mirror of
https://github.com/casdoor/casdoor.git
synced 2025-05-23 10:45:47 +08:00
Add RequireSignedInUser()
This commit is contained in:
Gucheng Wang
parent
604033aa02
commit
e1331f314d
@ -258,17 +258,11 @@ func (c *ApiController) Logout() {
|
|||||||
// @Success 200 {object} controllers.Response The Response object
|
// @Success 200 {object} controllers.Response The Response object
|
||||||
// @router /get-account [get]
|
// @router /get-account [get]
|
||||||
func (c *ApiController) GetAccount() {
|
func (c *ApiController) GetAccount() {
|
||||||
userId, ok := c.RequireSignedIn()
|
user, ok := c.RequireSignedInUser()
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
user := object.GetUser(userId)
|
|
||||||
if user == nil {
|
|
||||||
c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
managedAccounts := c.Input().Get("managedAccounts")
|
managedAccounts := c.Input().Get("managedAccounts")
|
||||||
if managedAccounts == "1" {
|
if managedAccounts == "1" {
|
||||||
user = object.ExtendManagedAccountsWithUser(user)
|
user = object.ExtendManagedAccountsWithUser(user)
|
||||||
@ -294,18 +288,16 @@ func (c *ApiController) GetAccount() {
|
|||||||
// @Success 200 {object} object.Userinfo The Response object
|
// @Success 200 {object} object.Userinfo The Response object
|
||||||
// @router /userinfo [get]
|
// @router /userinfo [get]
|
||||||
func (c *ApiController) GetUserinfo() {
|
func (c *ApiController) GetUserinfo() {
|
||||||
userId, ok := c.RequireSignedIn()
|
user, ok := c.RequireSignedInUser()
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
scope, aud := c.GetSessionOidc()
|
scope, aud := c.GetSessionOidc()
|
||||||
host := c.Ctx.Request.Host
|
host := c.Ctx.Request.Host
|
||||||
resp, err := object.GetUserInfo(userId, scope, aud, host)
|
userInfo := object.GetUserInfo(user, scope, aud, host)
|
||||||
if err != nil {
|
|
||||||
c.ResponseError(err.Error())
|
c.Data["json"] = userInfo
|
||||||
return
|
|
||||||
}
|
|
||||||
c.Data["json"] = resp
|
|
||||||
c.ServeJSON()
|
c.ServeJSON()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -29,7 +29,7 @@ type LinkForm struct {
|
|||||||
// @router /unlink [post]
|
// @router /unlink [post]
|
||||||
// @Tag Login API
|
// @Tag Login API
|
||||||
func (c *ApiController) Unlink() {
|
func (c *ApiController) Unlink() {
|
||||||
userId, ok := c.RequireSignedIn()
|
user, ok := c.RequireSignedInUser()
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@ -44,7 +44,6 @@ func (c *ApiController) Unlink() {
|
|||||||
|
|
||||||
// the user will be unlinked from the provider
|
// the user will be unlinked from the provider
|
||||||
unlinkedUser := form.User
|
unlinkedUser := form.User
|
||||||
user := object.GetUser(userId)
|
|
||||||
|
|
||||||
if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin {
|
if user.Id != unlinkedUser.Id && !user.IsGlobalAdmin {
|
||||||
// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
|
// if the user is not the same as the one we are unlinking, we need to make sure the user is the global admin.
|
||||||
|
|||||||
@ -55,13 +55,12 @@ func (c *ApiController) GetPermissions() {
|
|||||||
// @Success 200 {array} object.Permission The Response object
|
// @Success 200 {array} object.Permission The Response object
|
||||||
// @router /get-permissions-by-submitter [get]
|
// @router /get-permissions-by-submitter [get]
|
||||||
func (c *ApiController) GetPermissionsBySubmitter() {
|
func (c *ApiController) GetPermissionsBySubmitter() {
|
||||||
userId, ok := c.RequireSignedIn()
|
user, ok := c.RequireSignedInUser()
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
owner, username := util.GetOwnerAndNameFromId(userId)
|
permissions := object.GetPermissionsBySubmitter(user.Owner, user.Name)
|
||||||
permissions := object.GetPermissionsBySubmitter(owner, username)
|
|
||||||
c.ResponseOk(permissions, len(permissions))
|
c.ResponseOk(permissions, len(permissions))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|||||||
@ -75,6 +75,21 @@ func (c *ApiController) RequireSignedIn() (string, bool) {
|
|||||||
return userId, true
|
return userId, true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// RequireSignedInUser ...
|
||||||
|
func (c *ApiController) RequireSignedInUser() (*object.User, bool) {
|
||||||
|
userId, ok := c.RequireSignedIn()
|
||||||
|
if !ok {
|
||||||
|
return nil, false
|
||||||
|
}
|
||||||
|
|
||||||
|
user := object.GetUser(userId)
|
||||||
|
if user == nil {
|
||||||
|
c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
|
||||||
|
return nil, false
|
||||||
|
}
|
||||||
|
return user, true
|
||||||
|
}
|
||||||
|
|
||||||
func getInitScore() (int, error) {
|
func getInitScore() (int, error) {
|
||||||
return strconv.Atoi(conf.GetConfigString("initScore"))
|
return strconv.Atoi(conf.GetConfigString("initScore"))
|
||||||
}
|
}
|
||||||
|
|||||||
@ -148,17 +148,11 @@ func (c *ApiController) SendVerificationCode() {
|
|||||||
// @Title ResetEmailOrPhone
|
// @Title ResetEmailOrPhone
|
||||||
// @router /api/reset-email-or-phone [post]
|
// @router /api/reset-email-or-phone [post]
|
||||||
func (c *ApiController) ResetEmailOrPhone() {
|
func (c *ApiController) ResetEmailOrPhone() {
|
||||||
userId, ok := c.RequireSignedIn()
|
user, ok := c.RequireSignedInUser()
|
||||||
if !ok {
|
if !ok {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
user := object.GetUser(userId)
|
|
||||||
if user == nil {
|
|
||||||
c.ResponseError(fmt.Sprintf("The user: %s doesn't exist", userId))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
destType := c.Ctx.Request.Form.Get("type")
|
destType := c.Ctx.Request.Form.Get("type")
|
||||||
dest := c.Ctx.Request.Form.Get("dest")
|
dest := c.Ctx.Request.Form.Get("dest")
|
||||||
code := c.Ctx.Request.Form.Get("code")
|
code := c.Ctx.Request.Form.Get("code")
|
||||||
|
|||||||
@ -522,12 +522,7 @@ func DeleteUser(user *User) bool {
|
|||||||
return affected != 0
|
return affected != 0
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetUserInfo(userId string, scope string, aud string, host string) (*Userinfo, error) {
|
func GetUserInfo(user *User, scope string, aud string, host string) *Userinfo {
|
||||||
user := GetUser(userId)
|
|
||||||
if user == nil {
|
|
||||||
return nil, fmt.Errorf("the user: %s doesn't exist", userId)
|
|
||||||
}
|
|
||||||
|
|
||||||
_, originBackend := getOriginFromHost(host)
|
_, originBackend := getOriginFromHost(host)
|
||||||
|
|
||||||
resp := Userinfo{
|
resp := Userinfo{
|
||||||
@ -549,7 +544,7 @@ func GetUserInfo(userId string, scope string, aud string, host string) (*Userinf
|
|||||||
if strings.Contains(scope, "phone") {
|
if strings.Contains(scope, "phone") {
|
||||||
resp.Phone = user.Phone
|
resp.Phone = user.Phone
|
||||||
}
|
}
|
||||||
return &resp, nil
|
return &resp
|
||||||
}
|
}
|
||||||
|
|
||||||
func LinkUserAccount(user *User, field string, value string) bool {
|
func LinkUserAccount(user *User, field string, value string) bool {
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user