func (this *AuthController) LoginPost() { name := this.GetString("name", "") password := this.GetString("password", "") if name == "" || password == "" { this.ServeErrJson("name or password is blank") return } var u *User ldapEnabled := this.MustGetBool("ldap", false) if ldapEnabled { sucess, err := utils.LdapBind(g.Config().Ldap.Addr, name, password) if err != nil { this.ServeErrJson(err.Error()) return } if !sucess { this.ServeErrJson("name or password error") return } arr := strings.Split(name, "@") var userName, userEmail string if len(arr) == 2 { userName = arr[0] userEmail = name } else { userName = name userEmail = "" } u = ReadUserByName(userName) if u == nil { // 说明用户不存在 u = &User{ Name: userName, Passwd: "", Email: userEmail, } _, err = u.Save() if err != nil { this.ServeErrJson("insert user fail " + err.Error()) return } } } else { u = ReadUserByName(name) if u == nil { this.ServeErrJson("no such user") return } if u.Passwd != str.Md5Encode(g.Config().Salt+password) { this.ServeErrJson("password error") return } } expired := this.CreateSession(u.Id, 3600*24*30) appSig := this.GetString("sig", "") callback := this.GetString("callback", "") if appSig != "" && callback != "" { SaveSessionAttrs(u.Id, appSig, expired) } this.ServeDataJson(callback) }
func (this *AuthController) LoginPost() { name := this.GetString("name", "") password := this.GetString("password", "") //qtyep := this.GetString("type","page") if name == "" || password == "" { this.ServeErrJson("name or password is blank") return } var u *User ldapEnabled := this.MustGetBool("ldap", false) if ldapEnabled && name != "root" { sucess, err := utils.LdapBind(g.Config().Ldap.Addr, g.Config().Ldap.BaseDN, g.Config().Ldap.BindDN, g.Config().Ldap.BindPasswd, g.Config().Ldap.UserField, name, password) if err != nil { this.ServeErrJson(err.Error()) return } if !sucess { this.ServeErrJson("name or password error") return } user_attributes, err := utils.Ldapsearch(g.Config().Ldap.Addr, g.Config().Ldap.BaseDN, g.Config().Ldap.BindDN, g.Config().Ldap.BindPasswd, g.Config().Ldap.UserField, name, g.Config().Ldap.Attributes) userSn := "" userMail := "" userTel := "" if err == nil { userSn = user_attributes["sn"] userMail = user_attributes["mail"] userTel = user_attributes["telephoneNumber"] } arr := strings.Split(name, "@") var userName, userEmail string if len(arr) == 2 { userName = arr[0] userEmail = name } else { userName = name userEmail = userMail } u = ReadUserByName(userName) if u == nil { // 说明用户不存在 u = &User{ Name: userName, Passwd: "", Cnname: userSn, Phone: userTel, Email: userEmail, Created: time.Now(), } _, err = u.Save() if err != nil { this.ServeErrJson("insert user fail " + err.Error()) return } } } else { u = ReadUserByName(name) if u == nil { this.ServeErrJson("no such user") return } if u.Passwd != str.Md5Encode(g.Config().Salt+password) { this.ServeErrJson("password error") return } } expired := this.CreateSession(u.Id, 3600*24*30) appSig := this.GetString("sig", "") callback := this.GetString("callback", "") if appSig != "" && callback != "" { SaveSessionAttrs(u.Id, appSig, expired) } this.ServeDataJson(callback) }