func (this *UserController) ChangePassword() {
oldPassword := strings.TrimSpace(this.GetString("old_password", ""))
newPassword := strings.TrimSpace(this.GetString("new_password", ""))
repeatPassword := strings.TrimSpace(this.GetString("repeat_password", ""))
if newPassword != repeatPassword {
this.ServeErrJson("password not equal the repeart one")
return
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
if me.Passwd != str.Md5Encode(g.Config().Salt+oldPassword) {
this.ServeErrJson("old password error")
return
}
newPass := str.Md5Encode(g.Config().Salt + newPassword)
if me.Passwd == newPass {
this.ServeOKJson()
return
}
me.Passwd = newPass
_, err := me.Update()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
RemoveSessionByUid(me.Id)
this.ServeOKJson()
}
func (this *AuthController) RegisterPost() {
if !g.Config().CanRegister {
this.ServeErrJson("registration system is not open")
return
}
name := strings.TrimSpace(this.GetString("name", ""))
password := strings.TrimSpace(this.GetString("password", ""))
repeatPassword := strings.TrimSpace(this.GetString("repeat_password", ""))
if password != repeatPassword {
this.ServeErrJson("password not equal the repeart one")
return
}
if !utils.IsUsernameValid(name) {
this.ServeErrJson("name pattern is invalid")
return
}
if ReadUserIdByName(name) > 0 {
this.ServeErrJson("name is already existent")
return
}
lastId, err := InsertRegisterUser(name, str.Md5Encode(g.Config().Salt+password))
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
this.CreateSession(lastId, 3600*24*30)
this.ServeOKJson()
}
func (this *AuthController) renderLoginPage(sig, callback string) {
this.Data["CanRegister"] = g.Config().CanRegister
this.Data["LdapEnabled"] = g.Config().Ldap.Enabled
this.Data["Sig"] = sig
this.Data["Callback"] = callback
this.TplNames = "auth/login.html"
}
func Start() {
if !g.Config().Http.Enabled {
return
}
addr := g.Config().Http.Listen
if addr == "" {
return
}
home.ConfigRoutes()
uic.ConfigRoutes()
beego.AddFuncMap("member", uic_model.MembersByTeamId)
beego.Run(addr)
}
func InitDatabase() {
// set default database
config := g.Config()
orm.RegisterDataBase("default", "mysql", config.Uic.Addr, config.Uic.Idle, config.Uic.Max)
// register model
orm.RegisterModel(new(User), new(Team), new(Session), new(RelTeamUser))
if config.Log == "debug" {
orm.Debug = true
}
}
func InitCache() {
cfg := g.Config()
if !cfg.Cache.Enabled {
return
}
cache.InitCache(
cfg.Cache.Redis,
cfg.Cache.Idle,
cfg.Cache.Max,
time.Duration(cfg.Cache.Timeout.Conn)*time.Millisecond,
time.Duration(cfg.Cache.Timeout.Read)*time.Millisecond,
time.Duration(cfg.Cache.Timeout.Write)*time.Millisecond,
time.Hour,
)
}
func (this *UserController) About() {
name := this.Ctx.Input.Param(":name")
var u *User
if !g.Config().Ldap.Enabled {
u = ReadUserByName(name)
} else {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
name,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u = &User{
Name: name,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
Created: time.Now(),
}
udb := ReadUserByName(name)
if udb != nil {
u.QQ = udb.QQ
u.IM = udb.IM
}
}
}
if u == nil {
this.NotFound("no such user")
return
}
this.Data["User"] = u
this.TplName = "user/about.html"
}
func (this *UserController) CreateRoot() {
password := strings.TrimSpace(this.GetString("password", ""))
if password == "" {
this.Ctx.Output.Body([]byte("password is blank"))
return
}
userPtr := &User{
Name: "root",
Passwd: str.Md5Encode(g.Config().Salt + password),
Role: 2,
}
_, err := userPtr.Save()
if err != nil {
this.Ctx.Output.Body([]byte(err.Error()))
} else {
this.Ctx.Output.Body([]byte("success"))
}
}
func main() {
cfg := flag.String("c", "cfg.json", "configuration file")
version := flag.Bool("v", false, "show version")
flag.Parse()
if *version {
fmt.Println(g.VERSION)
os.Exit(0)
}
// parse config
if err := g.ParseConfig(*cfg); err != nil {
log.Fatalln(err)
}
logger.SetLevelWithDefault(g.Config().Log, "info")
model.InitDatabase()
cache.InitCache()
http.Start()
}
func (this *UserController) ResetPassword() {
password := this.GetString("password", "")
if password == "" {
this.ServeErrJson("password is blank")
return
}
targetUser := this.Ctx.Input.GetData("TargetUser").(*User)
if targetUser.Name == "root" {
this.ServeErrJson("no privilege")
return
}
targetUser.Passwd = str.Md5Encode(g.Config().Salt + password)
_, err := targetUser.Update()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
this.ServeOKJson()
}
}
ctx.Input.SetData("CurrentUser", u)
}
var FilterTargetUser = func(ctx *context.Context) {
userName := ctx.Input.Query("name")
if userName == "" {
ctx.ResponseWriter.WriteHeader(403)
ctx.ResponseWriter.Write([]byte("Name is necessary"))
return
}
u := uic.ReadUserByName(userName)
if u == nil {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
userName,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["mobile"]
}
func (this *HomeController) Get() {
this.Data["Shortcut"] = g.Config().Shortcut
this.TplName = "home/index.html"
}
func (this *AuthController) LoginPost() {
name := this.GetString("name", "")
password := this.GetString("password", "")
if name == "" || password == "" {
this.ServeErrJson("name or password is blank")
return
}
var u *User
ldapEnabled := this.MustGetBool("ldap", false)
if ldapEnabled {
sucess, err := utils.LdapBind(g.Config().Ldap.Addr, name, password)
if err != nil {
this.ServeErrJson(err.Error())
return
}
if !sucess {
this.ServeErrJson("name or password error")
return
}
arr := strings.Split(name, "@")
var userName, userEmail string
if len(arr) == 2 {
userName = arr[0]
userEmail = name
} else {
userName = name
userEmail = ""
}
u = ReadUserByName(userName)
if u == nil {
// 说明用户不存在
u = &User{
Name: userName,
Passwd: "",
Email: userEmail,
}
_, err = u.Save()
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
}
} else {
u = ReadUserByName(name)
if u == nil {
this.ServeErrJson("no such user")
return
}
if u.Passwd != str.Md5Encode(g.Config().Salt+password) {
this.ServeErrJson("password error")
return
}
}
expired := this.CreateSession(u.Id, 3600*24*30)
appSig := this.GetString("sig", "")
callback := this.GetString("callback", "")
if appSig != "" && callback != "" {
SaveSessionAttrs(u.Id, appSig, expired)
}
this.ServeDataJson(callback)
}
func (this *UserController) Query() {
query := strings.TrimSpace(this.GetString("query", ""))
query = strings.ToLower(query)
limit := this.MustGetInt("limit", 10)
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var users []User
QueryUsers(query).Limit(limit).All(&users, "Id", "Name", "Cnname", "Email", "Phone")
isInLdap := false
for _, v := range users {
if strings.ToLower(v.Name) == query {
isInLdap = true
}
}
if isInLdap == false {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
query,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil && len(user_attributes) > 0 {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u := ReadUserByName(query)
if u == nil {
// 说明用户不存在
u = &User{
Name: query,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
Created: time.Now(),
}
_, err = u.Save()
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
}
users = append(users, *u)
}
}
this.Data["json"] = map[string]interface{}{"users": users}
this.ServeJSON()
}
func (this *AuthController) RegisterGet() {
this.Data["CanRegister"] = g.Config().CanRegister
this.TplNames = "auth/register.html"
}
func (this *AuthController) LoginPost() {
name := this.GetString("name", "")
password := this.GetString("password", "")
//qtyep := this.GetString("type","page")
if name == "" || password == "" {
this.ServeErrJson("name or password is blank")
return
}
var u *User
ldapEnabled := this.MustGetBool("ldap", false)
if ldapEnabled && name != "root" {
sucess, err := utils.LdapBind(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
name,
password)
if err != nil {
this.ServeErrJson(err.Error())
return
}
if !sucess {
this.ServeErrJson("name or password error")
return
}
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
name,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
}
arr := strings.Split(name, "@")
var userName, userEmail string
if len(arr) == 2 {
userName = arr[0]
userEmail = name
} else {
userName = name
userEmail = userMail
}
u = ReadUserByName(userName)
if u == nil {
// 说明用户不存在
u = &User{
Name: userName,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userEmail,
Created: time.Now(),
}
_, err = u.Save()
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
}
} else {
u = ReadUserByName(name)
if u == nil {
this.ServeErrJson("no such user")
return
}
if u.Passwd != str.Md5Encode(g.Config().Salt+password) {
this.ServeErrJson("password error")
return
}
}
expired := this.CreateSession(u.Id, 3600*24*30)
appSig := this.GetString("sig", "")
callback := this.GetString("callback", "")
if appSig != "" && callback != "" {
SaveSessionAttrs(u.Id, appSig, expired)
}
this.ServeDataJson(callback)
}
func (this *UserController) QrCode() {
name := this.Ctx.Input.Param(":name")
u := ReadUserByName(name)
if u == nil {
this.NotFound("no such user")
return
}
c, err := qr.Encode("BEGIN:VCARD\nVERSION:3.0\nFN:"+u.Cnname+"\nTEL;WORK;VOICE:"+u.Phone+"\nEMAIL;PREF;INTERNET:"+u.Email+"\nORG:"+g.Config().Company+"\nEND:VCARD", qr.L)
if err != nil {
this.NotFound("no such user")
return
}
this.Ctx.Output.ContentType("image")
this.Ctx.Output.Body(c.PNG())
}
func (this *UserController) CreateUserPost() {
name := strings.TrimSpace(this.GetString("name", ""))
password := strings.TrimSpace(this.GetString("password", ""))
cnname := strings.TrimSpace(this.GetString("cnname", ""))
email := strings.TrimSpace(this.GetString("email", ""))
phone := strings.TrimSpace(this.GetString("phone", ""))
im := strings.TrimSpace(this.GetString("im", ""))
qq := strings.TrimSpace(this.GetString("qq", ""))
if !utils.IsUsernameValid(name) {
this.ServeErrJson("name pattern is invalid")
return
}
if ReadUserIdByName(name) > 0 {
this.ServeErrJson("name is already existent")
return
}
if password == "" {
this.ServeErrJson("password is blank")
return
}
if utils.HasDangerousCharacters(cnname) {
this.ServeErrJson("cnname is invalid")
return
}
if utils.HasDangerousCharacters(email) {
this.ServeErrJson("email is invalid")
return
}
if utils.HasDangerousCharacters(phone) {
this.ServeErrJson("phone is invalid")
return
}
if utils.HasDangerousCharacters(im) {
this.ServeErrJson("im is invalid")
return
}
if utils.HasDangerousCharacters(qq) {
this.ServeErrJson("qq is invalid")
return
}
lastId, err := InsertRegisterUser(name, str.Md5Encode(g.Config().Salt+password))
if err != nil {
this.ServeErrJson("insert user fail " + err.Error())
return
}
targetUser := ReadUserById(lastId)
targetUser.Cnname = cnname
targetUser.Email = email
targetUser.Phone = phone
targetUser.IM = im
targetUser.QQ = qq
if _, err := targetUser.Update(); err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
this.ServeOKJson()
}
func (this *UserController) Users() {
query := strings.TrimSpace(this.GetString("query", ""))
if utils.HasDangerousCharacters(query) {
this.ServeErrJson("query is invalid")
return
}
var us []User
var total int64
per := this.MustGetInt("per", 20)
var pager *web.Paginator
if !g.Config().Ldap.Enabled {
users := QueryUsers(query)
total, err := users.Count()
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
pager = this.SetPaginator(per, total)
users = users.Limit(per, pager.Offset())
_, err = users.All(&us)
if err != nil {
this.ServeErrJson("occur error " + err.Error())
return
}
} else {
user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr,
g.Config().Ldap.BaseDN,
g.Config().Ldap.BindDN,
g.Config().Ldap.BindPasswd,
g.Config().Ldap.UserField,
query,
g.Config().Ldap.Attributes)
userSn := ""
userMail := ""
userTel := ""
if err == nil {
userSn = user_attributes["sn"]
userMail = user_attributes["mail"]
userTel = user_attributes["telephoneNumber"]
u := User{
Name: query,
Passwd: "",
Cnname: userSn,
Phone: userTel,
Email: userMail,
}
total = 1
//查询此用户的role
obj := ReadUserByName(query)
if obj != nil {
u.Role = obj.Role
u.QQ = obj.QQ
u.IM = obj.IM
}
us = append(us, u)
}
pager = this.SetPaginator(per, total)
}
me := this.Ctx.Input.GetData("CurrentUser").(*User)
this.Data["Users"] = us
this.Data["Query"] = query
this.Data["Me"] = me
this.Data["IamRoot"] = me.Role == ROOT_ADMIN_ROLE
this.TplName = "user/list.html"
}