예제 #1
0
func (m *BaseController) auth() {
	if m.actionName == "gologin" || m.actionName == "login" || m.actionName == "logout" {
		fmt.Println("login or logout...")
	} else {
		b64Auth := m.Ctx.GetCookie("auth")
		// fmt.Println("auth = " + b64Auth)
		if b64Auth != "" {
			data, err := base64.StdEncoding.DecodeString(b64Auth)
			if err == nil {
				decodeData, err := toolkit.AesDecrypt(data, []byte(beego.AppConfig.String("aeskey")))
				if err == nil {
					decodeAuth := string(decodeData)
					// fmt.Println("decode auth = " + decodeAuth)
					arr := strings.Split(decodeAuth, "|")
					if len(arr) == 2 {
						ip, token := arr[0], arr[1]
						if ip == m.GetClientIP() {
							// 先从Session中读取admin信息,如果没有的话再从数据库中读取
							// 这里先直接从数据库中读取
							var admin models.Admin
							admin.Token = token
							if admin.Read("token") == nil {
								m.token = token
								m.userName = admin.Account
							}
						}
					}
				}
			}
		}

		if m.token == "" {
			// fmt.Println("m.controllerName = " + m.controllerName)
			// fmt.Println("m.actionName = " + m.actionName)
			m.Ctx.SetCookie("auth", "")
			m.Redirect(beego.AppConfig.String("adminurl")+"/login", 302)
		}
	}
}
예제 #2
0
// Login 登录处理
func (m *ProfileController) Login() {

	if m.Ctx.Request.Method == "GET" {

	} else if m.Ctx.Request.Method == "POST" {

		account := strings.TrimSpace(m.GetString("account"))
		password := strings.TrimSpace(m.GetString("password"))
		remember := m.GetString("remember")

		// fmt.Println("account = " + account)
		// fmt.Println("password = "******"" && password != "" {
			var admin models.Admin
			admin.Account = account

			// if account == "admin" && password == "123456" {
			// 	admin.NickName = "我是管理员"
			// 	admin.LastIP = m.GetClientIP()
			// 	admin.Password = toolkit.SHA256([]byte(password))
			// 	admin.LastTime = toolkit.GetTime()
			// 	admin.Token = toolkit.GenUID()
			// 	admin.Email = "*****@*****.**"
			// 	admin.Status = 1
			// 	admin.Head = "default.png"
			// 	admin.Insert()
			// 	m.Redirect(beego.AppConfig.String("adminurl"), 302)
			// 	return
			// }

			if admin.Read("account") != nil || admin.Password != toolkit.SHA256([]byte(password)) {
				// 用户名或密码输入错误
				fmt.Println("账号或密码填写错误")
				m.Data["errmsg"] = "账号或密码填写错误"
			} else {
				// 登录成功
				token := toolkit.GenUID()

				admin.LastIP = m.GetClientIP()
				admin.LastTime = toolkit.GetTime()
				admin.Token = token
				admin.Update()

				key := []byte(beego.AppConfig.String("aeskey"))
				result, err := toolkit.AesEncrypt([]byte(m.GetClientIP()+"|"+token), key)
				if err != nil {
					return
				}

				auth := base64.StdEncoding.EncodeToString(result)
				fmt.Println("auth = " + auth)

				if remember == "yes" {
					m.Ctx.SetCookie("auth", auth, 7*86400)
				} else {
					m.Ctx.SetCookie("auth", auth)
				}

				m.Redirect(beego.AppConfig.String("adminurl"), 302)
			}
		} else {
			// 用户名或密码为空
			fmt.Println("账号或密码为空")
			m.Data["errmsg"] = "账号或密码不能为空"
		}
	}

	m.TplName = beego.AppConfig.String("adminpath") + "/login.html"
}