func (self *PasswordController) Post() { self.TplNames = "u/modify-password.html" flash := beego.NewFlash() password := self.GetString("password") newpassword := self.GetString("newPassword") repassword := self.GetString("confirmPassword") if newpassword != repassword { flash.Error("两次密码不匹配!") flash.Store(&self.Controller) return } if utils.HmacSha256(password, self.U.Salt) != self.U.Password { flash.Error("密码无法通过校验!") flash.Store(&self.Controller) return } salt := utils.GetSalt(8) pwd := utils.HmacSha256(newpassword, salt) self.U.Salt = salt self.U.Password = pwd self.U.Updated = time.Now() if row, _ := self.U.Update("Salt", "Password", "Updated"); row != 1 { flash.Error("用户信息更新到数据库时发生错误!") flash.Store(&self.Controller) return } self.Redirect("/u/settings/password?msg=sucess&ver="+strconv.Itoa(int(time.Now().UnixNano())), 302) }
func (self *SigninController) Post() { self.setTemplate() flash := beego.NewFlash() email := self.GetString("email") password := self.GetString("password") remember := self.GetString("remember") u := new(models.User) u.Email = email u.Password = password if err := u.Read("Email"); err != nil { flash.Error("该账号不存在~") flash.Store(&self.Controller) return } if utils.HmacSha256(password, u.Salt) != u.Password { flash.Error("密码无法通过校验~") flash.Store(&self.Controller) return } u.LastLoginTime = time.Now() u.LoginCount = u.LoginCount + 1 u.LastLoginIp = self.GetClientIP() u.Update("LastLoginTime", "LoginCount") // 登录成功设置session self.SetSession("userid", u.Id) self.SetSession("username", u.Username) self.SetSession("userrole", u.Role) self.SetSession("useremail", u.Email) self.SetSession("usercontent", u.Content) self.SetSession("useravatar", u.Avatar) // 设置cookie // 设置提示栏cookie标记 self.Ctx.SetCookie("signbar", SignBarClose, 31536000, "/") if remember == RememberOn { self.Ctx.SetCookie("remember", RememberOn, 31536000, "/") } else { self.Ctx.SetCookie("remember", RememberOff, 31536000, "/") } self.Redirect("/", 302) }
func (self *SignupController) Post() { self.setTemplate() flash := beego.NewFlash() email := strings.TrimSpace(strings.ToLower(self.GetString("email"))) username := strings.ToLower(self.GetString("username")) password := self.GetString("password") repassword := self.GetString("repassword") u := new(models.User) u.Email = email u.Username = username u.Password = password u.Valid = validation.Validation{} u.ValidateUserName().ValidateEmail().ValidatePassword() if u.Valid.HasErrors() { // validation does not pass var errMsg string = "" for _, err := range u.Valid.Errors { errMsg += err.Message } flash.Error(errMsg) flash.Store(&self.Controller) return } if password != repassword { flash.Error("两次密码不匹配~") flash.Store(&self.Controller) return } if !setting.Cpt.VerifyReq(self.Ctx.Request) { flash.Error("验证码不正确~") flash.Store(&self.Controller) return } salt := utils.GetSalt(8) pwd := utils.HmacSha256(password, salt) u.Salt = salt u.Password = pwd u.Role = 1 u.Updated = time.Now() u.LastLoginTime = u.Updated u.Avatar = setting.Default_Avatar if err := u.Insert(); err != nil { flash.Error("用户注册信息写入数据库时发生错误~") flash.Store(&self.Controller) return } // 注册账号成功,以下自动登录并设置session self.SetSession("userid", u.Id) self.SetSession("username", u.Username) self.SetSession("userrole", u.Role) self.SetSession("useremail", u.Email) self.SetSession("usercontent", u.Content) // 设置cookie // 设置提示栏cookie标记 self.Ctx.SetCookie("signbar", RememberOff, 31536000, "/") flash.Notice("账号登录成功~") flash.Store(&self.Controller) // session 写入后直接跳到首页 self.Redirect("/u/signin", 302) }