llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 18:54:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

Improve error handling for CheckVerificationCode()

Browse Source
This commit is contained in:
Yang Luo 2024-02-16 08:53:56 +08:00
parent 7f52755e32
commit d59148890e
4 changed files with 67 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
controllers/account.go
View File

@ -131,7 +131,12 @@ func (c *ApiController) Signup() {
} }
if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && authForm.Email != "" { if application.IsSignupItemVisible("Email") && application.GetSignupItemRule("Email") != "No verification" && authForm.Email != "" {
checkResult := object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage()) var checkResult *object.VerifyResult
checkResult, err = object.CheckVerificationCode(authForm.Email, authForm.EmailCode, c.GetAcceptLanguage())
if err != nil {
c.ResponseError(c.T(err.Error()))
return
}
if checkResult.Code != object.VerificationSuccess { if checkResult.Code != object.VerificationSuccess {
c.ResponseError(checkResult.Msg) c.ResponseError(checkResult.Msg)
return return
@ -141,7 +146,13 @@ func (c *ApiController) Signup() {
var checkPhone string var checkPhone string
if application.IsSignupItemVisible("Phone") && application.GetSignupItemRule("Phone") != "No verification" && authForm.Phone != "" { if application.IsSignupItemVisible("Phone") && application.GetSignupItemRule("Phone") != "No verification" && authForm.Phone != "" {
checkPhone, _ = util.GetE164Number(authForm.Phone, authForm.CountryCode) checkPhone, _ = util.GetE164Number(authForm.Phone, authForm.CountryCode)
checkResult := object.CheckVerificationCode(checkPhone, authForm.PhoneCode, c.GetAcceptLanguage())
var checkResult *object.VerifyResult
checkResult, err = object.CheckVerificationCode(checkPhone, authForm.PhoneCode, c.GetAcceptLanguage())
if err != nil {
c.ResponseError(c.T(err.Error()))
return
}
if checkResult.Code != object.VerificationSuccess { if checkResult.Code != object.VerificationSuccess {
c.ResponseError(checkResult.Msg) c.ResponseError(checkResult.Msg)
return return

17
controllers/verification.go
View File

@ -343,7 +343,12 @@ func (c *ApiController) ResetEmailOrPhone() {
} }
} }
if result := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); result.Code != object.VerificationSuccess { result, err := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage())
if err != nil {
c.ResponseError(c.T(err.Error()))
return
}
if result.Code != object.VerificationSuccess {
c.ResponseError(result.Msg) c.ResponseError(result.Msg)
return return
} }
@ -425,16 +430,22 @@ func (c *ApiController) VerifyCode() {
} }
} }
if result := object.CheckVerificationCode(checkDest, authForm.Code, c.GetAcceptLanguage()); result.Code != object.VerificationSuccess { result, err := object.CheckVerificationCode(checkDest, authForm.Code, c.GetAcceptLanguage())
if err != nil {
c.ResponseError(c.T(err.Error()))
return
}
if result.Code != object.VerificationSuccess {
c.ResponseError(result.Msg) c.ResponseError(result.Msg)
return return
} }
err = object.DisableVerificationCode(checkDest) err = object.DisableVerificationCode(checkDest)
if err != nil { if err != nil {
c.ResponseError(err.Error()) c.ResponseError(err.Error())
return return
} }
c.SetSession("verifiedCode", authForm.Code)
c.SetSession("verifiedCode", authForm.Code)
c.ResponseOk() c.ResponseOk()
} }

15
object/mfa_sms.go
View File

@ -36,9 +36,14 @@ func (mfa *SmsMfa) SetupVerify(passCode string) error {
mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode) mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode)
} }
if result := CheckVerificationCode(mfa.Secret, passCode, "en"); result.Code != VerificationSuccess { result, err := CheckVerificationCode(mfa.Secret, passCode, "en")
if err != nil {
return err
}
if result.Code != VerificationSuccess {
return errors.New(result.Msg) return errors.New(result.Msg)
} }
return nil return nil
} }
@ -70,9 +75,15 @@ func (mfa *SmsMfa) Verify(passCode string) error {
if !util.IsEmailValid(mfa.Secret) { if !util.IsEmailValid(mfa.Secret) {
mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode) mfa.Secret, _ = util.GetE164Number(mfa.Secret, mfa.CountryCode)
} }
if result := CheckVerificationCode(mfa.Secret, passCode, "en"); result.Code != VerificationSuccess {
result, err := CheckVerificationCode(mfa.Secret, passCode, "en")
if err != nil {
return err
}
if result.Code != VerificationSuccess {
return errors.New(result.Msg) return errors.New(result.Msg)
} }
return nil return nil
} }

42
object/verification.go
View File

@ -66,6 +66,7 @@ func IsAllowSend(user *User, remoteAddr, recordType string) error {
if user != nil { if user != nil {
record.User = user.GetId() record.User = user.GetId()
} }
has, err := ormer.Engine.Desc("created_time").Get(&record) has, err := ormer.Engine.Desc("created_time").Get(&record)
if err != nil { if err != nil {
return err return err
@ -94,15 +95,18 @@ func SendVerificationCodeToEmail(organization *Organization, user *User, provide
content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1) content = strings.Replace(content, "%{user.friendlyName}", user.GetFriendlyName(), 1)
} }
if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil { err := IsAllowSend(user, remoteAddr, provider.Category)
if err != nil {
return err return err
} }
if err := SendEmail(provider, title, content, dest, sender); err != nil { err = SendEmail(provider, title, content, dest, sender)
if err != nil {
return err return err
} }
if err := AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code); err != nil { err = AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code)
if err != nil {
return err return err
} }
@ -110,7 +114,8 @@ func SendVerificationCodeToEmail(organization *Organization, user *User, provide
} }
func SendVerificationCodeToPhone(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error { func SendVerificationCodeToPhone(organization *Organization, user *User, provider *Provider, remoteAddr string, dest string) error {
if err := IsAllowSend(user, remoteAddr, provider.Category); err != nil { err := IsAllowSend(user, remoteAddr, provider.Category)
if err != nil {
return err return err
} }
@ -119,11 +124,13 @@ func SendVerificationCodeToPhone(organization *Organization, user *User, provide
code = organization.MasterVerificationCode code = organization.MasterVerificationCode
} }
if err := SendSms(provider, code, dest); err != nil { err = SendSms(provider, code, dest)
if err != nil {
return err return err
} }
if err := AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code); err != nil { err = AddToVerificationRecord(user, provider, remoteAddr, provider.Category, dest, code)
if err != nil {
return err return err
} }
@ -158,6 +165,7 @@ func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordT
func getVerificationRecord(dest string) (*VerificationRecord, error) { func getVerificationRecord(dest string) (*VerificationRecord, error) {
var record VerificationRecord var record VerificationRecord
record.Receiver = dest record.Receiver = dest
has, err := ormer.Engine.Desc("time").Where("is_used = false").Get(&record) has, err := ormer.Engine.Desc("time").Where("is_used = false").Get(&record)
if err != nil { if err != nil {
return nil, err return nil, err
@ -165,34 +173,34 @@ func getVerificationRecord(dest string) (*VerificationRecord, error) {
if !has { if !has {
return nil, nil return nil, nil
} }
return &record, nil return &record, nil
} }
func CheckVerificationCode(dest string, code string, lang string) *VerifyResult { func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult, error) {
record, err := getVerificationRecord(dest) record, err := getVerificationRecord(dest)
if err != nil { if err != nil {
panic(err) return nil, err
} }
if record == nil { if record == nil {
return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:Code has not been sent yet!")} return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:Code has not been sent yet!")}, nil
} }
timeout, err := conf.GetConfigInt64("verificationCodeTimeout") timeout, err := conf.GetConfigInt64("verificationCodeTimeout")
if err != nil { if err != nil {
panic(err) return nil, err
} }
now := time.Now().Unix() now := time.Now().Unix()
if now-record.Time > timeout*60 { if now-record.Time > timeout*60 {
return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)} return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeout)}, nil
} }
if record.Code != code { if record.Code != code {
return &VerifyResult{wrongCodeError, i18n.Translate(lang, "verification:Wrong verification code!")} return &VerifyResult{wrongCodeError, i18n.Translate(lang, "verification:Wrong verification code!")}, nil
} }
return &VerifyResult{VerificationSuccess, ""} return &VerifyResult{VerificationSuccess, ""}, nil
} }
func DisableVerificationCode(dest string) error { func DisableVerificationCode(dest string) error {
@ -213,7 +221,11 @@ func CheckSigninCode(user *User, dest, code, lang string) error {
return err return err
} }
result := CheckVerificationCode(dest, code, lang) result, err := CheckVerificationCode(dest, code, lang)
if err != nil {
return err
}
switch result.Code { switch result.Code {
case VerificationSuccess: case VerificationSuccess:
return resetUserSigninErrorTimes(user) return resetUserSigninErrorTimes(user)