fix: 补充登录用户状态错误提示
This commit is contained in:
TsMask
@@ -75,12 +75,12 @@ func LoginFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
services.ResponseBadRequest400IncorrectLogin(w)
|
services.ResponseBadRequest400IncorrectLogin(w)
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
validUser, user, _ := dborm.XormCheckLoginUser(oAuthBody.UserName,
|
validUser, user, err := dborm.XormCheckLoginUser(oAuthBody.UserName,
|
||||||
oAuthBody.Value, config.GetYamlConfig().Auth.Crypt)
|
oAuthBody.Value, config.GetYamlConfig().Auth.Crypt)
|
||||||
if !validUser {
|
if !validUser && err != nil {
|
||||||
// response 400-4
|
// response 400-4
|
||||||
log.Error("Authentication failed, mismatch user or password")
|
log.Error("Authentication failed, mismatch user or password")
|
||||||
services.ResponseBadRequest400IncorrectLogin(w)
|
services.ResponseErrorWithJson(w, 400, err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -98,15 +98,15 @@ func LoginFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
services.ResponseStatusOK200Login(w, token, user)
|
services.ResponseStatusOK200Login(w, token, user)
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func LogoutFromOMC(w http.ResponseWriter, r *http.Request) {
|
func LogoutFromOMC(w http.ResponseWriter, r *http.Request) {
|
||||||
log.Info("LogoutFromOMC processing... ")
|
log.Info("LogoutFromOMC processing... ")
|
||||||
|
|
||||||
// check media type(content type) only support "application/json"
|
// check media type(content type) only support "application/json"
|
||||||
if services.IsVallidContentType(r, config.GetYamlConfig().OMC.CheckContentType) == false {
|
if services.IsVallidContentType(r, !config.GetYamlConfig().OMC.CheckContentType) {
|
||||||
log.Error("Invalid Content-Type")
|
log.Error("Invalid Content-Type")
|
||||||
services.ResponseUnsupportedMediaType415(w)
|
services.ResponseUnsupportedMediaType415(w)
|
||||||
return
|
return
|
||||||
@@ -122,7 +122,7 @@ func LogoutFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
// error processing ...
|
// error processing ...
|
||||||
// 401-1 response
|
// 401-1 response
|
||||||
token, ret := oauth.IsCarriedToken(r)
|
token, ret := oauth.IsCarriedToken(r)
|
||||||
if ret == false {
|
if !ret {
|
||||||
log.Error("AccessToken is not carried")
|
log.Error("AccessToken is not carried")
|
||||||
services.ResponseUnauthorized401AccessTokenNotCarried(w)
|
services.ResponseUnauthorized401AccessTokenNotCarried(w)
|
||||||
return
|
return
|
||||||
@@ -135,7 +135,6 @@ func LogoutFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
services.ResponseStatusOK200Null(w)
|
services.ResponseStatusOK200Null(w)
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) {
|
func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) {
|
||||||
@@ -158,7 +157,7 @@ func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
// error processing ...
|
// error processing ...
|
||||||
// 401-1 response
|
// 401-1 response
|
||||||
token, ret := oauth.IsCarriedToken(r)
|
token, ret := oauth.IsCarriedToken(r)
|
||||||
if ret == false {
|
if !ret {
|
||||||
log.Error("AccessToken is not carried")
|
log.Error("AccessToken is not carried")
|
||||||
services.ResponseUnauthorized401AccessTokenNotCarried(w)
|
services.ResponseUnauthorized401AccessTokenNotCarried(w)
|
||||||
return
|
return
|
||||||
@@ -171,5 +170,4 @@ func HandshakeFromOMC(w http.ResponseWriter, r *http.Request) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
services.ResponseStatusOK200Null(w)
|
services.ResponseStatusOK200Null(w)
|
||||||
return
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -690,7 +690,7 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
|
|||||||
// has, err := xEngine.Table("user").Where("name='%s' and password=PASSWORD('%s')", name, password).Get(user)
|
// has, err := xEngine.Table("user").Where("name='%s' and password=PASSWORD('%s')", name, password).Get(user)
|
||||||
switch cryptArgo {
|
switch cryptArgo {
|
||||||
case "mysql":
|
case "mysql":
|
||||||
has, err := xEngine.SQL("select * from user where status='Active' and account_id=? and password=PASSWORD(?)", name, password).Exist()
|
has, err := xEngine.SQL("select * from user where account_id=? and password=PASSWORD(?)", name, password).Exist()
|
||||||
if err != nil || has == false {
|
if err != nil || has == false {
|
||||||
log.Error("Failed to check user from database:", err)
|
log.Error("Failed to check user from database:", err)
|
||||||
|
|
||||||
@@ -698,13 +698,13 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
|
|||||||
}
|
}
|
||||||
case "md5":
|
case "md5":
|
||||||
has, err := xEngine.
|
has, err := xEngine.
|
||||||
SQL("select * from user where status='Active' and account_id=? and password=MD5(?)", name, password).Exist()
|
SQL("select * from user where account_id=? and password=MD5(?)", name, password).Exist()
|
||||||
if err != nil || has == false {
|
if err != nil || has == false {
|
||||||
log.Error("Failed to check user from database:", err)
|
log.Error("Failed to check user from database:", err)
|
||||||
return false, nil, err
|
return false, nil, err
|
||||||
}
|
}
|
||||||
case "bcrypt":
|
case "bcrypt":
|
||||||
has, err := xEngine.Table("user").Where("status='Active' and account_id=?", name).Get(user)
|
has, err := xEngine.Table("user").Where("account_id=?", name).Get(user)
|
||||||
if err != nil || has == false {
|
if err != nil || has == false {
|
||||||
log.Error("Failed to get user from database:", err)
|
log.Error("Failed to get user from database:", err)
|
||||||
return false, nil, err
|
return false, nil, err
|
||||||
@@ -720,6 +720,53 @@ func XormCheckLoginUser(name, password, cryptArgo string) (bool, *User, error) {
|
|||||||
return false, nil, err
|
return false, nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// enum('Active','Closed','Locked','Pending')
|
||||||
|
errMsg := ""
|
||||||
|
switch user.Status {
|
||||||
|
case "Closed":
|
||||||
|
errMsg = "账户已禁用"
|
||||||
|
case "Locked":
|
||||||
|
errMsg = "账户已锁定"
|
||||||
|
case "Pending":
|
||||||
|
errMsg = "账户过期"
|
||||||
|
}
|
||||||
|
if errMsg != "" {
|
||||||
|
log.Error("user Status:%s", errMsg)
|
||||||
|
return false, nil, errors.New(errMsg)
|
||||||
|
}
|
||||||
|
|
||||||
|
// 密码到期时间
|
||||||
|
if user.PasswordExpiration != "" {
|
||||||
|
arr := strings.Split(user.PasswordExpiration, " ")
|
||||||
|
if len(arr) > 0 {
|
||||||
|
t, err := time.Parse("2006-01-02", arr[0])
|
||||||
|
if err != nil {
|
||||||
|
return false, nil, err
|
||||||
|
}
|
||||||
|
if t.Before(time.Now()) {
|
||||||
|
errMsg := "密码到期时间"
|
||||||
|
log.Error("PasswordExpiration:%s", errMsg)
|
||||||
|
return false, nil, errors.New(errMsg)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// 用户到期时间
|
||||||
|
if user.UserExpiration != "" {
|
||||||
|
arr := strings.Split(user.UserExpiration, " ")
|
||||||
|
if len(arr) > 0 {
|
||||||
|
t, err := time.Parse("2006-01-02", arr[0])
|
||||||
|
if err != nil {
|
||||||
|
return false, nil, err
|
||||||
|
}
|
||||||
|
if t.Before(time.Now()) {
|
||||||
|
errMsg := "用户到期时间"
|
||||||
|
log.Error("UserExpiration:%s", errMsg)
|
||||||
|
return false, nil, errors.New(errMsg)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return true, user, nil
|
return true, user, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user