Exemplo n.º 1
0
func AuthInterceptor(c *revel.Controller) revel.Result {
	// 全部变成首字大写
	/*
		var controller = strings.Title(c.Name)
		var method = strings.Title(c.MethodName)
		// 是否需要验证?
		if !needValidate(controller, method) {
			return nil
		}
	*/

	// 验证是否已登录
	// 必须是管理员
	if username, ok := c.Session["Username"]; ok && username == configService.GetAdminUsername() {
		return nil // 已登录
	}

	// 没有登录, 判断是否是ajax操作
	if c.Request.Header.Get("X-Requested-With") == "XMLHttpRequest" {
		re := info.NewRe()
		re.Msg = "NOTLOGIN"
		return c.RenderJson(re)
	}

	return c.Redirect("/login")
}
Exemplo n.º 2
0
func CheckUserAuth(controller *revel.Controller) revel.Result {

	if controller.Action == "Static.Serve" ||
		controller.Action == "App.Login" ||
		controller.Action == "User.Login" ||
		controller.Action == "User.Logout" {

		return nil
	}

	var (
		userAuth    = new(security.UserAuth)
		username    string
		sessionData = *security.GetSessionData(&controller.Session)
	)

	security.AuthCache.Get(controller.Session.Id(), userAuth)

	if v, ok := sessionData["username"]; ok {
		username = v.(string)
	}

	if userAuth != nil && username != "" && userAuth.Equal(security.UserAuthGenerate(controller.Request)) {
		return nil
	}

	controller.Flash.Error("Please log in first")
	controller.Response.Out.Header().Set("Requires-Auth", "1")
	//	controller.Response.Status	= 401

	return controller.Redirect((*User).Login)
}
Exemplo n.º 3
0
func checkUser(c *revel.Controller) revel.Result {
	if _, ok := c.Session["user"]; ok {
		return nil
	}

	c.Flash.Error(c.Message("login.message.notloggedin"))
	return c.Redirect(routes.App.Login())
}
Exemplo n.º 4
0
func adminOnly(c *revel.Controller) revel.Result {
	if c.Session["usertype"] == "ADMIN" {
		return nil
	}

	c.Flash.Error(c.Message("access.message.notallowed"))
	return c.Redirect(routes.App.Index())
}
Exemplo n.º 5
0
func CheckLoginAdmin(c *revel.Controller) revel.Result {
	if c.Session[LOGIN_USERID] == "" || models.Role(c.Session[LOGIN_USERROLE]) != models.ROLE_SUPER_ADMIN {
		return c.Redirect(
			revel.MainRouter.Reverse("Auth.Login", map[string]string{}).Url,
		)
	}
	return nil
}
Exemplo n.º 6
0
// func init() {
// revel.InterceptFunc(CheckLogin, revel.BEFORE, &App{})
// }
func CheckLogin(c *revel.Controller) revel.Result {
	if c.Session[LOGIN_USERID] == "" {
		return c.Redirect(
			revel.MainRouter.Reverse("Auth.Login", map[string]string{}).Url,
		)
	}
	return nil
}
Exemplo n.º 7
0
Arquivo: util.go Projeto: jango2015/OJ
// search certain content
func Search(key string, c *revel.Controller) revel.Result {
	var problems []models.Problem
	err := engine.Where("title = ? ", key).Find(&problems)
	if err != nil {
		c.Flash.Error("error %s", err.Error())
		c.Redirect(routes.Notice.Crash())
	}
	return c.Render(problems)
}
Exemplo n.º 8
0
Arquivo: util.go Projeto: jango2015/OJ
//authentication check
func authenticate(c *revel.Controller) revel.Result {
	if inStringSlice(strings.ToLower(c.Action),
		adminPermission) {
		if !adminAuthentication(c) {
			c.Flash.Error("you are not admin")
			return c.Redirect("/")
		}
	}
	if inStringSlice(strings.ToLower(c.Action),
		userPermission) {
		if ok := connected(c); !ok {
			c.Flash.Error("please login first")
			return c.Redirect(routes.Account.Login())
		} else {
			return nil
		}
	}
	if inStringSlice(strings.ToLower(c.Action),
		logoutCheck) {
		if ok := connected(c); ok {
			c.Flash.Error("can not repeat login")
			return c.Redirect("/")
		} else {
			return nil
		}
	}
	return nil
}
Exemplo n.º 9
0
//检测登陆
func CheckLogin(c *revel.Controller) revel.Result {

	//登陆页面,CSS, JS, Ajax, 验证码页面 都不进行登陆验证
	if c.Name == "User" && c.MethodName == "Login" || c.Name == "Ajax" || c.Name == "Static" || c.Name == "Captcha" || c.Name == "Kindeditor" {

		if LANG, ok := c.Session["Lang"]; ok {
			//设置语言
			c.RenderArgs["currentLocale"] = LANG
		} else {
			//设置默认语言
			c.RenderArgs["currentLocale"] = "zh"
		}

		return nil
	} else {

		UserID := utils.GetSession("UserID", c.Session)

		if len(UserID) > 0 {
			UserID, err := strconv.ParseInt(UserID, 10, 64)
			if err != nil {
				revel.WARN.Println(err)
				return c.Redirect("/Login/")
			}

			admin := new(models.Admin)
			admin_info := admin.GetById(UserID)
			if admin_info.Id <= 0 {
				return c.Redirect("/Login/")
			}

			//控制器
			c.RenderArgs["Controller"] = c.Name
			//动作
			c.RenderArgs["action"] = c.Action
			//模型
			c.RenderArgs["Model"] = c.MethodName

			//登陆信息
			c.RenderArgs["admin_info"] = admin_info

			//设置语言
			c.RenderArgs["currentLocale"] = admin_info.Lang
		} else {

			//控制器
			c.RenderArgs["Controller"] = c.Name
			//动作
			c.RenderArgs["action"] = c.Action
			//模型
			c.RenderArgs["Model"] = c.MethodName

			return c.Redirect("/Login/")
		}
	}

	return nil
}
Exemplo n.º 10
0
func checkRole(this *revel.Controller) revel.Result {
	pv := models.PV{
		IP:        this.Request.Host,
		Page:      this.Action,
		TimeStamp: time.Now().Format("2006-01-02 15:04:05")}
	addPV(pv)

	// 设置游客的访问权限
	if this.Session["administrator"] == "" {
		if this.Action == "Admin.SignIn" ||
			this.Action == "Picture.Show" ||
			this.Action == "Picture.Search" ||
			this.Action == "Picture.AddComment" ||
			this.Action == "Picture.UploadForCheck" ||
			this.Action == "Picture.PostUploadForCheck" ||
			this.Action == "Picture.UniversityPictureNums" {
			return nil
		} else {
			this.Flash.Success("需要管理员身份才能访问该页面。")
			log.Println("游客访问了 " + this.Action + " 页面,已自动跳转到首页")
			return this.Redirect(controllers.App.Index)
		}
	}

	// 设置管理员的访问权限
	if this.Session["administrator"] == "true" {
		if this.Action == "Admin.SignIn" {
			this.Flash.Success("您已经登录,请先注销再登录。")
			log.Println("管理员访问了登录页面,已自动跳转到首页")
			return this.Redirect(controllers.App.Index)
		} else {
			log.Println("管理员 " + this.Session["administrator"] + " 访问了 " + this.Action + " 页面")
			return nil
		}
	}

	return this.Redirect(controllers.Admin.SignIn)
}