使用Crypto加密, 找回密码, 修改密码修复
This commit is contained in:
lealife
22
app/lea/Pwd.go
Normal file
22
app/lea/Pwd.go
Normal file
@ -0,0 +1,22 @@
|
||||
package lea
|
||||
|
||||
// 对比密码是否一致
|
||||
// 因为之前密码是用md5加密的, 所以通过密码长度来判断
|
||||
// rawPwd 原始, 用户输入的密码
|
||||
func ComparePwd(rawPwd, dbPwd string) bool {
|
||||
if len(dbPwd) == 32 {
|
||||
return Md5(rawPwd) == dbPwd
|
||||
}
|
||||
|
||||
hex := []byte(dbPwd)
|
||||
return CompareHash(hex, rawPwd)
|
||||
}
|
||||
|
||||
// 加密
|
||||
func GenPwd(rawPwd string) string {
|
||||
digest, err := GenerateHash(rawPwd)
|
||||
if err != nil {
|
||||
return ""
|
||||
}
|
||||
return string(digest)
|
||||
}
|
||||
@ -2,36 +2,30 @@ package service
|
||||
|
||||
import (
|
||||
"gopkg.in/mgo.v2/bson"
|
||||
// "github.com/leanote/leanote/app/db"
|
||||
// "github.com/leanote/leanote/app/db"
|
||||
"github.com/leanote/leanote/app/info"
|
||||
// "github.com/revel/revel"
|
||||
"strings"
|
||||
. "github.com/leanote/leanote/app/lea"
|
||||
"fmt"
|
||||
"strconv"
|
||||
// "github.com/revel/revel"
|
||||
"errors"
|
||||
"fmt"
|
||||
. "github.com/leanote/leanote/app/lea"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
// 登录与权限
|
||||
// 登录与权限 Login & Register
|
||||
|
||||
type AuthService struct {
|
||||
}
|
||||
|
||||
// 使用bcrypt认证或者Md5认证
|
||||
// Use bcrypt (Md5 depreciated)
|
||||
func (this *AuthService) Login(emailOrUsername, pwd string) (info.User, error) {
|
||||
emailOrUsername = strings.Trim(emailOrUsername, " ")
|
||||
// pwd = strings.Trim(pwd, " ")
|
||||
// pwd = strings.Trim(pwd, " ")
|
||||
userInfo := userService.GetUserInfoByName(emailOrUsername)
|
||||
passwd := userInfo.Pwd
|
||||
if len(passwd) == 32 && Md5(pwd) != passwd {
|
||||
return userInfo, errors.New("wrong username or password")
|
||||
}
|
||||
if len(passwd) > 32 {
|
||||
hex := []byte(passwd)
|
||||
if !CompareHash(hex, pwd) {
|
||||
return userInfo, errors.New("wrong username or password")
|
||||
}
|
||||
}
|
||||
if userInfo.UserId == "" || !ComparePwd(pwd, userInfo.Pwd) {
|
||||
return userInfo, errors.New("wrong username or password")
|
||||
}
|
||||
return userInfo, nil
|
||||
}
|
||||
|
||||
@ -51,37 +45,35 @@ func (this *AuthService) Register(email, pwd, fromUserId string) (bool, string)
|
||||
if userService.IsExistsUser(email) {
|
||||
return false, "userHasBeenRegistered-" + email
|
||||
}
|
||||
digest, err := GenerateHash(pwd)
|
||||
if err != nil {
|
||||
return false,"GenerateHash error"
|
||||
passwd := GenPwd(pwd)
|
||||
if passwd == "" {
|
||||
return false, "GenerateHash error"
|
||||
}
|
||||
passwd := string(digest)
|
||||
user := info.User{UserId: bson.NewObjectId(), Email: email, Username: email, Pwd: passwd}
|
||||
if fromUserId != "" && IsObjectId(fromUserId) {
|
||||
user.FromUserId = bson.ObjectIdHex(fromUserId)
|
||||
}
|
||||
LogJ(user)
|
||||
return this.register(user)
|
||||
}
|
||||
|
||||
func (this *AuthService) register(user info.User) (bool, string) {
|
||||
if userService.AddUser(user) {
|
||||
// 添加笔记本, 生活, 学习, 工作
|
||||
userId := user.UserId.Hex();
|
||||
userId := user.UserId.Hex()
|
||||
notebook := info.Notebook{
|
||||
Seq: -1,
|
||||
Seq: -1,
|
||||
UserId: user.UserId}
|
||||
title2Id := map[string]bson.ObjectId{"life": bson.NewObjectId(), "study": bson.NewObjectId(), "work": bson.NewObjectId()}
|
||||
for title, objectId := range title2Id {
|
||||
notebook.Title = title
|
||||
notebook.NotebookId = objectId
|
||||
notebook.UserId = user.UserId
|
||||
notebookService.AddNotebook(notebook);
|
||||
notebookService.AddNotebook(notebook)
|
||||
}
|
||||
|
||||
// 添加leanote -> 该用户的共享
|
||||
registerSharedUserId := configService.GetGlobalStringConfig("registerSharedUserId")
|
||||
if(registerSharedUserId != "") {
|
||||
if registerSharedUserId != "" {
|
||||
registerSharedNotebooks := configService.GetGlobalArrMapConfig("registerSharedNotebooks")
|
||||
registerSharedNotes := configService.GetGlobalArrMapConfig("registerSharedNotes")
|
||||
registerCopyNoteIds := configService.GetGlobalArrayConfig("registerCopyNoteIds")
|
||||
@ -89,21 +81,21 @@ func (this *AuthService) register(user info.User) (bool, string) {
|
||||
// 添加共享笔记本
|
||||
for _, notebook := range registerSharedNotebooks {
|
||||
perm, _ := strconv.Atoi(notebook["perm"])
|
||||
shareService.AddShareNotebookToUserId(notebook["notebookId"], perm, registerSharedUserId, userId);
|
||||
shareService.AddShareNotebookToUserId(notebook["notebookId"], perm, registerSharedUserId, userId)
|
||||
}
|
||||
|
||||
// 添加共享笔记
|
||||
for _, note := range registerSharedNotes {
|
||||
perm, _ := strconv.Atoi(note["perm"])
|
||||
shareService.AddShareNoteToUserId(note["noteId"], perm, registerSharedUserId, userId);
|
||||
shareService.AddShareNoteToUserId(note["noteId"], perm, registerSharedUserId, userId)
|
||||
}
|
||||
|
||||
// 复制笔记
|
||||
for _, noteId := range registerCopyNoteIds {
|
||||
note := noteService.CopySharedNote(noteId, title2Id["life"].Hex(), registerSharedUserId, user.UserId.Hex());
|
||||
// Log(noteId)
|
||||
// Log("Copy")
|
||||
// LogJ(note)
|
||||
note := noteService.CopySharedNote(noteId, title2Id["life"].Hex(), registerSharedUserId, user.UserId.Hex())
|
||||
// Log(noteId)
|
||||
// Log("Copy")
|
||||
// LogJ(note)
|
||||
noteUpdate := bson.M{"IsBlog": false} // 不要是博客
|
||||
noteService.UpdateNote(user.UserId.Hex(), note.NoteId.Hex(), noteUpdate, -1)
|
||||
}
|
||||
@ -112,11 +104,11 @@ func (this *AuthService) register(user info.User) (bool, string) {
|
||||
//---------------
|
||||
// 添加一条userBlog
|
||||
blogService.UpdateUserBlog(info.UserBlog{UserId: user.UserId,
|
||||
Title: user.Username + " 's Blog",
|
||||
SubTitle: "Love Leanote!",
|
||||
AboutMe: "Hello, I am (^_^)",
|
||||
Title: user.Username + " 's Blog",
|
||||
SubTitle: "Love Leanote!",
|
||||
AboutMe: "Hello, I am (^_^)",
|
||||
CanComment: true,
|
||||
})
|
||||
})
|
||||
// 添加一个单页面
|
||||
blogService.AddOrUpdateSingle(user.UserId.Hex(), "", "About Me", "Hello, I am (^_^)")
|
||||
}
|
||||
@ -131,7 +123,7 @@ func (this *AuthService) register(user info.User) (bool, string) {
|
||||
func (this *AuthService) getUsername(thirdType, thirdUsername string) (username string) {
|
||||
username = thirdType + "-" + thirdUsername
|
||||
i := 1
|
||||
for ;; {
|
||||
for {
|
||||
if !userService.IsExistsUserByUsername(username) {
|
||||
return
|
||||
}
|
||||
@ -148,10 +140,10 @@ func (this *AuthService) ThirdRegister(thirdType, thirdUserId, thirdUsername str
|
||||
|
||||
username := this.getUsername(thirdType, thirdUsername)
|
||||
userInfo = info.User{UserId: bson.NewObjectId(),
|
||||
Username: username,
|
||||
ThirdUserId: thirdUserId,
|
||||
Username: username,
|
||||
ThirdUserId: thirdUserId,
|
||||
ThirdUsername: thirdUsername,
|
||||
}
|
||||
}
|
||||
_, _ = this.register(userInfo)
|
||||
return
|
||||
}
|
||||
|
||||
@ -295,10 +295,16 @@ func (this *UserService) UpdateAvatar(userId, avatarPath string) (bool) {
|
||||
// 已经登录了的用户修改密码
|
||||
func (this *UserService) UpdatePwd(userId, oldPwd, pwd string) (bool, string) {
|
||||
userInfo := this.GetUserInfo(userId)
|
||||
if userInfo.Pwd != Md5(oldPwd) {
|
||||
if !ComparePwd(oldPwd, userInfo.Pwd) {
|
||||
return false, "oldPasswordError"
|
||||
}
|
||||
ok := db.UpdateByQField(db.Users, bson.M{"_id": bson.ObjectIdHex(userId)}, "Pwd", Md5(pwd))
|
||||
|
||||
passwd := GenPwd(pwd)
|
||||
if passwd == "" {
|
||||
return false, "GenerateHash error"
|
||||
}
|
||||
|
||||
ok := db.UpdateByQField(db.Users, bson.M{"_id": bson.ObjectIdHex(userId)}, "Pwd", passwd)
|
||||
return ok, ""
|
||||
}
|
||||
|
||||
@ -307,7 +313,12 @@ func (this *UserService) ResetPwd(adminUserId, userId, pwd string) (ok bool, msg
|
||||
if configService.GetAdminUserId() != adminUserId {
|
||||
return
|
||||
}
|
||||
ok = db.UpdateByQField(db.Users, bson.M{"_id": bson.ObjectIdHex(userId)}, "Pwd", Md5(pwd))
|
||||
|
||||
passwd := GenPwd(pwd)
|
||||
if passwd == "" {
|
||||
return false, "GenerateHash error"
|
||||
}
|
||||
ok = db.UpdateByQField(db.Users, bson.M{"_id": bson.ObjectIdHex(userId)}, "Pwd", passwd)
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user