67 lines
1.3 KiB
Go
67 lines
1.3 KiB
Go
package service
|
|
|
|
import (
|
|
"crypto/x509"
|
|
"encoding/base64"
|
|
"encoding/pem"
|
|
"errors"
|
|
"omc/ca"
|
|
"omc/conf"
|
|
"omc/core/db"
|
|
"omc/core/utils"
|
|
"omc/handle/model"
|
|
|
|
"github.com/aceld/zinx/zlog"
|
|
)
|
|
|
|
// UserLogin 用户登录
|
|
func UserLogin(name, passwd string) error {
|
|
// 用户名密码校验
|
|
var user model.User
|
|
err := db.Client.Model(&model.User{}).Where("account_id=?", name).First(&user).Error
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
if err := utils.Compare(user.Password, passwd); err != nil {
|
|
zlog.Ins().ErrorF("Password Login[%s]:%s", name, err)
|
|
return errors.New("incorrect username and password")
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func CMCALogin(source, sign, cert string) (login bool, err error) {
|
|
defer func() {
|
|
if r := recover(); r != nil {
|
|
zlog.Ins().ErrorF("CMCALogin panic:%v", r)
|
|
}
|
|
}()
|
|
//base64 解码签名数据
|
|
signBytes, err := base64.StdEncoding.DecodeString(sign)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
//证书加载
|
|
block, _ := pem.Decode([]byte(cert))
|
|
|
|
//证书解析
|
|
certBody, err := x509.ParseCertificate(block.Bytes)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
|
|
//证书校验
|
|
if conf.OmcConf.CA.Check {
|
|
if err := ca.VerifyCert(certBody); err != nil {
|
|
return false, err
|
|
}
|
|
}
|
|
|
|
//签名验证
|
|
err = ca.VerifyRSA([]byte(source), signBytes, certBody)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
return true, nil
|
|
}
|