fix: 补充登录用户状态错误提示

2023-08-14 21:13:55 +08:00
parent 5ac2e981ea
commit a039a664f1
2 changed files with 57 additions and 12 deletions
--- a/lib/dborm/dborm.go
+++ b/lib/dborm/dborm.go
@@ -690,7 +690,7 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
 	//	has, err := xEngine.Table("user").Where("name='%s' and password=PASSWORD('%s')", name, password).Get(user)
 	switch cryptArgo {
 	case "mysql":
-		has, err := xEngine.SQL("select * from user where status='Active' and account_id=? and password=PASSWORD(?)", name, password).Exist()
+		has, err := xEngine.SQL("select * from user where account_id=? and password=PASSWORD(?)", name, password).Exist()
 		if err != nil || has == false {
 			log.Error("Failed to check user from database:", err)

@@ -698,13 +698,13 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
 		}
 	case "md5":
 		has, err := xEngine.
-			SQL("select * from user where status='Active' and account_id=? and password=MD5(?)", name, password).Exist()
+			SQL("select * from user where account_id=? and password=MD5(?)", name, password).Exist()
 		if err != nil || has == false {
 			log.Error("Failed to check user from database:", err)
 			return false, nil, err
 		}
 	case "bcrypt":
-		has, err := xEngine.Table("user").Where("status='Active' and account_id=?", name).Get(user)
+		has, err := xEngine.Table("user").Where("account_id=?", name).Get(user)
 		if err != nil || has == false {
 			log.Error("Failed to get user from database:", err)
 			return false, nil, err
@@ -720,6 +720,53 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
 		return false, nil, err
 	}

+	// enum('Active','Closed','Locked','Pending')
+	errMsg := ""
+	switch user.Status {
+	case "Closed":
+		errMsg = "账户已禁用"
+	case "Locked":
+		errMsg = "账户已锁定"
+	case "Pending":
+		errMsg = "账户过期"
+	}
+	if errMsg != "" {
+		log.Error("user Status:%s", errMsg)
+		return false, nil, errors.New(errMsg)
+	}
+
+	// 密码到期时间
+	if user.PasswordExpiration != "" {
+		arr := strings.Split(user.PasswordExpiration, " ")
+		if len(arr) > 0 {
+			t, err := time.Parse("2006-01-02", arr[0])
+			if err != nil {
+				return false, nil, err
+			}
+			if t.Before(time.Now()) {
+				errMsg := "密码到期时间"
+				log.Error("PasswordExpiration:%s", errMsg)
+				return false, nil, errors.New(errMsg)
+			}
+		}
+	}
+
+	// 用户到期时间
+	if user.UserExpiration != "" {
+		arr := strings.Split(user.UserExpiration, " ")
+		if len(arr) > 0 {
+			t, err := time.Parse("2006-01-02", arr[0])
+			if err != nil {
+				return false, nil, err
+			}
+			if t.Before(time.Now()) {
+				errMsg := "用户到期时间"
+				log.Error("UserExpiration:%s", errMsg)
+				return false, nil, errors.New(errMsg)
+			}
+		}
+	}
+
 	return true, user, nil
 }