Ejemplo n.º 1
0
func (this *UserController) ChangePassword() {
	oldPassword := strings.TrimSpace(this.GetString("old_password", ""))
	newPassword := strings.TrimSpace(this.GetString("new_password", ""))
	repeatPassword := strings.TrimSpace(this.GetString("repeat_password", ""))

	if newPassword != repeatPassword {
		this.ServeErrJson("password not equal the repeart one")
		return
	}

	me := this.Ctx.Input.GetData("CurrentUser").(*User)
	if me.Passwd != str.Md5Encode(g.Config().Salt+oldPassword) {
		this.ServeErrJson("old password error")
		return
	}

	newPass := str.Md5Encode(g.Config().Salt + newPassword)
	if me.Passwd == newPass {
		this.ServeOKJson()
		return
	}

	me.Passwd = newPass
	_, err := me.Update()
	if err != nil {
		this.ServeErrJson("occur error " + err.Error())
		return
	}

	RemoveSessionByUid(me.Id)
	this.ServeOKJson()
}
Ejemplo n.º 2
0
func (this *AuthController) RegisterPost() {
	if !g.Config().CanRegister {
		this.ServeErrJson("registration system is not open")
		return
	}

	name := strings.TrimSpace(this.GetString("name", ""))
	password := strings.TrimSpace(this.GetString("password", ""))
	repeatPassword := strings.TrimSpace(this.GetString("repeat_password", ""))

	if password != repeatPassword {
		this.ServeErrJson("password not equal the repeart one")
		return
	}

	if !utils.IsUsernameValid(name) {
		this.ServeErrJson("name pattern is invalid")
		return
	}

	if ReadUserIdByName(name) > 0 {
		this.ServeErrJson("name is already existent")
		return
	}

	lastId, err := InsertRegisterUser(name, str.Md5Encode(g.Config().Salt+password))
	if err != nil {
		this.ServeErrJson("insert user fail " + err.Error())
		return
	}

	this.CreateSession(lastId, 3600*24*30)

	this.ServeOKJson()
}
Ejemplo n.º 3
0
func (this *AuthController) renderLoginPage(sig, callback string) {
	this.Data["CanRegister"] = g.Config().CanRegister
	this.Data["LdapEnabled"] = g.Config().Ldap.Enabled
	this.Data["Sig"] = sig
	this.Data["Callback"] = callback
	this.TplNames = "auth/login.html"
}
Ejemplo n.º 4
0
func Start() {
	if !g.Config().Http.Enabled {
		return
	}

	addr := g.Config().Http.Listen
	if addr == "" {
		return
	}

	home.ConfigRoutes()
	uic.ConfigRoutes()

	beego.AddFuncMap("member", uic_model.MembersByTeamId)
	beego.Run(addr)
}
Ejemplo n.º 5
0
func InitDatabase() {
	// set default database
	config := g.Config()
	orm.RegisterDataBase("default", "mysql", config.Uic.Addr, config.Uic.Idle, config.Uic.Max)

	// register model
	orm.RegisterModel(new(User), new(Team), new(Session), new(RelTeamUser))

	if config.Log == "debug" {
		orm.Debug = true
	}
}
Ejemplo n.º 6
0
func InitCache() {
	cfg := g.Config()
	if !cfg.Cache.Enabled {
		return
	}

	cache.InitCache(
		cfg.Cache.Redis,
		cfg.Cache.Idle,
		cfg.Cache.Max,
		time.Duration(cfg.Cache.Timeout.Conn)*time.Millisecond,
		time.Duration(cfg.Cache.Timeout.Read)*time.Millisecond,
		time.Duration(cfg.Cache.Timeout.Write)*time.Millisecond,
		time.Hour,
	)
}
Ejemplo n.º 7
0
func (this *UserController) About() {
	name := this.Ctx.Input.Param(":name")
	var u *User
	if !g.Config().Ldap.Enabled {
		u = ReadUserByName(name)
	} else {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			name,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]

			u = &User{
				Name:    name,
				Passwd:  "",
				Cnname:  userSn,
				Phone:   userTel,
				Email:   userMail,
				Created: time.Now(),
			}

			udb := ReadUserByName(name)
			if udb != nil {
				u.QQ = udb.QQ
				u.IM = udb.IM
			}
		}
	}

	if u == nil {
		this.NotFound("no such user")
		return
	}

	this.Data["User"] = u
	this.TplName = "user/about.html"
}
Ejemplo n.º 8
0
func (this *UserController) CreateRoot() {
	password := strings.TrimSpace(this.GetString("password", ""))
	if password == "" {
		this.Ctx.Output.Body([]byte("password is blank"))
		return
	}

	userPtr := &User{
		Name:   "root",
		Passwd: str.Md5Encode(g.Config().Salt + password),
		Role:   2,
	}

	_, err := userPtr.Save()
	if err != nil {
		this.Ctx.Output.Body([]byte(err.Error()))
	} else {
		this.Ctx.Output.Body([]byte("success"))
	}
}
Ejemplo n.º 9
0
Archivo: main.go Proyecto: niean/fe
func main() {
	cfg := flag.String("c", "cfg.json", "configuration file")
	version := flag.Bool("v", false, "show version")
	flag.Parse()

	if *version {
		fmt.Println(g.VERSION)
		os.Exit(0)
	}

	// parse config
	if err := g.ParseConfig(*cfg); err != nil {
		log.Fatalln(err)
	}

	logger.SetLevelWithDefault(g.Config().Log, "info")

	model.InitDatabase()
	cache.InitCache()

	http.Start()
}
Ejemplo n.º 10
0
func (this *UserController) ResetPassword() {
	password := this.GetString("password", "")
	if password == "" {
		this.ServeErrJson("password is blank")
		return
	}

	targetUser := this.Ctx.Input.GetData("TargetUser").(*User)
	if targetUser.Name == "root" {
		this.ServeErrJson("no privilege")
		return
	}

	targetUser.Passwd = str.Md5Encode(g.Config().Salt + password)
	_, err := targetUser.Update()
	if err != nil {
		this.ServeErrJson("occur error " + err.Error())
		return
	}

	this.ServeOKJson()
}
Ejemplo n.º 11
0
	}

	ctx.Input.SetData("CurrentUser", u)
}

var FilterTargetUser = func(ctx *context.Context) {
	userName := ctx.Input.Query("name")
	if userName == "" {
		ctx.ResponseWriter.WriteHeader(403)
		ctx.ResponseWriter.Write([]byte("Name is necessary"))
		return
	}

	u := uic.ReadUserByName(userName)
	if u == nil {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			userName,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""

		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["mobile"]
		}
Ejemplo n.º 12
0
func (this *HomeController) Get() {
	this.Data["Shortcut"] = g.Config().Shortcut
	this.TplName = "home/index.html"
}
Ejemplo n.º 13
0
func (this *AuthController) LoginPost() {
	name := this.GetString("name", "")
	password := this.GetString("password", "")

	if name == "" || password == "" {
		this.ServeErrJson("name or password is blank")
		return
	}

	var u *User

	ldapEnabled := this.MustGetBool("ldap", false)

	if ldapEnabled {
		sucess, err := utils.LdapBind(g.Config().Ldap.Addr, name, password)
		if err != nil {
			this.ServeErrJson(err.Error())
			return
		}

		if !sucess {
			this.ServeErrJson("name or password error")
			return
		}

		arr := strings.Split(name, "@")
		var userName, userEmail string
		if len(arr) == 2 {
			userName = arr[0]
			userEmail = name
		} else {
			userName = name
			userEmail = ""
		}

		u = ReadUserByName(userName)
		if u == nil {
			// 说明用户不存在
			u = &User{
				Name:   userName,
				Passwd: "",
				Email:  userEmail,
			}
			_, err = u.Save()
			if err != nil {
				this.ServeErrJson("insert user fail " + err.Error())
				return
			}
		}
	} else {
		u = ReadUserByName(name)
		if u == nil {
			this.ServeErrJson("no such user")
			return
		}

		if u.Passwd != str.Md5Encode(g.Config().Salt+password) {
			this.ServeErrJson("password error")
			return
		}
	}

	expired := this.CreateSession(u.Id, 3600*24*30)

	appSig := this.GetString("sig", "")
	callback := this.GetString("callback", "")
	if appSig != "" && callback != "" {
		SaveSessionAttrs(u.Id, appSig, expired)
	}

	this.ServeDataJson(callback)
}
Ejemplo n.º 14
0
func (this *UserController) Query() {
	query := strings.TrimSpace(this.GetString("query", ""))
	query = strings.ToLower(query)
	limit := this.MustGetInt("limit", 10)

	if utils.HasDangerousCharacters(query) {
		this.ServeErrJson("query is invalid")
		return
	}

	var users []User
	QueryUsers(query).Limit(limit).All(&users, "Id", "Name", "Cnname", "Email", "Phone")

	isInLdap := false
	for _, v := range users {
		if strings.ToLower(v.Name) == query {
			isInLdap = true
		}
	}

	if isInLdap == false {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			query,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil && len(user_attributes) > 0 {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]

			u := ReadUserByName(query)
			if u == nil {
				// 说明用户不存在
				u = &User{
					Name:    query,
					Passwd:  "",
					Cnname:  userSn,
					Phone:   userTel,
					Email:   userMail,
					Created: time.Now(),
				}
				_, err = u.Save()
				if err != nil {
					this.ServeErrJson("insert user fail " + err.Error())
					return
				}
			}

			users = append(users, *u)
		}
	}

	this.Data["json"] = map[string]interface{}{"users": users}
	this.ServeJSON()
}
Ejemplo n.º 15
0
func (this *AuthController) RegisterGet() {
	this.Data["CanRegister"] = g.Config().CanRegister
	this.TplNames = "auth/register.html"
}
Ejemplo n.º 16
0
func (this *AuthController) LoginPost() {
	name := this.GetString("name", "")
	password := this.GetString("password", "")
	//qtyep := this.GetString("type","page")

	if name == "" || password == "" {
		this.ServeErrJson("name or password is blank")
		return
	}

	var u *User

	ldapEnabled := this.MustGetBool("ldap", false)

	if ldapEnabled && name != "root" {
		sucess, err := utils.LdapBind(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			name,
			password)
		if err != nil {
			this.ServeErrJson(err.Error())
			return
		}

		if !sucess {
			this.ServeErrJson("name or password error")
			return
		}

		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			name,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]
		}

		arr := strings.Split(name, "@")
		var userName, userEmail string
		if len(arr) == 2 {
			userName = arr[0]
			userEmail = name
		} else {
			userName = name
			userEmail = userMail
		}

		u = ReadUserByName(userName)
		if u == nil {
			// 说明用户不存在
			u = &User{
				Name:    userName,
				Passwd:  "",
				Cnname:  userSn,
				Phone:   userTel,
				Email:   userEmail,
				Created: time.Now(),
			}
			_, err = u.Save()
			if err != nil {
				this.ServeErrJson("insert user fail " + err.Error())
				return
			}
		}
	} else {
		u = ReadUserByName(name)
		if u == nil {
			this.ServeErrJson("no such user")
			return
		}

		if u.Passwd != str.Md5Encode(g.Config().Salt+password) {
			this.ServeErrJson("password error")
			return
		}
	}

	expired := this.CreateSession(u.Id, 3600*24*30)

	appSig := this.GetString("sig", "")
	callback := this.GetString("callback", "")
	if appSig != "" && callback != "" {
		SaveSessionAttrs(u.Id, appSig, expired)
	}

	this.ServeDataJson(callback)
}
Ejemplo n.º 17
0
func (this *UserController) QrCode() {
	name := this.Ctx.Input.Param(":name")
	u := ReadUserByName(name)
	if u == nil {
		this.NotFound("no such user")
		return
	}

	c, err := qr.Encode("BEGIN:VCARD\nVERSION:3.0\nFN:"+u.Cnname+"\nTEL;WORK;VOICE:"+u.Phone+"\nEMAIL;PREF;INTERNET:"+u.Email+"\nORG:"+g.Config().Company+"\nEND:VCARD", qr.L)
	if err != nil {
		this.NotFound("no such user")
		return
	}

	this.Ctx.Output.ContentType("image")
	this.Ctx.Output.Body(c.PNG())
}
Ejemplo n.º 18
0
func (this *UserController) CreateUserPost() {
	name := strings.TrimSpace(this.GetString("name", ""))
	password := strings.TrimSpace(this.GetString("password", ""))
	cnname := strings.TrimSpace(this.GetString("cnname", ""))
	email := strings.TrimSpace(this.GetString("email", ""))
	phone := strings.TrimSpace(this.GetString("phone", ""))
	im := strings.TrimSpace(this.GetString("im", ""))
	qq := strings.TrimSpace(this.GetString("qq", ""))

	if !utils.IsUsernameValid(name) {
		this.ServeErrJson("name pattern is invalid")
		return
	}

	if ReadUserIdByName(name) > 0 {
		this.ServeErrJson("name is already existent")
		return
	}

	if password == "" {
		this.ServeErrJson("password is blank")
		return
	}

	if utils.HasDangerousCharacters(cnname) {
		this.ServeErrJson("cnname is invalid")
		return
	}

	if utils.HasDangerousCharacters(email) {
		this.ServeErrJson("email is invalid")
		return
	}

	if utils.HasDangerousCharacters(phone) {
		this.ServeErrJson("phone is invalid")
		return
	}

	if utils.HasDangerousCharacters(im) {
		this.ServeErrJson("im is invalid")
		return
	}

	if utils.HasDangerousCharacters(qq) {
		this.ServeErrJson("qq is invalid")
		return
	}

	lastId, err := InsertRegisterUser(name, str.Md5Encode(g.Config().Salt+password))
	if err != nil {
		this.ServeErrJson("insert user fail " + err.Error())
		return
	}

	targetUser := ReadUserById(lastId)
	targetUser.Cnname = cnname
	targetUser.Email = email
	targetUser.Phone = phone
	targetUser.IM = im
	targetUser.QQ = qq

	if _, err := targetUser.Update(); err != nil {
		this.ServeErrJson("occur error " + err.Error())
		return
	}

	this.ServeOKJson()
}
Ejemplo n.º 19
0
func (this *UserController) Users() {
	query := strings.TrimSpace(this.GetString("query", ""))
	if utils.HasDangerousCharacters(query) {
		this.ServeErrJson("query is invalid")
		return
	}

	var us []User
	var total int64
	per := this.MustGetInt("per", 20)
	var pager *web.Paginator

	if !g.Config().Ldap.Enabled {
		users := QueryUsers(query)
		total, err := users.Count()
		if err != nil {
			this.ServeErrJson("occur error " + err.Error())
			return
		}

		pager = this.SetPaginator(per, total)
		users = users.Limit(per, pager.Offset())

		_, err = users.All(&us)
		if err != nil {
			this.ServeErrJson("occur error " + err.Error())
			return
		}
	} else {
		user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
			g.Config().Ldap.BaseDN,
			g.Config().Ldap.BindDN,
			g.Config().Ldap.BindPasswd,
			g.Config().Ldap.UserField,
			query,
			g.Config().Ldap.Attributes)
		userSn := ""
		userMail := ""
		userTel := ""
		if err == nil {
			userSn = user_attributes["sn"]
			userMail = user_attributes["mail"]
			userTel = user_attributes["telephoneNumber"]

			u := User{
				Name:   query,
				Passwd: "",
				Cnname: userSn,
				Phone:  userTel,
				Email:  userMail,
			}
			total = 1

			//查询此用户的role
			obj := ReadUserByName(query)
			if obj != nil {
				u.Role = obj.Role
				u.QQ = obj.QQ
				u.IM = obj.IM
			}
			us = append(us, u)
		}
		pager = this.SetPaginator(per, total)
	}

	me := this.Ctx.Input.GetData("CurrentUser").(*User)
	this.Data["Users"] = us
	this.Data["Query"] = query
	this.Data["Me"] = me
	this.Data["IamRoot"] = me.Role == ROOT_ADMIN_ROLE
	this.TplName = "user/list.html"
}