func authPhonePassword(ctx *gin.Context, querylValues url.Values) { phone := querylValues.Get("phone") if phone == "" { ctx.JSON(200, errors.ErrBadRequest) return } if !check.IsChinaMobileString(phone) { ctx.JSON(200, errors.ErrBadRequest) return } password := querylValues.Get("password") if password == "" { ctx.JSON(200, errors.ErrBadRequest) return } user, err := model.GetByPhone(phone) switch err { case nil: cipherPassword := model.EncryptPassword([]byte(password), user.Salt) if !security.SecureCompare(cipherPassword, user.Password) { ctx.JSON(200, errors.ErrAuthFailed) return } authSuccess(ctx, AuthTypePhonePassword, user) return case model.ErrNotFound: cipherPassword := model.EncryptPassword([]byte(password), model.PasswordSalt) if !security.SecureCompare(cipherPassword, cipherPassword) { ctx.JSON(200, errors.ErrAuthFailed) return } ctx.JSON(200, errors.ErrAuthFailed) return default: glog.Errorln(err) ctx.JSON(200, errors.ErrInternalServerError) return } }
// 申请发送一个校验码到手机. // uri?phone=XXX func RequestForPhoneHandler(ctx *gin.Context) { // MustAuthHandler(ctx) queryValues := ctx.Request.URL.Query() phone := queryValues.Get("phone") if phone == "" { ctx.JSON(200, errors.ErrBadRequest) return } if !check.IsChinaMobileString(phone) { ctx.JSON(200, errors.ErrBadRequest) return } tk := ctx.MustGet("sso_token").(*token.Token) ss := ctx.MustGet("sso_session").(*session.Session) code := generateCode() checkcode := session.CheckCode{ Key: phone, Code: code, Times: 0, } ss.PhoneCheckCode = &checkcode if err := session.Set(tk.SessionId, ss); err != nil { glog.Errorln(err) ctx.JSON(200, errors.ErrInternalServerError) return } if err := sendCodeToPhone(phone, code); err != nil { glog.Errorln(err) ctx.JSON(200, errors.ErrInternalServerError) return } ctx.JSON(200, errors.ErrOK) return }