mirror of
https://github.com/casdoor/casdoor.git
synced 2025-07-15 23:53:49 +08:00
Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| ef14c84edc | |||
| cb5c7667b5 | |||
| 920ed87f75 | |||
| 6598f0ccdf | |||
| 8e71e23d75 | |||
| 146a369f80 | |||
| 9bbe5afb7c | |||
| b42391c6ce | |||
| fb035a5353 |
@ -66,7 +66,11 @@ func GetConfigBool(key string) bool {
|
||||
func GetConfigInt64(key string) (int64, error) {
|
||||
value := GetConfigString(key)
|
||||
num, err := strconv.ParseInt(value, 10, 64)
|
||||
return num, err
|
||||
if err != nil {
|
||||
return 0, fmt.Errorf("GetConfigInt64(%s) error, %s", key, err.Error())
|
||||
}
|
||||
|
||||
return num, nil
|
||||
}
|
||||
|
||||
func GetConfigDataSourceName() string {
|
||||
|
||||
@ -42,6 +42,7 @@ type Response struct {
|
||||
Name string `json:"name"`
|
||||
Data interface{} `json:"data"`
|
||||
Data2 interface{} `json:"data2"`
|
||||
Data3 interface{} `json:"data3"`
|
||||
}
|
||||
|
||||
type Captcha struct {
|
||||
|
||||
@ -132,7 +132,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
if form.Type == ResponseTypeLogin {
|
||||
c.SetSessionUsername(userId)
|
||||
util.LogInfo(c.Ctx, "API: [%s] signed in", userId)
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data2: user.NeedUpdatePassword}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data3: user.NeedUpdatePassword}
|
||||
} else if form.Type == ResponseTypeCode {
|
||||
clientId := c.Input().Get("clientId")
|
||||
responseType := c.Input().Get("responseType")
|
||||
@ -154,7 +154,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
}
|
||||
|
||||
resp = codeToResponse(code)
|
||||
resp.Data2 = user.NeedUpdatePassword
|
||||
resp.Data3 = user.NeedUpdatePassword
|
||||
if application.EnableSigninSession || application.HasPromptPage() {
|
||||
// The prompt page needs the user to be signed in
|
||||
c.SetSessionUsername(userId)
|
||||
@ -168,7 +168,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
token, _ := object.GetTokenByUser(application, user, scope, nonce, c.Ctx.Request.Host)
|
||||
resp = tokenToResponse(token)
|
||||
|
||||
resp.Data2 = user.NeedUpdatePassword
|
||||
resp.Data3 = user.NeedUpdatePassword
|
||||
}
|
||||
} else if form.Type == ResponseTypeDevice {
|
||||
authCache, ok := object.DeviceAuthMap.LoadAndDelete(form.UserCode)
|
||||
@ -195,14 +195,14 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
|
||||
|
||||
object.DeviceAuthMap.Store(authCacheCast.UserName, deviceAuthCacheDeviceCodeCast)
|
||||
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data2: user.NeedUpdatePassword}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: userId, Data3: user.NeedUpdatePassword}
|
||||
} else if form.Type == ResponseTypeSaml { // saml flow
|
||||
res, redirectUrl, method, err := object.GetSamlResponse(application, user, form.SamlRequest, c.Ctx.Request.Host)
|
||||
if err != nil {
|
||||
c.ResponseError(err.Error(), nil)
|
||||
return
|
||||
}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: res, Data2: map[string]interface{}{"redirectUrl": redirectUrl, "method": method, "needUpdatePassword": user.NeedUpdatePassword}}
|
||||
resp = &Response{Status: "ok", Msg: "", Data: res, Data2: map[string]interface{}{"redirectUrl": redirectUrl, "method": method}, Data3: user.NeedUpdatePassword}
|
||||
|
||||
if application.EnableSigninSession || application.HasPromptPage() {
|
||||
// The prompt page needs the user to be signed in
|
||||
|
||||
@ -16,6 +16,7 @@ package controllers
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/beego/beego/utils/pagination"
|
||||
@ -460,7 +461,18 @@ func (c *ApiController) IntrospectToken() {
|
||||
}
|
||||
|
||||
if token != nil {
|
||||
application, err = object.GetApplication(fmt.Sprintf("%s/%s", token.Owner, token.Application))
|
||||
if err != nil {
|
||||
c.ResponseTokenError(err.Error())
|
||||
return
|
||||
}
|
||||
if application == nil {
|
||||
c.ResponseError(fmt.Sprintf(c.T("auth:The application: %s does not exist"), token.Application))
|
||||
return
|
||||
}
|
||||
|
||||
introspectionResponse.TokenType = token.TokenType
|
||||
introspectionResponse.ClientId = application.ClientId
|
||||
}
|
||||
|
||||
c.Data["json"] = introspectionResponse
|
||||
|
||||
@ -574,7 +574,7 @@ func (c *ApiController) SetPassword() {
|
||||
targetUser.LastChangePasswordTime = util.GetCurrentTime()
|
||||
|
||||
if user.Ldap == "" {
|
||||
_, err = object.UpdateUser(userId, targetUser, []string{"password", "need_update_password", "password_type", "last_change_password_time"}, false)
|
||||
_, err = object.UpdateUser(userId, targetUser, []string{"password", "password_salt", "need_update_password", "password_type", "last_change_password_time"}, false)
|
||||
} else {
|
||||
if isAdmin {
|
||||
err = object.ResetLdapPassword(targetUser, "", newPassword, c.GetAcceptLanguage())
|
||||
|
||||
@ -23,7 +23,7 @@ func NewArgon2idCredManager() *Argon2idCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Argon2idCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *Argon2idCredManager) GetHashedPassword(password string, salt string) string {
|
||||
hash, err := argon2id.CreateHash(password, argon2id.DefaultParams)
|
||||
if err != nil {
|
||||
return ""
|
||||
@ -31,7 +31,7 @@ func (cm *Argon2idCredManager) GetHashedPassword(password string, userSalt strin
|
||||
return hash
|
||||
}
|
||||
|
||||
func (cm *Argon2idCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
func (cm *Argon2idCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
match, _ := argon2id.ComparePasswordAndHash(plainPwd, hashedPwd)
|
||||
return match
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ func NewBcryptCredManager() *BcryptCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *BcryptCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *BcryptCredManager) GetHashedPassword(password string, salt string) string {
|
||||
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
return ""
|
||||
@ -17,7 +17,7 @@ func (cm *BcryptCredManager) GetHashedPassword(password string, userSalt string,
|
||||
return string(bytes)
|
||||
}
|
||||
|
||||
func (cm *BcryptCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
func (cm *BcryptCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
err := bcrypt.CompareHashAndPassword([]byte(hashedPwd), []byte(plainPwd))
|
||||
return err == nil
|
||||
}
|
||||
|
||||
@ -15,8 +15,8 @@
|
||||
package cred
|
||||
|
||||
type CredManager interface {
|
||||
GetHashedPassword(password string, userSalt string, organizationSalt string) string
|
||||
IsPasswordCorrect(password string, passwordHash string, userSalt string, organizationSalt string) bool
|
||||
GetHashedPassword(password string, salt string) string
|
||||
IsPasswordCorrect(password string, passwordHash string, salt string) bool
|
||||
}
|
||||
|
||||
func GetCredManager(passwordType string) CredManager {
|
||||
|
||||
@ -37,14 +37,10 @@ func NewMd5UserSaltCredManager() *Md5UserSaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Md5UserSaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
res := getMd5HexDigest(password)
|
||||
if userSalt != "" {
|
||||
res = getMd5HexDigest(res + userSalt)
|
||||
}
|
||||
return res
|
||||
func (cm *Md5UserSaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return getMd5HexDigest(getMd5HexDigest(password) + salt)
|
||||
}
|
||||
|
||||
func (cm *Md5UserSaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Md5UserSaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -28,13 +28,13 @@ func NewPbkdf2SaltCredManager() *Pbkdf2SaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *Pbkdf2SaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
// https://www.keycloak.org/docs/latest/server_admin/index.html#password-database-compromised
|
||||
decodedSalt, _ := base64.StdEncoding.DecodeString(userSalt)
|
||||
decodedSalt, _ := base64.StdEncoding.DecodeString(salt)
|
||||
res := pbkdf2.Key([]byte(password), decodedSalt, 27500, 64, sha256.New)
|
||||
return base64.StdEncoding.EncodeToString(res)
|
||||
}
|
||||
|
||||
func (cm *Pbkdf2SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Pbkdf2SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -32,12 +32,8 @@ func NewPbkdf2DjangoCredManager() *Pbkdf2DjangoCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (m *Pbkdf2DjangoCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (m *Pbkdf2DjangoCredManager) GetHashedPassword(password string, salt string) string {
|
||||
iterations := 260000
|
||||
salt := userSalt
|
||||
if salt == "" {
|
||||
salt = organizationSalt
|
||||
}
|
||||
|
||||
saltBytes := []byte(salt)
|
||||
passwordBytes := []byte(password)
|
||||
@ -46,7 +42,7 @@ func (m *Pbkdf2DjangoCredManager) GetHashedPassword(password string, userSalt st
|
||||
return "pbkdf2_sha256$" + strconv.Itoa(iterations) + "$" + salt + "$" + hashBase64
|
||||
}
|
||||
|
||||
func (m *Pbkdf2DjangoCredManager) IsPasswordCorrect(password string, passwordHash string, userSalt string, organizationSalt string) bool {
|
||||
func (m *Pbkdf2DjangoCredManager) IsPasswordCorrect(password string, passwordHash string, _salt string) bool {
|
||||
parts := strings.Split(passwordHash, "$")
|
||||
if len(parts) != 4 {
|
||||
return false
|
||||
|
||||
@ -21,10 +21,10 @@ func NewPlainCredManager() *PlainCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *PlainCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
func (cm *PlainCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return password
|
||||
}
|
||||
|
||||
func (cm *PlainCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
func (cm *PlainCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == plainPwd
|
||||
}
|
||||
|
||||
@ -37,14 +37,10 @@ func NewSha256SaltCredManager() *Sha256SaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Sha256SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
res := getSha256HexDigest(password)
|
||||
if organizationSalt != "" {
|
||||
res = getSha256HexDigest(res + organizationSalt)
|
||||
}
|
||||
return res
|
||||
func (cm *Sha256SaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return getSha256HexDigest(getSha256HexDigest(password) + salt)
|
||||
}
|
||||
|
||||
func (cm *Sha256SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Sha256SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -23,12 +23,12 @@ func TestGetSaltedPassword(t *testing.T) {
|
||||
password := "123456"
|
||||
salt := "123"
|
||||
cm := NewSha256SaltCredManager()
|
||||
fmt.Printf("%s -> %s\n", password, cm.GetHashedPassword(password, "", salt))
|
||||
fmt.Printf("%s -> %s\n", password, cm.GetHashedPassword(password, salt))
|
||||
}
|
||||
|
||||
func TestGetPassword(t *testing.T) {
|
||||
password := "123456"
|
||||
cm := NewSha256SaltCredManager()
|
||||
// https://passwordsgenerator.net/sha256-hash-generator/
|
||||
fmt.Printf("%s -> %s\n", "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", cm.GetHashedPassword(password, "", ""))
|
||||
fmt.Printf("%s -> %s\n", "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", cm.GetHashedPassword(password, ""))
|
||||
}
|
||||
|
||||
@ -37,14 +37,10 @@ func NewSha512SaltCredManager() *Sha512SaltCredManager {
|
||||
return cm
|
||||
}
|
||||
|
||||
func (cm *Sha512SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
|
||||
res := getSha512HexDigest(password)
|
||||
if organizationSalt != "" {
|
||||
res = getSha512HexDigest(res + organizationSalt)
|
||||
}
|
||||
return res
|
||||
func (cm *Sha512SaltCredManager) GetHashedPassword(password string, salt string) string {
|
||||
return getSha512HexDigest(getSha512HexDigest(password) + salt)
|
||||
}
|
||||
|
||||
func (cm *Sha512SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, userSalt string, organizationSalt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, userSalt, organizationSalt)
|
||||
func (cm *Sha512SaltCredManager) IsPasswordCorrect(plainPwd string, hashedPwd string, salt string) bool {
|
||||
return hashedPwd == cm.GetHashedPassword(plainPwd, salt)
|
||||
}
|
||||
|
||||
@ -220,10 +220,15 @@ func checkSigninErrorTimes(user *User, lang string) error {
|
||||
}
|
||||
|
||||
func CheckPassword(user *User, password string, lang string, options ...bool) error {
|
||||
if password == "" {
|
||||
return fmt.Errorf(i18n.Translate(lang, "check:Password cannot be empty"))
|
||||
}
|
||||
|
||||
enableCaptcha := false
|
||||
if len(options) > 0 {
|
||||
enableCaptcha = options[0]
|
||||
}
|
||||
|
||||
// check the login error times
|
||||
if !enableCaptcha {
|
||||
err := checkSigninErrorTimes(user, lang)
|
||||
@ -236,35 +241,31 @@ func CheckPassword(user *User, password string, lang string, options ...bool) er
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if organization == nil {
|
||||
return fmt.Errorf(i18n.Translate(lang, "check:Organization does not exist"))
|
||||
}
|
||||
|
||||
if password == "" {
|
||||
return fmt.Errorf(i18n.Translate(lang, "check:Password cannot be empty"))
|
||||
}
|
||||
|
||||
passwordType := user.PasswordType
|
||||
if passwordType == "" {
|
||||
passwordType = organization.PasswordType
|
||||
}
|
||||
|
||||
credManager := cred.GetCredManager(passwordType)
|
||||
if credManager != nil {
|
||||
if organization.MasterPassword != "" {
|
||||
if password == organization.MasterPassword || credManager.IsPasswordCorrect(password, organization.MasterPassword, "", organization.PasswordSalt) {
|
||||
return resetUserSigninErrorTimes(user)
|
||||
}
|
||||
}
|
||||
|
||||
if credManager.IsPasswordCorrect(password, user.Password, user.PasswordSalt, organization.PasswordSalt) {
|
||||
return resetUserSigninErrorTimes(user)
|
||||
}
|
||||
|
||||
return recordSigninErrorInfo(user, lang, enableCaptcha)
|
||||
} else {
|
||||
if credManager == nil {
|
||||
return fmt.Errorf(i18n.Translate(lang, "check:unsupported password type: %s"), organization.PasswordType)
|
||||
}
|
||||
|
||||
if organization.MasterPassword != "" {
|
||||
if password == organization.MasterPassword || credManager.IsPasswordCorrect(password, organization.MasterPassword, organization.PasswordSalt) {
|
||||
return resetUserSigninErrorTimes(user)
|
||||
}
|
||||
}
|
||||
|
||||
if !credManager.IsPasswordCorrect(password, user.Password, organization.PasswordSalt) && !credManager.IsPasswordCorrect(password, user.Password, user.PasswordSalt) {
|
||||
return recordSigninErrorInfo(user, lang, enableCaptcha)
|
||||
}
|
||||
|
||||
return resetUserSigninErrorTimes(user)
|
||||
}
|
||||
|
||||
func CheckPasswordComplexityByOrg(organization *Organization, password string) string {
|
||||
|
||||
@ -103,7 +103,7 @@ func GetDashboard(owner string) (*map[string][]int64, error) {
|
||||
func countCreatedBefore(dashboardMapItem DashboardMapItem, before time.Time) int64 {
|
||||
count := dashboardMapItem.itemCount
|
||||
for _, e := range dashboardMapItem.dashboardDateItems {
|
||||
createdTime, _ := time.Parse("2006-01-02T15:04:05-07:00", e.CreatedTime)
|
||||
createdTime, _ := time.Parse(time.RFC3339, e.CreatedTime)
|
||||
if createdTime.Before(before) {
|
||||
count++
|
||||
}
|
||||
|
||||
@ -222,7 +222,7 @@ func UpdateOrganization(id string, organization *Organization, isGlobalAdmin boo
|
||||
if organization.MasterPassword != "" && organization.MasterPassword != "***" {
|
||||
credManager := cred.GetCredManager(organization.PasswordType)
|
||||
if credManager != nil {
|
||||
hashedPassword := credManager.GetHashedPassword(organization.MasterPassword, "", organization.PasswordSalt)
|
||||
hashedPassword := credManager.GetHashedPassword(organization.MasterPassword, organization.PasswordSalt)
|
||||
organization.MasterPassword = hashedPassword
|
||||
}
|
||||
}
|
||||
|
||||
@ -49,17 +49,21 @@ func (plan *Plan) GetId() string {
|
||||
return fmt.Sprintf("%s/%s", plan.Owner, plan.Name)
|
||||
}
|
||||
|
||||
func GetDuration(period string) (startTime time.Time, endTime time.Time) {
|
||||
func getDuration(period string) (string, string, error) {
|
||||
startTime := time.Now()
|
||||
var endTime time.Time
|
||||
|
||||
if period == PeriodYearly {
|
||||
startTime = time.Now()
|
||||
endTime = startTime.AddDate(1, 0, 0)
|
||||
} else if period == PeriodMonthly {
|
||||
startTime = time.Now()
|
||||
endTime = startTime.AddDate(0, 1, 0)
|
||||
} else {
|
||||
panic(fmt.Sprintf("invalid period: %s", period))
|
||||
return "", "", fmt.Errorf("invalid period: %s", period)
|
||||
}
|
||||
return
|
||||
|
||||
startTimeString := startTime.Format(time.RFC3339)
|
||||
endTimeString := endTime.Format(time.RFC3339)
|
||||
return startTimeString, endTimeString, nil
|
||||
}
|
||||
|
||||
func GetPlanCount(owner, field, value string) (int64, error) {
|
||||
|
||||
@ -206,11 +206,17 @@ func BuyProduct(id string, user *User, providerName, pricingName, planName, host
|
||||
if plan == nil {
|
||||
return nil, nil, fmt.Errorf("the plan: %s does not exist", planName)
|
||||
}
|
||||
sub := NewSubscription(owner, user.Name, plan.Name, paymentName, plan.Period)
|
||||
|
||||
sub, err := NewSubscription(owner, user.Name, plan.Name, paymentName, plan.Period)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
_, err = AddSubscription(sub)
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
returnUrl = fmt.Sprintf("%s/buy-plan/%s/%s/result?subscription=%s", originFrontend, owner, pricingName, sub.Name)
|
||||
}
|
||||
}
|
||||
|
||||
@ -48,8 +48,8 @@ type Subscription struct {
|
||||
Plan string `xorm:"varchar(100)" json:"plan"`
|
||||
Payment string `xorm:"varchar(100)" json:"payment"`
|
||||
|
||||
StartTime time.Time `json:"startTime"`
|
||||
EndTime time.Time `json:"endTime"`
|
||||
StartTime string `xorm:"varchar(100)" json:"startTime"`
|
||||
EndTime string `xorm:"varchar(100)" json:"endTime"`
|
||||
Period string `xorm:"varchar(100)" json:"period"`
|
||||
State SubscriptionState `xorm:"varchar(100)" json:"state"`
|
||||
}
|
||||
@ -84,9 +84,19 @@ func (sub *Subscription) UpdateState() error {
|
||||
}
|
||||
|
||||
if sub.State == SubStateActive || sub.State == SubStateUpcoming || sub.State == SubStateExpired {
|
||||
if sub.EndTime.Before(time.Now()) {
|
||||
startTime, err := time.Parse(time.RFC3339, sub.StartTime)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
endTime, err := time.Parse(time.RFC3339, sub.EndTime)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if endTime.Before(time.Now()) {
|
||||
sub.State = SubStateExpired
|
||||
} else if sub.StartTime.After(time.Now()) {
|
||||
} else if startTime.After(time.Now()) {
|
||||
sub.State = SubStateUpcoming
|
||||
} else {
|
||||
sub.State = SubStateActive
|
||||
@ -103,10 +113,15 @@ func (sub *Subscription) UpdateState() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func NewSubscription(owner, userName, planName, paymentName, period string) *Subscription {
|
||||
startTime, endTime := GetDuration(period)
|
||||
func NewSubscription(owner, userName, planName, paymentName, period string) (*Subscription, error) {
|
||||
startTime, endTime, err := getDuration(period)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
id := util.GenerateId()[:6]
|
||||
return &Subscription{
|
||||
|
||||
res := &Subscription{
|
||||
Owner: owner,
|
||||
Name: "sub_" + id,
|
||||
DisplayName: "New Subscription - " + id,
|
||||
@ -121,6 +136,7 @@ func NewSubscription(owner, userName, planName, paymentName, period string) *Sub
|
||||
Period: period,
|
||||
State: SubStatePending, // waiting for payment complete
|
||||
}
|
||||
return res, nil
|
||||
}
|
||||
|
||||
func GetSubscriptionCount(owner, field, value string) (int64, error) {
|
||||
|
||||
@ -42,8 +42,9 @@ func (user *User) UpdateUserHash() error {
|
||||
func (user *User) UpdateUserPassword(organization *Organization) {
|
||||
credManager := cred.GetCredManager(organization.PasswordType)
|
||||
if credManager != nil {
|
||||
hashedPassword := credManager.GetHashedPassword(user.Password, user.PasswordSalt, organization.PasswordSalt)
|
||||
hashedPassword := credManager.GetHashedPassword(user.Password, organization.PasswordSalt)
|
||||
user.Password = hashedPassword
|
||||
user.PasswordType = organization.PasswordType
|
||||
user.PasswordSalt = organization.PasswordSalt
|
||||
}
|
||||
}
|
||||
|
||||
@ -66,6 +66,10 @@ func AutoSigninFilter(ctx *context.Context) {
|
||||
responseError(ctx, err.Error())
|
||||
return
|
||||
}
|
||||
if application == nil {
|
||||
responseError(ctx, fmt.Sprintf("No application is found for userId: app/%s", token.Application))
|
||||
return
|
||||
}
|
||||
|
||||
setSessionUser(ctx, userId)
|
||||
setSessionOidc(ctx, token.Scope, application.ClientId)
|
||||
|
||||
@ -166,7 +166,7 @@ class AuthCallback extends React.Component {
|
||||
const responseType = this.getResponseType();
|
||||
const handleLogin = (res) => {
|
||||
if (responseType === "login") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
@ -176,7 +176,7 @@ class AuthCallback extends React.Component {
|
||||
const link = Setting.getFromLink();
|
||||
Setting.goToLink(link);
|
||||
} else if (responseType === "code") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
@ -185,7 +185,7 @@ class AuthCallback extends React.Component {
|
||||
Setting.goToLink(`${oAuthParams.redirectUri}${concatChar}code=${code}&state=${oAuthParams.state}`);
|
||||
// Setting.showMessage("success", `Authorization code: ${res.data}`);
|
||||
} else if (responseType === "token" || responseType === "id_token") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
@ -207,7 +207,7 @@ class AuthCallback extends React.Component {
|
||||
relayState: oAuthParams.relayState,
|
||||
});
|
||||
} else {
|
||||
if (res.data2.needUpdatePassword) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", signinUrl);
|
||||
Setting.goToLinkSoft(this, `/forget/${applicationName}`);
|
||||
return;
|
||||
|
||||
@ -385,7 +385,7 @@ class ForgetPage extends React.Component {
|
||||
},
|
||||
]}
|
||||
/>
|
||||
<Popover placement="right" content={this.state.passwordPopover} open={this.state.passwordPopoverOpen}>
|
||||
<Popover placement={window.innerWidth >= 960 ? "right" : "top"} content={this.state.passwordPopover} open={this.state.passwordPopoverOpen}>
|
||||
<Form.Item
|
||||
name="newPassword"
|
||||
hidden={this.state.current !== 2}
|
||||
@ -415,7 +415,7 @@ class ForgetPage extends React.Component {
|
||||
}}
|
||||
onFocus={() => {
|
||||
this.setState({
|
||||
passwordPopoverOpen: true,
|
||||
passwordPopoverOpen: application.organizationObj.passwordOptions?.length > 0,
|
||||
passwordPopover: PasswordChecker.renderPasswordPopover(application.organizationObj.passwordOptions, this.form.current?.getFieldValue("newPassword") ?? ""),
|
||||
});
|
||||
}}
|
||||
|
||||
@ -496,9 +496,9 @@ class LoginPage extends React.Component {
|
||||
const responseType = values["type"];
|
||||
|
||||
if (responseType === "login") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", window.location.pathname + window.location.search);
|
||||
Setting.goToLink(this, `/forget/${this.state.applicationName}`);
|
||||
Setting.goToLinkSoft(this, `/forget/${this.state.applicationName}`);
|
||||
}
|
||||
Setting.showMessage("success", i18next.t("application:Logged in successfully"));
|
||||
this.props.onLoginSuccess();
|
||||
@ -510,9 +510,9 @@ class LoginPage extends React.Component {
|
||||
userCodeStatus: "success",
|
||||
});
|
||||
} else if (responseType === "token" || responseType === "id_token") {
|
||||
if (res.data2) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", window.location.pathname + window.location.search);
|
||||
Setting.goToLink(this, `/forget/${this.state.applicationName}`);
|
||||
Setting.goToLinkSoft(this, `/forget/${this.state.applicationName}`);
|
||||
}
|
||||
const amendatoryResponseType = responseType === "token" ? "access_token" : responseType;
|
||||
const accessToken = res.data;
|
||||
@ -522,9 +522,9 @@ class LoginPage extends React.Component {
|
||||
this.props.onLoginSuccess(window.location.href);
|
||||
return;
|
||||
}
|
||||
if (res.data2.needUpdatePassword) {
|
||||
if (res.data3) {
|
||||
sessionStorage.setItem("signinUrl", window.location.pathname + window.location.search);
|
||||
Setting.goToLink(this, `/forget/${this.state.applicationName}`);
|
||||
Setting.goToLinkSoft(this, `/forget/${this.state.applicationName}`);
|
||||
}
|
||||
if (res.data2.method === "POST") {
|
||||
this.setState({
|
||||
|
||||
@ -607,7 +607,7 @@ class SignupPage extends React.Component {
|
||||
}
|
||||
} else if (signupItem.name === "Password") {
|
||||
return (
|
||||
<Popover placement="right" content={this.state.passwordPopover} open={this.state.passwordPopoverOpen}>
|
||||
<Popover placement={window.innerWidth >= 960 ? "right" : "top"} content={this.state.passwordPopover} open={this.state.passwordPopoverOpen}>
|
||||
<Form.Item
|
||||
name="password"
|
||||
className="signup-password"
|
||||
@ -635,7 +635,7 @@ class SignupPage extends React.Component {
|
||||
}}
|
||||
onFocus={() => {
|
||||
this.setState({
|
||||
passwordPopoverOpen: true,
|
||||
passwordPopoverOpen: application.organizationObj.passwordOptions?.length > 0,
|
||||
passwordPopover: PasswordChecker.renderPasswordPopover(application.organizationObj.passwordOptions, this.form.current?.getFieldValue("password") ?? ""),
|
||||
});
|
||||
}}
|
||||
|
||||
@ -132,18 +132,18 @@ export const PasswordModal = (props) => {
|
||||
</Row>
|
||||
) : null}
|
||||
<Row style={{width: "100%", marginBottom: "20px"}}>
|
||||
<Popover placement="right" content={passwordPopover} open={passwordPopoverOpen}>
|
||||
<Popover placement={window.innerWidth >= 960 ? "right" : "top"} content={passwordPopover} open={passwordPopoverOpen}>
|
||||
<Input.Password
|
||||
addonBefore={i18next.t("user:New Password")}
|
||||
placeholder={i18next.t("user:input password")}
|
||||
onChange={(e) => {
|
||||
handleNewPassword(e.target.value);
|
||||
setPasswordPopoverOpen(true);
|
||||
setPasswordPopoverOpen(passwordOptions?.length > 0);
|
||||
setPasswordPopover(PasswordChecker.renderPasswordPopover(passwordOptions, e.target.value));
|
||||
|
||||
}}
|
||||
onFocus={() => {
|
||||
setPasswordPopoverOpen(true);
|
||||
setPasswordPopoverOpen(passwordOptions?.length > 0);
|
||||
setPasswordPopover(PasswordChecker.renderPasswordPopover(passwordOptions, newPassword));
|
||||
}}
|
||||
onBlur={() => {
|
||||
|
||||
Reference in New Issue
Block a user