func (c User) SigninPost(name, password string) revel.Result {
c.Validation.Required(name).Message("请输入用户名")
c.Validation.Required(password).Message("请输入密码")
if c.Validation.HasErrors() {
c.Validation.Keep()
c.FlashParams()
return c.Redirect(routes.User.Signin())
}
var user models.User
var count int64
var hashedPassword string
has, _ := engine.Where("name = ?", name).Get(&user)
if has {
// 密码加盐兼容旧密码
if user.Salt == "" {
hashedPassword = models.EncryptPassword(password, "")
} else {
hashedPassword = models.EncryptPassword(password, user.Salt)
}
count, _ = engine.Where("name = ? AND hashed_password = ?", name, hashedPassword).Count(&models.User{})
// 密码加盐兼容旧密码
if count > 0 && user.Salt == "" {
salt := uuidName()
hashedPassword = models.EncryptPassword(password, salt)
engine.Id(user.Id).Update(&models.User{
Salt: salt,
HashedPassword: hashedPassword,
})
}
}
if !has || count == 0 {
c.Validation.Keep()
c.FlashParams()
c.Flash.Out["user"] = name
c.Flash.Error("用户名或密码错误")
return c.Redirect(routes.User.Signin())
}
if !user.IsActive() {
c.Flash.Error(fmt.Sprintf("您的账号 %s 尚未激活,请到您的邮箱 %s 激活账号!", user.Name, user.Email))
c.Validation.Keep()
c.FlashParams()
return c.Redirect(routes.User.Signin())
}
c.Session["user"] = name
if preUrl, ok := c.Session["preUrl"]; ok {
return c.Redirect(preUrl)
}
return c.Redirect(routes.App.Index())
}
func (c User) ResetPasswordPost(code, password, confirmPassword string) revel.Result {
var user models.User
has, _ := engine.Where("validate_code = ?", code).Get(&user)
if code == "" || !has {
return c.NotFound("用户不存在或验证码错误")
}
c.Validation.Required(password).Message("请填写新密码")
c.Validation.Required(confirmPassword == password).Message("新密码不一致")
if c.Validation.HasErrors() {
c.Validation.Keep()
c.FlashParams()
return c.Redirect(routes.User.ResetPassword(code))
}
salt := uuidName()
aff, _ := engine.Id(user.Id).Update(&models.User{
HashedPassword: models.EncryptPassword(password, salt),
Salt: salt,
ValidateCode: "",
})
if aff > 0 {
c.Flash.Success(fmt.Sprintf("%s,你好!重设密码成功,请登录!", user.Name))
} else {
c.Flash.Error("出现未知错误,请与管理员联系!")
}
return c.Redirect(routes.User.Signin())
}
func (c User) SignupPost(user models.User) revel.Result {
user.Validate(c.Validation)
if c.Validation.HasErrors() {
c.Validation.Keep()
c.FlashParams()
return c.Redirect(routes.User.Signup())
}
salt := uuidName()
user.Type = MEMBER_GROUP
user.Avatar = models.DefaultAvatar
user.ValidateCode = uuidName()
user.Salt = salt
user.HashedPassword = models.EncryptPassword(user.Password, salt)
aff, _ := engine.Insert(&user)
if aff == 0 {
c.Flash.Error("注册用户失败")
return c.Redirect(routes.User.Signup())
}
subject := "激活账号 —— Revel中文社区"
content := `<h2><a href="http://gorevel.cn/user/validate/` + user.ValidateCode + `">激活账号</a></h2>`
go sendMail(subject, content, []string{user.Email})
c.Flash.Success(fmt.Sprintf("%s 注册成功,请到您的邮箱 %s 激活账号!", user.Name, user.Email))
engine.Insert(&models.Permissions{
UserId: user.Id,
Perm: MEMBER_GROUP,
})
return c.Redirect(routes.User.Signin())
}