OMC/be.ems
1
0
Fork 0
Code Issues Releases 3 Activity

系统登录和验证码开关

Browse Source
This commit is contained in:
TsMask
2023-09-06 15:12:51 +08:00
parent 1eed96e9b0
commit 741a5d4bc6
4 changed files with 190 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
features/security/account.go
View File

@@ -3,12 +3,18 @@ package security
import (
"encoding/json"
"fmt"
"image/color"
"io"
"net/http"
"strconv"
"time"
"ems.agt/features/security/service"
sysConfigService "ems.agt/features/sys_config/service"
"ems.agt/lib/core/account"
"ems.agt/lib/core/cache"
"ems.agt/lib/core/conf"
"ems.agt/lib/core/constants/cachekey"
"ems.agt/lib/core/utils/ctx"
"ems.agt/lib/core/vo/result"
"ems.agt/lib/dborm"
@@ -17,6 +23,8 @@ import (
"ems.agt/lib/oauth"
"ems.agt/lib/services"
"ems.agt/restagent/config"
"github.com/go-admin-team/go-admin-core/logger"
"github.com/mojocn/base64Captcha"
)
var (
@@ -26,6 +34,14 @@ var (
CustomUriOauthToken = config.UriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/token"
CustomUriOauthHandshake = config.UriPrefix + "/securityManagement/{apiVersion}/{elementTypeValue}/handshake"
// 系统登录
UriLogin = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/login"
CustomUriLogin = config.UriPrefix + "/securityManagement/{apiVersion}/login"
// 获取验证码
UriCaptchaImage = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/captchaImage"
CustomUriCaptchaImage = config.UriPrefix + "/securityManagement/{apiVersion}/captchaImage"
// 登录用户信息
UriUserInfo = config.DefaultUriPrefix + "/securityManagement/{apiVersion}/getUserInfo"
CustomUriUserInfo = config.UriPrefix + "/securityManagement/{apiVersion}/getUserInfo"
@@ -208,6 +224,163 @@ func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) {
return
}
// 系统登录
//
// POST /login
func LoginOMC(w http.ResponseWriter, r *http.Request) {
log.Info("LoginFromOMC processing... ")
var body struct {
Username string `json:"username" binding:"required"` // Username 用户名
Password string `json:"password" binding:"required"` // Password 用户密码
Code string `json:"code"` // Code 验证码
UUID string `json:"uuid"` // UUID 验证码唯一标识
}
err := ctx.ShouldBindJSON(r, &body)
if err != nil {
log.Error("Invalid Json Format")
ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
return
}
// response 400-5
if body.Username == "" || body.Password == "" {
log.Error("Wrong parameter value")
ctx.JSON(w, 400, result.CodeMsg(400, "参数错误"))
return
}
// 校验验证码
// 从数据库配置获取验证码开关 true开启false关闭
captchaEnabledStr := sysConfigService.NewServiceSysConfig.SelectConfigValueByKey("sys.account.captchaEnabled")
captchaEnabled, err := strconv.ParseBool(captchaEnabledStr)
if err != nil {
captchaEnabled = false
}
if captchaEnabled {
if body.Code == "" || body.UUID == "" {
log.Error("Authentication failed, mismatch captcha")
ctx.JSON(w, 400, result.CodeMsg(400, "验证码信息错误"))
return
}
verifyKey := cachekey.CAPTCHA_CODE_KEY + body.UUID
captcha, ok := cache.GetLocalTTL(verifyKey)
if captcha == nil || !ok {
log.Error("Authentication failed, captcha emtry")
ctx.JSON(w, 400, result.CodeMsg(400, "验证码已失效"))
return
}
cache.DeleteLocalTTL(verifyKey)
if captcha.(string) != body.Code {
log.Error("Authentication failed, not match captcha")
ctx.JSON(w, 400, result.CodeMsg(400, "验证码错误"))
return
}
}
validUser, user, err := dborm.XormCheckLoginUser(body.Username, body.Password, config.GetYamlConfig().Auth.Crypt)
if !validUser || err != nil {
// response 400-4
log.Error("Authentication failed, mismatch user or password")
ctx.JSON(w, 400, result.CodeMsg(400, err.Error()))
return
}
token := oauth.GenRandToken("omc") // Generate new token to session ID
sourceAddr := r.RemoteAddr
affected, err := dborm.XormInsertSession(body.Username, sourceAddr, token,
config.GetExpiresFromConfig(), config.GetYamlConfig().Auth.Session)
if err != nil {
log.Error("Failed to XormInsertSession:", err)
if affected == -1 {
services.ResponseForbidden403MultiLoginNotAllowed(w)
} else {
services.ResponseBadRequest400IncorrectLogin(w)
}
return
}
if user != nil {
// 缓存用户信息
account.CacheLoginUser(user)
ctx.JSON(w, 200, result.OkData(map[string]any{
"accessToken": token,
}))
return
}
ctx.JSON(w, 200, result.Err(nil))
}
// 获取验证码
//
// GET /captchaImage
func CaptchaImage(w http.ResponseWriter, r *http.Request) {
configService := sysConfigService.NewServiceSysConfig
// 从数据库配置获取验证码开关 true开启false关闭
captchaEnabledStr := configService.SelectConfigValueByKey("sys.account.captchaEnabled")
captchaEnabled, err := strconv.ParseBool(captchaEnabledStr)
if err != nil {
captchaEnabled = false
}
if !captchaEnabled {
ctx.JSON(w, 200, result.Ok(map[string]any{
"captchaEnabled": captchaEnabled,
}))
return
}
// 生成唯一标识
verifyKey := ""
data := map[string]any{
"captchaEnabled": captchaEnabled,
"uuid": "",
"img": "data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7",
}
// char 字符验证
driverCaptcha := &base64Captcha.DriverString{
//Height png height in pixel.
Height: 40,
// Width Captcha png width in pixel.
Width: 120,
//NoiseCount text noise count.
NoiseCount: 4,
//Length random string length.
Length: 4,
//Source is a unicode which is the rand string from.
Source: "023456789abcdefghjkmnprstuvwxyz",
//ShowLineOptions := OptionShowHollowLine | OptionShowSlimeLine | OptionShowSineLine .
ShowLineOptions: base64Captcha.OptionShowHollowLine,
//BgColor captcha image background color (optional)
BgColor: &color.RGBA{
R: 250,
G: 250,
B: 250,
A: 255, // 不透明
},
}
// 验证码生成
id, question, answer := driverCaptcha.GenerateIdQuestionAnswer()
// 验证码表达式解析输出
item, err := driverCaptcha.DrawCaptcha(question)
if err != nil {
logger.Infof("Generate Id Question Answer %s : %v", question, err)
} else {
data["uuid"] = id
data["img"] = item.EncodeB64string()
verifyKey = cachekey.CAPTCHA_CODE_KEY + id
cache.SetLocalTTL(verifyKey, answer, 120*time.Second)
}
// 本地开发下返回验证码结果,方便接口调试
// text, ok := cache.GetLocalTTL(verifyKey)
// if ok {
// data["text"] = text.(string)
// }
ctx.JSON(w, 200, result.Ok(data))
}
// 登录用户信息
func UserInfo(w http.ResponseWriter, r *http.Request) {
loginUser, err := ctx.LoginUser(r)