Exemple #1
0
//----------------------------------------------------------
// /a/validemail/
func GetValidEmailCtrl(c *macaron.Context) {
	r := core.NewRender(c)

	ve := r.Session.Get("validemail")
	if ve == nil {
		r.RedirectMsg("非法的URL请求,或请求已过期!", "/")
		return
	} else {
		r.Data["email"] = ve.(string)
		r.Session.Delete("validemail")
	}

	u := &models.Users{Email: ve.(string)}
	if !models.NewTr().Read(u, "Email") {
		r.RedirectMsg("不存在此Email注册信息!", "/")
		return
	}

	if u.ValidEmail {
		CleanCookies(c, r.Session)
		r.RedirectMsg("邮箱已通过验证,请返回登录", "/a/signin")
		return
	}

	r.SetCrumb("邮件验证", "/a/validemail/")
	r.AddCss("signup.css")
	r.RHTML(200, "account/valid_email")
}
Exemple #2
0
func (c *Render) loadUser() {
	if c.Session == nil {
		return
	}

	uinfo := c.Session.Get("uinfo")
	if uinfo == nil {
		c.UserInfo = &UserInfo{}
		c.UserInfo.Id = c.Uid
		t := models.NewTr()
		// load the user info from db
		if !t.Read(&c.UserInfo.Users) {
			return
		}

		// load the user group info from db
		c.UserInfo.Group = &models.UsersGroup{Id: c.UserInfo.GroupId}
		if !t.Read(c.UserInfo.Group) {
			return
		}

		c.Session.Set("uinfo", c.UserInfo)
	} else {
		c.UserInfo = uinfo.(*UserInfo)
	}

	c.Data["u"] = c.UserInfo
}
Exemple #3
0
func (s *AccountService) Signup(f SignupForm, clientip string) (*models.Users, string, bool) {
	if msg, ok := s.CheckSignup(f); !ok {
		return nil, msg, ok
	}

	var invitation *models.Invitation
	if f.ICode != "" {
		if invitation = models.CheckICodeAvailable(f.ICode); invitation == nil {
			return nil, "邀请码无效或与邀请邮箱不一致", false
		}
	}

	u := &models.Users{}
	u.UserName = f.Name
	u.Email = f.Email
	u.Password = f.Password
	u.Gender = f.Gender
	u.JobId = f.JobId
	u.Province = f.Province
	u.City = f.City
	u.Signature = f.Signature
	u.RegIp = clientip
	u.GroupId = models.GroupNotValidated // 未验证会员
	if invitation != nil && f.Email == invitation.Email {
		u.ValidEmail = true
		u.GroupId = models.GroupNormal //  验证会员
	}

	t := models.NewTr().Begin()
	defer t.End()
	uid, ok := u.Add(t)
	if !ok {
		return nil, "内部系统错误", false

	}
	u.Id = uid

	// 把邀请者加为好友
	if invitation != nil {
		if !models.AddUserFollow(t, uid, invitation.Uid) {
			return nil, "内部系统错误", false
		}

		if !invitation.Active(t, clientip, uid) {
			return nil, "内部系统错误", false
		}
	}

	return u, "", true
}
Exemple #4
0
// /api/account/firstlogin/clean/
func ApiCleanFirstLogin(c *macaron.Context) {
	r := core.NewRender(c)

	if msg, ok := r.CheckUser(); !ok {
		c.JSON(200, comps.NewRestErrResp(-1, msg))
		return
	}

	r.UserInfo.FirstLogin = false

	if _, ok := models.NewTr().Update(&r.UserInfo.Users, "FirstLogin"); !ok {
		r.PlainText(200, []byte("failed"))
	} else {
		r.PlainText(200, []byte("success"))
	}
}
Exemple #5
0
//----------------------------------------------------------
// POST /api/account/signin/
func ApiSignin(c *macaron.Context, f SigninForm, a token.TokenService, ss session.Store) {
	u := &models.Users{}
	if !u.CheckSignin(f.Input, f.Password) {
		c.JSON(200, comps.NewRestErrResp(-1, "输入正确的帐号或密码"))
		return
	}

	s := NewService()
	if err, ok := s.CheckSignin(u); !ok {
		c.JSON(200, comps.NewRestErrResp(-1, err))
		return
	}

	// 需要审批
	if u.GroupId == models.GroupNotValidated &&
		boot.SysSetting.Ra.RegisterValidType == models.RegValidApproval {
		c.JSON(200, comps.NewRestRedirectResp("/a/validapproval/"))
		return
	}

	//
	u.LastLogin = time.Now()
	u.LastIp = c.RemoteAddr()
	u.LoginCount = u.LoginCount + 1
	if _, ok := models.NewTr().Update(u, "LastLogin", "LastIp", "LoginCount"); !ok {
		// todo log
	}

	CleanCookies(c, ss)
	SetSigninCookies(c, u, a, ss)

	url := ""
	if !u.ValidEmail && boot.SysSetting.Ra.RegisterValidType == models.RegValidEmail {
		ss.Set("validemail", u.Email)
		url = "/a/validemail/"
	} else if u.FirstLogin {
		url = "/h/firstlogin/"
	} else if f.ReturnUrl != "" {
		url = f.ReturnUrl
	}

	c.JSON(200, comps.NewRestRedirectResp(url))
}
Exemple #6
0
//----------------------------------------------------------
// POST /api/account/signup/
func ApiUserSignup(f SignupForm, c *macaron.Context, cpt *captcha.Captcha,
	a token.TokenService, ss session.Store) {
	if !a.ValidToken(c.RemoteAddr(), f.CsrfToken) {
		c.JSON(200, comps.NewRestErrResp(-1, "非法的跨站请求"))
		return
	}

	if !cpt.VerifyReq(c.Req) {
		c.JSON(200, comps.NewRestResp(comps.NewCaptcha(cpt), -1, "请填写正确的验证码"))
		return
	}

	s := NewService()
	u, msg, ok := s.Signup(f, c.RemoteAddr())
	if !ok {
		c.JSON(200, comps.NewRestResp(comps.NewCaptcha(cpt), -1, msg))
		return
	}

	// 如果不需要email验证
	if boot.SysSetting.Ra.RegisterValidType == models.RegValidNone ||
		u.GroupId != models.GroupNotValidated ||
		u.ValidEmail {
		SetSigninCookies(c, u, a, ss)
		c.JSON(200, comps.NewRestRedirectResp("/h/firstlogin"))
		return
	}

	ss.Set("validemail", u.Email)
	if !models.NewValidByEmail(models.NewTr(), u.Id, u.Email) {
		c.JSON(200, comps.NewRestErrResp(-1, "内部系统错误"))
		return
	}

	SetSigninCookies(c, u, a, ss)
	c.JSON(200, comps.NewRestRedirectResp("/a/validemail/"))
	return
}
Exemple #7
0
func (s *AccountService) CheckUrlToken(m *models.Users, urltoken string) (string, bool) {
	if time.Now().Sub(m.UrlTokenUpdated).Seconds() <= float64(3600*24*30) {
		return "你距离上次修改个性网址未满 30 天", false
	}

	if !regexp.MustCompile(`^(?!__)[a-zA-Z0-9_]+$`).MatchString(urltoken) {
		return "个性网址只允许输入英文或数字", false
	}

	if !regexp.MustCompile(`^(?!__)[a-zA-Z0-9_]+$`).MatchString(urltoken) {
		return "个性网址只允许输入英文或数字", false
	}

	if !regexp.MustCompile(`^[\d]+$`).MatchString(urltoken) {
		return "个性网址不允许为纯数字", false
	}

	if m.UrlToken != urltoken && models.NewTr().Existed("Users", "UrlToken", urltoken) {
		return "个性网址已经被占用请更换一个", false
	}

	return "", true
}
Exemple #8
0
// /api/account/avatar/upload/
func ApiUploadAvatar(c *macaron.Context) {
	r := core.NewRender(c)

	if msg, ok := r.CheckUser(); !ok {
		c.JSON(200, comps.NewRestErrResp(-1, msg))
		return
	}

	f, h, err := c.GetFile("upload_file")
	if err != nil {
		log.Errorln("not find image, ", err.Error())
		c.JSON(200, comps.NewUploadFileErrRsp("你没有上传文件"))
		return
	}
	//log.Infoln("filename=", h.Filename)
	defer f.Close()

	// FIXME: the workdir should app root path
	ext := strings.ToLower(h.Filename[strings.LastIndex(h.Filename, ".")+1:])
	if !strings.Contains("jpg,jpeg,png,gif", ext) {
		c.JSON(200, comps.NewUploadFileErrRsp("文件类型无效"))
		return
	}

	// 上传的路径
	path := boot.SysSetting.Si.UploadDir + "/avatar/" + com.DateT(time.Now(), "YY/MM/DD/")
	os.MkdirAll(path, 0744)
	path = path + strconv.Itoa(int(r.Uid)) + "_"

	img, _, err := image.Decode(f)
	if err != nil {
		log.Errorln("decode image failed, ", err.Error())
		c.JSON(200, comps.NewUploadFileErrRsp("生成文件失败"))
		return
	}

	// 缩放图片
	sizes := []uint{32, 50, 100}
	names := []string{"min", "mid", "max"}
	tfn := ""
	for i, v := range sizes {
		tfn = path + names[i] + ".png"
		//log.Infoln("new image name, ", tfn)
		tf, err := os.OpenFile(tfn, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644)
		if err != nil {
			log.Errorln("write failed, ", err.Error())
			c.JSON(200, comps.NewUploadFileErrRsp("打开目标文件失败"))
			return
		}
		defer tf.Close()

		timg := resize.Thumbnail(v, v, img, resize.Lanczos3)
		var buf bytes.Buffer
		if err := png.Encode(&buf, timg); err != nil {
			log.Errorln("encode png failed, ", err.Error())
			c.JSON(200, comps.NewUploadFileErrRsp("编码PNG文件失败"))
			return
		}

		if _, err := tf.Write(buf.Bytes()); err != nil {
			log.Errorln("write png failed, ", err.Error())
			c.JSON(200, comps.NewUploadFileErrRsp("写入PNG文件失败"))
			return
		}
	}

	// 更新数据库
	t := models.NewTr().Begin()
	defer t.End()
	r.UserInfo.Avatar = "/" + tfn
	if _, ok := t.Update(&r.UserInfo.Users, "Avatar"); !ok {
		c.JSON(200, comps.NewUploadFileErrRsp("内部错误"))
		return
	}

	// 增加积分
	if !models.IntegralLogExistByUidAction(r.Uid, models.IntegralUploadUserAvatar) {
		models.AddIntegralLog(t, r.Uid, models.IntegralUploadUserAvatar, int64(float64(boot.SysSetting.Ir.FinishProfile)*0.2), "上传头像")
	}

	// c.JSON(200, comps.NewUploadFileRsp(r.UserInfo.Avatar))
	json, _ := c.JSONString(comps.NewUploadFileRsp(r.UserInfo.Avatar))
	json = strings.Replace(json, "/", "\\/", -1)
	c.Resp.Header().Set("Content-Type", "text/html; charset=utf-8")
	c.Write([]byte(json))
}
Exemple #9
0
//----------------------------------------------------------
// POST /api/account/setting/profile
func ApiSettingProfile(c *macaron.Context, f UserSettingForm, ss session.Store) {
	r := core.NewRender(c)

	if msg, ok := r.CheckUser(); !ok {
		c.JSON(200, comps.NewRestErrResp(-1, msg))
		return
	}

	s := NewService()
	u := r.UserInfo
	nu := &models.Users{Id: u.Id}
	t := models.NewTr().Begin()
	defer t.End()

	// 如果原来是采用Email注册,默认使用Email做为username
	nu.UserName = u.UserName
	if f.UserName != "" {
		if msg, ok := s.CheckUsernameChar(f.UserName); !ok {
			c.JSON(200, comps.NewRestErrResp(-1, msg))
			return
		}
		if u.UserName != f.UserName && models.UserExistedByName(f.UserName) {
			c.JSON(200, comps.NewRestErrResp(-1, "已经存在相同的姓名, 请重新填写"))
			return
		}
		nu.UserName = f.UserName
	}

	//
	nu.UrlToken = u.UrlToken
	if f.UrlToken != "" && f.UrlToken != u.UrlToken {
		if msg, ok := s.CheckUrlToken(&u.Users, f.UrlToken); !ok {
			c.JSON(200, comps.NewRestErrResp(-1, msg))
			return
		}
		nu.UrlToken = f.UrlToken
	}

	nu.Email = u.Email
	if f.Email != "" {
		if !gokits.IsEmail(f.Email) {
			c.JSON(200, comps.NewRestErrResp(-1, "请输入正确的 E-Mail 地址"))
			return
		}
		if !models.UserExistedByEmail(f.Email) {
			c.JSON(200, comps.NewRestErrResp(-1, "邮箱已经存在, 请使用新的邮箱"))
			return
		}
		nu.Email = f.Email
		models.NewValidByEmail(t, u.Id, nu.Email)
	}

	nu.CommonEmail = u.CommonEmail
	if f.CommonEmail != "" {
		if !gokits.IsEmail(f.CommonEmail) {
			c.JSON(200, comps.NewRestErrResp(-1, "请输入正确的常用邮箱地址"))
			return
		}
		nu.CommonEmail = f.CommonEmail
	}

	nu.Gender = f.Gender
	nu.Province = gokits.IfEmpty(f.Province, u.Province)
	nu.City = gokits.IfEmpty(f.City, u.City)

	nu.Birthday = u.Birthday
	if f.Birthday != "" {
		nu.Birthday, _ = time.Parse("19801010", f.Birthday)
	}

	nu.Signature = u.Signature
	if f.Signature != "" {
		nu.Signature = f.Signature
		if !models.IntegralLogExistByUidAction(u.Id, models.IntegralUpdateUserSignature) {
			models.AddIntegralLog(t, u.Id, models.IntegralUpdateUserSignature, int64(float64(boot.SysSetting.Ir.FinishProfile)*0.1), "完善一句话介绍")
		}
	}

	nu.JobId = u.JobId
	if f.JobId != 0 {
		nu.JobId = f.JobId
	}
	nu.Mobile = gokits.IfEmpty(f.Mobile, u.Mobile)

	if boot.SysSetting.Cs.AutoCreateSocialTopic {
		if f.Province != "" {
			models.AddTopic(t, f.Province)
		}
		if f.City != "" {
			models.AddTopic(t, f.City)
		}
	}

	if _, ok := t.Update(nu, "UserName", "Gender", "Province", "Province", "JobId",
		"Signature", "Email", "Signature", "UrlToken", "CommonEmail",
		"Birthday", "Mobile"); !ok {
		c.JSON(200, comps.NewRestErrResp(-1, "个人资料保存成功失败"))
	} else {
		c.JSON(200, comps.NewRestErrResp(1, "个人资料保存成功"))
	}
}