func (this *SelfModPasswordAction) Post() { reqMsg := &SelfModPasswordRequest{} if !this.GetReqJson(reqMsg) { return } rspMsg := &SelfModPasswordResponse{} rspMsg.Init(reqMsg) reqMsg.CurrentPassword = strings.TrimSpace(reqMsg.CurrentPassword) reqMsg.NewPassword = strings.TrimSpace(reqMsg.NewPassword) if reqMsg.CurrentPassword == comm.NULL_STR || reqMsg.NewPassword == comm.NULL_STR { rspMsg.SetRspRetId(msg.MSG_PARA_ABSENT) this.SendJson(rspMsg) return } sessionId := reqMsg.GetReqSessionId() session, ok := SessionMgr().GetSession(sessionId) if !ok { rspMsg.SetRspRetId(msg.MSG_FAIL) this.SendJson(rspMsg) return } reqMsg.CurrentPassword = utils.PasswordBySeed(reqMsg.CurrentPassword, session.GetUserId()) reqMsg.NewPassword = utils.PasswordBySeed(reqMsg.NewPassword, session.GetUserId()) user, ok := UserMgr().getUser(session.GetUserId()) if !ok { rspMsg.SetRspRetId(msg.MSG_FAIL) this.SendJson(rspMsg) return } if user.Password != reqMsg.CurrentPassword { rspMsg.SetRspRetId(MSG_PASSWORD_ERROR) this.SendJson(rspMsg) return } user.Password = reqMsg.NewPassword msgId, ok := UserMgr().changeUser(user) rspMsg.SetRspRetId(msgId) WriteLog(rspMsg, session.GetUserName(), comm.NULL_STR) this.SendJson(rspMsg) }
func (this *ChangeUserAction) Post() { reqMsg := &ChangeUserRequest{} if !this.GetReqJson(reqMsg) { return } if reqMsg.Password != comm.NULL_STR { reqMsg.Password = utils.PasswordBySeed(reqMsg.Password, reqMsg.SafeUser.GetId()) } msgId, ok := UserMgr().changeUser(&reqMsg.SafeUser) rspMsg := &ChangeUserResponse{} rspMsg.Init(reqMsg) rspMsg.Init(reqMsg) if !ok { rspMsg.SetRsp(msgId) } else { newUser, _ := UserMgr().getUser(reqMsg.Id) if newUser != nil { rspMsg.SafeUser = *newUser } } WriteLog(rspMsg, reqMsg.Name, comm.NULL_STR) this.SendJson(rspMsg) }
func (this *AwakeLoginAction) Post() { reqMsg := &AwakeLoginRequest{} if !this.GetReqJson(reqMsg) { return } rspMsg := &AwakeLoginResponse{} rspMsg.Init(reqMsg) reqMsg.Password = strings.TrimSpace(reqMsg.Password) if reqMsg.Password == comm.NULL_STR { rspMsg.SetRspRetId(msg.MSG_PARA_ABSENT) this.SendJson(rspMsg) return } sessionId := reqMsg.GetReqSessionId() session, ok := SessionMgr().GetSession(sessionId) if !ok { rspMsg.SetRspRetId(msg.MSG_FAIL) this.SendJson(rspMsg) return } if !SessionMgr().IsValid(sessionId) { rspMsg.SetRspRetId(msg.MSG_SESSION_INVALID) this.SendJson(rspMsg) return } reqMsg.Password = utils.PasswordBySeed(reqMsg.Password, session.GetUserId()) user, ok := UserMgr().getUser(session.GetUserId()) if !ok { rspMsg.SetRspRetId(msg.MSG_FAIL) this.SendJson(rspMsg) return } if user.Password != reqMsg.Password { rspMsg.SetRspRetId(MSG_PASSWORD_ERROR) this.SendJson(rspMsg) return } session.KeepAlive() this.SendJson(rspMsg) }
func (this *userMgrImpl) createUser(user *SafeUser) (msgId string, ok bool) { msgId = msg.MSG_FAIL ok = false if user == nil { return } user.Name = strings.TrimSpace(user.Name) user.EmployeeId = strings.TrimSpace(user.EmployeeId) user.Password = strings.TrimSpace(user.Password) if user.Name == comm.NULL_STR || user.Password == comm.NULL_STR { msgId = msg.MSG_PARA_ABSENT return } user.Id = utils.RandStr() user.Password = utils.PasswordBySeed(user.Password, user.GetId()) if this.existUserByName(user.Name) { msgId = MSG_USERNAME_CLASH return } if this.existUserByEmployee(user.EmployeeId) { msgId = MSG_EMPLOYEEID_CLASH return } db := ds.DB() defer db.Close() createUserSql := "insert into fast.safeUser values($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15)" createUserStmt, err := db.Prepare(createUserSql) utils.VerifyErr(err) createUserStmt.Exec( user.Id, user.DepartId, user.Name, user.Password, user.EmployeeId, user.NickName, user.FirstName, user.LastName, user.Mobile, user.Email, user.UserRemark, user.IsLock, user.LockReason, user.IsForever, user.AccountExpired) createUserStmt.Close() createMapRoleSql := "insert into fast.safeRole values($1,$2,$3,$4,$5,$6,$7)" createMapRoleStmt, err := db.Prepare(createMapRoleSql) utils.VerifyErr(err) createMapRoleStmt.Exec( user.Id, comm.NULL_STR, comm.NULL_STR, comm.NULL_STR, true, false, comm.NULL_STR) createMapRoleStmt.Close() insertRoleAllocSql := "insert into fast.roleAlloc values($1,$2)" insertRoleAllocStmt, err := db.Prepare(insertRoleAllocSql) utils.VerifyErr(err) for _, v := range user.Roles { insertRoleAllocStmt.Exec(v, user.Id) } insertRoleAllocStmt.Exec(user.Id, user.Id) insertRoleAllocStmt.Close() insertOperateAuthSql := "insert into fast.operateAuth values($1,$2)" insertOperateAuthStmt, err := db.Prepare(insertOperateAuthSql) utils.VerifyErr(err) for _, v := range user.Operates { insertOperateAuthStmt.Exec(v, user.Id) } insertOperateAuthStmt.Close() insertObjAuthSql := "insert into fast.objectAuth values($1,$2)" insertObjAuthStmt, err := db.Prepare(insertObjAuthSql) utils.VerifyErr(err) for _, v := range user.Objects { insertObjAuthStmt.Exec(v, user.Id) } insertObjAuthStmt.Close() this.mapUser[user.Id] = user msgId = msg.MSG_SUCCESS ok = true return }
func (this *sessionMgrImpl) login(req *http.Request, userName, pasword, hostIp, hostName string) (session *SafeSession, msgId string, ok bool) { session = nil msgId = comm.NULL_STR ok = false userName = strings.TrimSpace(userName) pasword = strings.TrimSpace(pasword) if userName == comm.NULL_STR || pasword == comm.NULL_STR { msgId = msg.MSG_PARA_ABSENT return } user, ok := UserMgr().getUserByName(userName) if !ok { msgId = MSG_USER_INVALID return } msgId, ok = UserMgr().isValid(user.GetId()) if !ok { return } pasword = utils.PasswordBySeed(pasword, user.GetId()) if user.Password != pasword { msgId = MSG_PASSWORD_ERROR ok = false return } if this.IsOnLine(userName) { this.Offline(userName) } clientOnlineLimit := LicenseMgr().GetAllowInt("clientOnlineLimit") activateClient := len(this.mapSessions) if activateClient >= clientOnlineLimit && !LicenseMgr().IsEmpty() { msgId = msg.MSG_LICENSE_NOENOUGH ok = false return } session = &SafeSession{} session.LoginUserId = user.Id session.LoginUserName = user.Name session.RandId = utils.RandStr() session.ConnTime = utils.StrTime() session.ClientIp = hostIp session.ClientHost = hostName session.ServerIp = req.Host session.ServerHost = req.Host session.KeepAliveTime = session.ConnTime session.SessionStatus = SAFE_SESSION_LOGIN session.Id = session.LoginUserName + "&" + session.ConnTime + "&" + utils.RandStr() session.Id = utils.EnCodeBase64(session.GetId()) session.Id = utils.Md5(session.GetId()) this.mapSessions[session.GetId()] = session db := ds.DB() defer db.Close() insertSql := "insert into fast.safeSession values($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11)" insertStmt, err := db.Prepare(insertSql) utils.VerifyErr(err) insertStmt.Exec( session.Id, session.RandId, session.ConnTime, session.LoginUserId, session.LoginUserName, session.ClientIp, session.ClientHost, session.ServerIp, session.ServerHost, session.KeepAliveTime, session.SessionStatus) insertStmt.Close() msgId = msg.MSG_SUCCESS ok = true return }