feat: check user existence when signing in via verification code (#1334)

* fix:check user existence when logining by verification code * fix review problems * Update verification.go Co-authored-by: hsluoyz <hsluoyz@qq.com>
2025-05-23 02:35:49 +08:00 · 2022-11-28 00:11:33 +08:00 · 2022-11-28 00:11:33 +08:00 · fe448cbcf4
commit fe448cbcf4
parent 2ab25df950
1 changed files with 14 additions and 2 deletions
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -92,6 +92,10 @@ func (c *ApiController) SendVerificationCode() {
 	user := c.getCurrentUser()
 	application := object.GetApplication(applicationId)
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
+	if organization == nil {
+		c.ResponseError(c.T("OrgErr.DoNotExist"))
+		return
+	}

 	if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
 		c.ResponseError(c.T("LoginErr.LoginFirst"))
@ -114,6 +118,12 @@ func (c *ApiController) SendVerificationCode() {
 			return
 		}

+		userByEmail := object.GetUserByEmail(organization.Name, dest)
+		if userByEmail == nil {
+			c.ResponseError(c.T("UserErr.DoNotExistSignUp"))
+			return
+		}
+
 		provider := application.GetEmailProvider()
 		sendResp = object.SendVerificationCodeToEmail(organization, user, provider, remoteAddr, dest)
 	case "phone":
@ -124,8 +134,10 @@ func (c *ApiController) SendVerificationCode() {
 			c.ResponseError(c.T("PhoneErr.NumberInvalid"))
 			return
 		}
-		if organization == nil {
-			c.ResponseError(c.T("OrgErr.DoNotExist"))
+
+		userByPhone := object.GetUserByPhone(organization.Name, dest)
+		if userByPhone == nil {
+			c.ResponseError(c.T("UserErr.DoNotExistSignUp"))
 			return
 		}