onButtonClickArgs={[this.state.phone, "phone", Setting.getApplicationName(application)]}
|
||||
/>
|
||||
</Form.Item>
|
||||
</React.Fragment>
|
||||
|
||||
@ -88,14 +88,14 @@ export function setPassword(userOwner, userName, oldPassword, newPassword) {
|
||||
}).then(res => res.json());
|
||||
}
|
||||
|
||||
export function sendCode(checkType, checkId, checkKey, dest, type, orgId, checkUser) {
|
||||
export function sendCode(checkType, checkId, checkKey, dest, type, applicationId, checkUser) {
|
||||
let formData = new FormData();
|
||||
formData.append("checkType", checkType);
|
||||
formData.append("checkId", checkId);
|
||||
formData.append("checkKey", checkKey);
|
||||
formData.append("dest", dest);
|
||||
formData.append("type", type);
|
||||
formData.append("organizationId", orgId);
|
||||
formData.append("applicationId", applicationId);
|
||||
formData.append("checkUser", checkUser);
|
||||
return fetch(`${Setting.ServerUrl}/api/send-verification-code`, {
|
||||
method: "POST",
|
||||
|
||||
Reference in New Issue
Block a user