fix: add FaceIdSigninBegin() to verify user information before face login (#2815)

* feat: add FaceIdSigninBegin() to verify user information before face login * Update face.go --------- Co-authored-by: Eric Luo <hsluoyz@qq.com>
2025-05-22 18:25:47 +08:00 · 2024-03-18 00:04:12 +08:00 · 2024-03-18 00:04:12 +08:00 · bdf9864f69
commit bdf9864f69
parent 72839d6bf5
27 changed files with 105 additions and 5 deletions
--- a/authz/authz.go
+++ b/authz/authz.go
@ -98,6 +98,7 @@ p, *, *, GET, /api/get-all-objects, *, *
 p, *, *, GET, /api/get-all-actions, *, *
 p, *, *, GET, /api/get-all-roles, *, *
 p, *, *, GET, /api/get-invitation-info, *, *
+p, *, *, GET, /api/faceid-signin-begin, *, *
 `

 		sa := stringadapter.NewAdapter(ruleText)
--- a/controllers/face.go
+++ b/controllers/face.go
@ -0,0 +1,55 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// Casdoor will expose its providers as services to SDK
+// We are going to implement those services as APIs here
+
+package controllers
+
+import (
+	"fmt"
+
+	"github.com/casdoor/casdoor/object"
+	"github.com/casdoor/casdoor/util"
+)
+
+// FaceIDSigninBegin
+// @Title FaceIDSigninBegin
+// @Tag Login API
+// @Description FaceId Login Flow 1st stage
+// @Param   owner     query    string  true        "owner"
+// @Param   name     query    string  true        "name"
+// @Success 200 {object} controllers.Response The Response object
+// @router /faceid-signin-begin [get]
+func (c *ApiController) FaceIDSigninBegin() {
+	userOwner := c.Input().Get("owner")
+	userName := c.Input().Get("name")
+
+	user, err := object.GetUserByFields(userOwner, userName)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+	if user == nil {
+		c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(userOwner, userName)))
+		return
+	}
+
+	if len(user.FaceIds) == 0 {
+		c.ResponseError(c.T("check:Face data does not exist, cannot log in"))
+		return
+	}
+
+	c.ResponseOk()
+}
--- a/routers/router.go
+++ b/routers/router.go
@ -300,4 +300,6 @@ func initAPI() {
 	beego.Router("/cas/:organization/:application/samlValidate", &controllers.RootController{}, "POST:SamlValidate")

 	beego.Router("/scim/*", &controllers.RootController{}, "*:HandleScim")
+
+	beego.Router("/api/faceid-signin-begin", &controllers.ApiController{}, "GET:FaceIDSigninBegin")
 }
--- a/web/src/auth/LoginPage.js
+++ b/web/src/auth/LoginPage.js
@ -346,10 +346,28 @@ class LoginPage extends React.Component {
      return;
    }
    if (this.state.loginMethod === "faceId") {
-      this.setState({
-        openFaceRecognitionModal: true,
-        values: values,
-      });
+      let username = this.state.username;
+      if (username === null || username === "") {
+        username = values["username"];
+      }
+      const application = this.getApplicationObj();
+      fetch(`${Setting.ServerUrl}/api/faceid-signin-begin?owner=${application.organization}&name=${username}`, {
+        method: "GET",
+        credentials: "include",
+        headers: {
+          "Accept-Language": Setting.getAcceptLanguage(),
+        },
+      }).then(res => res.json())
+        .then((res) => {
+          if (res.status === "error") {
+            Setting.showMessage("error", res.msg);
+            return;
+          }
+          this.setState({
+            openFaceRecognitionModal: true,
+            values: values,
+          });
+        });
      return;
    }
    if (this.state.loginMethod === "password" || this.state.loginMethod === "ldap") {
@ -666,7 +684,8 @@ class LoginPage extends React.Component {
          >
            {
              this.state.loginMethod === "webAuthn" ? i18next.t("login:Sign in with WebAuthn") :
-                i18next.t("login:Sign In")
+                this.state.loginMethod === "faceId" ? i18next.t("login:Sign in with Face ID") :
+                  i18next.t("login:Sign In")
            }
          </Button>
          {
--- a/web/src/locales/ar/data.json
+++ b/web/src/locales/ar/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/de/data.json
+++ b/web/src/locales/de/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Umleitung, bitte warten.",
    "Sign In": "Anmelden",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Melden Sie sich mit WebAuthn an",
    "Sign in with {type}": "Melden Sie sich mit {type} an",
    "Signing in...": "Anmelden...",
--- a/web/src/locales/en/data.json
+++ b/web/src/locales/en/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/es/data.json
+++ b/web/src/locales/es/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirigiendo, por favor espera.",
    "Sign In": "Iniciar sesión",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Iniciar sesión con WebAuthn",
    "Sign in with {type}": "Inicia sesión con {tipo}",
    "Signing in...": "Iniciando sesión...",
--- a/web/src/locales/fa/data.json
+++ b/web/src/locales/fa/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/fi/data.json
+++ b/web/src/locales/fi/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/fr/data.json
+++ b/web/src/locales/fr/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Veuillez entrer une organisation pour vous connecter",
    "Redirecting, please wait.": "Redirection en cours, veuillez patienter.",
    "Sign In": "Se connecter",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Connectez-vous avec WebAuthn",
    "Sign in with {type}": "Connectez-vous avec {type}",
    "Signing in...": "Connexion en cours...",
--- a/web/src/locales/he/data.json
+++ b/web/src/locales/he/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/id/data.json
+++ b/web/src/locales/id/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Mengalihkan, harap tunggu.",
    "Sign In": "Masuk",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Masuk dengan WebAuthn",
    "Sign in with {type}": "Masuk dengan {type}",
    "Signing in...": "Masuk...",
--- a/web/src/locales/it/data.json
+++ b/web/src/locales/it/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/ja/data.json
+++ b/web/src/locales/ja/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "リダイレクト中、お待ちください。",
    "Sign In": "サインイン",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "WebAuthnでサインインしてください",
    "Sign in with {type}": "{type}でサインインしてください",
    "Signing in...": "サインイン中...",
--- a/web/src/locales/kk/data.json
+++ b/web/src/locales/kk/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/ko/data.json
+++ b/web/src/locales/ko/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "리디렉팅 중입니다. 잠시 기다려주세요.",
    "Sign In": "로그인",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "WebAuthn으로 로그인하세요",
    "Sign in with {type}": "{type}로 로그인하세요",
    "Signing in...": "로그인 중...",
--- a/web/src/locales/ms/data.json
+++ b/web/src/locales/ms/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/nl/data.json
+++ b/web/src/locales/nl/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/pl/data.json
+++ b/web/src/locales/pl/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/pt/data.json
+++ b/web/src/locales/pt/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecionando, por favor aguarde.",
    "Sign In": "Entrar",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Entrar com WebAuthn",
    "Sign in with {type}": "Entrar com {type}",
    "Signing in...": "Entrando...",
--- a/web/src/locales/ru/data.json
+++ b/web/src/locales/ru/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Перенаправление, пожалуйста, подождите.",
    "Sign In": "Войти",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Войти с помощью WebAuthn",
    "Sign in with {type}": "Войти с помощью {type}",
    "Signing in...": "Вход в систему...",
--- a/web/src/locales/sv/data.json
+++ b/web/src/locales/sv/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/tr/data.json
+++ b/web/src/locales/tr/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Yönlendiriliyor, lütfen bekleyiniz.",
    "Sign In": "Oturum aç",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "{type} ile giriş yap",
    "Signing in...": "Signing in...",
--- a/web/src/locales/uk/data.json
+++ b/web/src/locales/uk/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Redirecting, please wait.",
    "Sign In": "Sign In",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Sign in with WebAuthn",
    "Sign in with {type}": "Sign in with {type}",
    "Signing in...": "Signing in...",
--- a/web/src/locales/vi/data.json
+++ b/web/src/locales/vi/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "Please type an organization to sign in",
    "Redirecting, please wait.": "Đang chuyển hướng, vui lòng đợi.",
    "Sign In": "Đăng nhập",
+    "Sign in with Face ID": "Sign in with Face ID",
    "Sign in with WebAuthn": "Đăng nhập với WebAuthn",
    "Sign in with {type}": "Đăng nhập bằng {type}",
    "Signing in...": "Đăng nhập...",
--- a/web/src/locales/zh/data.json
+++ b/web/src/locales/zh/data.json
@ -494,6 +494,7 @@
    "Please type an organization to sign in": "请输入要登录的组织",
    "Redirecting, please wait.": "正在跳转, 请稍等.",
    "Sign In": "登录",
+    "Sign in with Face ID": "人脸登录",
    "Sign in with WebAuthn": "WebAuthn登录",
    "Sign in with {type}": "{type}登录",
    "Signing in...": "正在登录...",