登录 注册
开源 企业版 高校版 私有云 模力方舟
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 2 Fork 0

Eolink/apinto-dashboard

代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
克隆/下载
account.go 6.47 KB
一键复制 编辑 原始数据 按行查看 历史
choosy 提交于 2022-09-28 19:10 +08:00 . 兼容应用模块
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230
package apinto_dashboard



import (

	"fmt"

	"net/http"

	"net/url"

	"strings"

	"time"



	"github.com/eolinker/apinto-dashboard/internal/template"

	"github.com/eolinker/eosc/log"

	"github.com/go-basic/uuid"

)



const (

	SessionName = "SESSIONID"

	CallBack    = "callback"

)



type AccountHandler struct {

	userDetailsService IUserDetailsService

	sessionManager     *SessionManager

	serHandler         http.Handler

	blackList          map[string]bool

}



func (h *AccountHandler) logoutHandler(w http.ResponseWriter, r *http.Request) {

	sessionCookie, err := r.Cookie(SessionName)

	if err == nil {

		if sessionCookie.Value != "" {

			userDetails, has := h.sessionManager.Get(sessionCookie.Value)

			if has {

				userName := userDetails.GetUsername()

				AddActivityLog(r, userName, OptLogout, "system", "退出登录", []*Arg{{Key: "username", Value: userName}})

			}



			h.sessionManager.Delete(sessionCookie.Value)

			sessionCookie.Value = ""

			http.SetCookie(w, sessionCookie)



		}

	}



	h.toLogin(w, r, "/")



}



func (h *AccountHandler) toLogin(w http.ResponseWriter, request *http.Request, callback string) {

	vs := url.Values{}

	vs.Set(CallBack, callback)

	http.Redirect(w, request, fmt.Sprintf("/login?%s", vs.Encode()), http.StatusSeeOther)

}



func (h *AccountHandler) loginHandler(w http.ResponseWriter, request *http.Request) {

	switch request.Method {

	case http.MethodGet:

		{

			template.Execute(w, "login", map[string]interface{}{

				"code":   0,

				CallBack: request.URL.Query().Get(CallBack),

			})

			return

		}

	case http.MethodPost:

		h.Post(w, request)

	default:

		http.Error(w, http.StatusText(http.StatusMethodNotAllowed), http.StatusMethodNotAllowed)

		return

	}

}

func (h *AccountHandler) Post(w http.ResponseWriter, r *http.Request) {

	err := r.ParseForm()

	if err != nil {

		http.Error(w, err.Error(), http.StatusInternalServerError)

		return

	}

	callback := r.FormValue(CallBack)

	if callback == "" {

		callback = "/"

	}

	userName := r.FormValue("username")

	if userName == "" {

		template.Execute(w, "login", map[string]interface{}{

			"code":    1,

			"message": "user name mush input",

		})

		return

	}

	password := r.FormValue("password")

	if password == "" {

		template.Execute(w, "login", map[string]interface{}{

			"code":    2,

			"message": "password mash input",

		})

		return

	}



	userDetails, err := h.userDetailsService.LoadUserByUsername(userName)

	if err != nil {

		template.Execute(w, "login", map[string]interface{}{

			"code":    3,

			"message": "username not exist",

		})

		AddActivityLog(r, "unknown", OptLogin, "system", "登陆失败,用户不存在", []*Arg{{Key: "username", Value: userName}, {Key: "callback", Value: callback}})



		return

	}

	if !strings.EqualFold(password, userDetails.GetPassword()) {

		template.Execute(w, "login", map[string]interface{}{

			"code":    4,

			"message": "username or password wrong",

		})

		AddActivityLog(r, "unknown", OptLogin, "system", "登陆失败,密码错误", []*Arg{{Key: "username", Value: userName}, {Key: "callback", Value: callback}})



		return

	}

	if !userDetails.IsAccountNonExpired() {

		template.Execute(w, "login", map[string]interface{}{

			"code":    5,

			"message": "user is expired",

		})

		AddActivityLog(r, userDetails.GetUsername(), OptLogin, "system", "登陆失败,用户已过期", []*Arg{{Key: "username", Value: userName}, {Key: "callback", Value: callback}})



		return

	}

	if !userDetails.IsEnabled() {

		template.Execute(w, "login", map[string]interface{}{

			"code":    6,

			"message": "user is not enabled",

		})

		AddActivityLog(r, userDetails.GetUsername(), OptLogin, "system", "登陆失败,用户未激活", nil)



		return

	}

	if !userDetails.IsAccountNonLocked() {

		template.Execute(w, "login", map[string]interface{}{

			"code":    7,

			"message": "user is locked",

		})

		AddActivityLog(r, userDetails.GetUsername(), OptLogin, "system", "登陆失败,用户已锁定", []*Arg{{Key: "username", Value: userName}, {Key: "callback", Value: callback}})



		return

	}

	if !userDetails.IsCredentialsNonExpired() {

		template.Execute(w, "login", map[string]interface{}{

			"code":    8,

			"message": "user is credentials expires",

		})

		AddActivityLog(r, userDetails.GetUsername(), OptLogin, "system", "登陆失败,证书已过期", []*Arg{{Key: "username", Value: userName}, {Key: "callback", Value: callback}})



		return

	}

	sessionId := uuid.New()

	h.sessionManager.Set(sessionId, userDetails)

	cookie := &http.Cookie{

		Name:  SessionName,

		Value: sessionId,

		Path:  "/",

	}

	isRemember := r.FormValue("remember") == "remember-me"

	if isRemember {

		cookie.Expires = time.Now().Add(time.Hour * 24)

	}

	http.SetCookie(w, cookie)



	AddActivityLog(r, userDetails.GetUsername(), OptLogin, "system", "成功登陆", []*Arg{{Key: "username", Value: userName}, {Key: "callback", Value: callback}})

	http.Redirect(w, r, callback, http.StatusFound)

	//h.serHandler.ServeHTTP(w, setUserDetailsToRequest(r, userDetails))

}

func (h *AccountHandler) Api(w http.ResponseWriter, r *http.Request) {

	log.Debug("request api:", r.Method, " ", r.RequestURI)

	sessionCookie, err := r.Cookie(SessionName)

	if err != nil {



		return

	}

	userDetails, has := h.sessionManager.Get(sessionCookie.Value)

	if !has {

		return

	}

	h.serHandler.ServeHTTP(w, setUserDetailsToRequest(r, userDetails))



}

func NewAccountHandler(userDetailsService IUserDetailsService, ser http.Handler, blacklist []string) http.Handler {



	srv := &http.ServeMux{}



	accountHandler := &AccountHandler{

		userDetailsService: userDetailsService,

		sessionManager:     NewSessionManager(),

		serHandler:         ser,

		blackList:          make(map[string]bool),

	}



	for _, p := range blacklist {

		srv.Handle(p, ser)

	}

	srv.Handle("/favicon.ico", ser)

	srv.HandleFunc("/login", accountHandler.loginHandler)

	srv.HandleFunc("/logout", accountHandler.logoutHandler)

	srv.HandleFunc("/api/", accountHandler.Api)

	srv.HandleFunc("/profession/", accountHandler.Api)

	srv.HandleFunc("/setting/", accountHandler.Api)

	srv.HandleFunc("/", accountHandler.View)

	return srv

}



func (h *AccountHandler) View(w http.ResponseWriter, r *http.Request) {

	sessionCookie, err := r.Cookie(SessionName)

	if err != nil {

		h.toLogin(w, r, r.RequestURI)

		return

	}

	userDetails, has := h.sessionManager.Get(sessionCookie.Value)

	if !has {

		h.toLogin(w, r, r.RequestURI)

		return

	}



	if !sessionCookie.Expires.IsZero() {

		sessionCookie.Expires = time.Now().Add(time.Hour * 24)

		http.SetCookie(w, sessionCookie) // 更新sesion过期时间

	}



	h.serHandler.ServeHTTP(w, setUserDetailsToRequest(r, userDetails))

}



func (h *AccountHandler) Clear() {



}
Loading...
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
JavaScript
1
https://gitee.com/eolink_admin/apinto-dashboard.git
git@gitee.com:eolink_admin/apinto-dashboard.git
eolink_admin
apinto-dashboard
apinto-dashboard
main
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
评论
仓库举报
回到顶部