// 处理登陆
func LoginHandler(c *gin.Context) {
session := sessions.Default(c)
//校验验证码
loginCaptcha := c.PostForm("captcha")
Logger.Debug("login captcha is:%v", loginCaptcha)
memCaptcha := stringutils.ToString(session.Get(constant.LOGIN_CAPTCHA))
Logger.Debug("mem captcha:%v", memCaptcha)
if !strings.EqualFold(memCaptcha, loginCaptcha) {
session.Set(constant.LOGIN_ERROR_MSG, "验证码不正确")
session.Save()
c.Redirect(http.StatusMovedPermanently, "/user/login.html")
return
}
username := c.PostForm("username")
password := c.PostForm("password")
if len(username) == 0 || len(password) == 0 {
session.Set(constant.LOGIN_ERROR_MSG, "请填写用户名和密码")
session.Save()
c.Redirect(http.StatusMovedPermanently, "/user/login.html")
return
}
user := &bean.User{Phone: username}
found, err := db.Engine.Get(user)
util.PanicError(err)
//校验用户名和密码
if !found || (util.HashAndSalt(password, user.Salt) != user.Password) {
Logger.Error("user %v not found in user", username)
session.Set(constant.LOGIN_ERROR_MSG, "用户名或者密码错误")
session.Save()
c.Redirect(http.StatusMovedPermanently, "/user/login.html")
return
}
SetLoginState(*user, c)
c.Redirect(http.StatusMovedPermanently, "/order/order_list.html")
}
//普通用户(游客)注册
func RegistHandler(c *gin.Context) {
session := sessions.Default(c)
phone := c.PostForm("phone")
Logger.Info("register phone :%v", phone)
phone = strings.TrimSpace(phone)
if !userinfo.IsLegalPhoneNumber(phone) {
render.WriteJSON(c.Writer, "请填写正确的手机号(11位)")
return
}
if !strings.EqualFold(phone, stringutils.ToString(session.Get(constant.PHONE_NUMBER))) {
c.JSON(http.StatusOK, util.JsonResult{Success: false, Msg: "下发验证码的手机号不是当前手机号"})
return
}
if !strings.EqualFold(strings.ToLower(stringutils.ToString(session.Get(constant.PHONE_CAPTCHA))), strings.ToLower(c.PostForm("captcha"))) {
c.JSON(http.StatusOK, util.JsonResult{Success: false, Msg: "验证码不正确"})
return
lastPhoneCaptcha := session.Get(constant.PHONE_CAPTCHA_LAST)
lastPhoneCaptchaTimestamp, _ := lastPhoneCaptcha.(int64)
timeDifference := (time.Now().UnixNano() - lastPhoneCaptchaTimestamp) / (1000 * 1000 * 1000 * 60)
if timeDifference > constant.PHONE_CAPTCHA_EXPIRED_MINUTES {
c.JSON(http.StatusOK, util.JsonResult{Success: false, Msg: fmt.Sprintf("验证码已失效,请在验证码下发后%v分钟内提交", constant.PHONE_CAPTCHA_EXPIRED_MINUTES)})
return
}
}
user := &mdl.User{Phone: phone}
userCount, err := db.Engine.Count(user)
util.LogError(err)
if userCount != 0 {
render.WriteJSON(c.Writer, util.JsonResult{Success: true, Msg: "该手机号已经被注册"})
return
}
user.Salt = fmt.Sprintf("%v", rand.New(rand.NewSource(time.Now().UnixNano())).Float64())
user.Password = c.PostForm("password")
if len(user.Password) < 6 {
c.JSON(http.StatusOK, util.JsonResult{Msg: "密码长度大于6"})
return
}
user.Password = util.HashAndSalt(user.Password, user.Salt)
user.Uuid = uuid.New()
Logger.Info(user.Uuid)
nickname := strings.TrimSpace(c.PostForm("nickname"))
Logger.Debug("nickname: %v, size: %v", nickname, len(nickname))
if len(nickname) == 0 {
user.Nickname = user.Phone
} else {
user.Nickname = nickname
}
count, err := db.Engine.Insert(user)
if err != nil || count == 0 {
Logger.Error(err)
c.JSON(http.StatusOK, util.JsonResult{Msg: "系统错误"})
return
}
//注册成功,设置为登录
login.SetLoginState(*user, c)
c.JSON(http.StatusOK, util.JsonResult{Msg: "注册成功", Success: true})
}
//退出
func (auth *userAuth) Logout() {
session := sessions.Default(auth.context)
Cache.Delete(stringutils.ToString(session.Get(constant.LOGIN_PID)))
session.Delete(constant.LOGIN_PID)
session.Save()
}
