Exemplo n.º 1
0
func (this *SelfModPasswordAction) Post() {
	reqMsg := &SelfModPasswordRequest{}
	if !this.GetReqJson(reqMsg) {
		return
	}

	rspMsg := &SelfModPasswordResponse{}
	rspMsg.Init(reqMsg)

	reqMsg.CurrentPassword = strings.TrimSpace(reqMsg.CurrentPassword)
	reqMsg.NewPassword = strings.TrimSpace(reqMsg.NewPassword)

	if reqMsg.CurrentPassword == comm.NULL_STR ||
		reqMsg.NewPassword == comm.NULL_STR {
		rspMsg.SetRspRetId(msg.MSG_PARA_ABSENT)
		this.SendJson(rspMsg)
		return
	}

	sessionId := reqMsg.GetReqSessionId()
	session, ok := SessionMgr().GetSession(sessionId)
	if !ok {
		rspMsg.SetRspRetId(msg.MSG_FAIL)
		this.SendJson(rspMsg)
		return
	}

	reqMsg.CurrentPassword = utils.PasswordBySeed(reqMsg.CurrentPassword, session.GetUserId())
	reqMsg.NewPassword = utils.PasswordBySeed(reqMsg.NewPassword, session.GetUserId())

	user, ok := UserMgr().getUser(session.GetUserId())
	if !ok {
		rspMsg.SetRspRetId(msg.MSG_FAIL)
		this.SendJson(rspMsg)
		return
	}

	if user.Password != reqMsg.CurrentPassword {
		rspMsg.SetRspRetId(MSG_PASSWORD_ERROR)
		this.SendJson(rspMsg)
		return
	}

	user.Password = reqMsg.NewPassword
	msgId, ok := UserMgr().changeUser(user)

	rspMsg.SetRspRetId(msgId)
	WriteLog(rspMsg, session.GetUserName(), comm.NULL_STR)
	this.SendJson(rspMsg)
}
Exemplo n.º 2
0
func (this *ChangeUserAction) Post() {
	reqMsg := &ChangeUserRequest{}
	if !this.GetReqJson(reqMsg) {
		return
	}

	if reqMsg.Password != comm.NULL_STR {
		reqMsg.Password = utils.PasswordBySeed(reqMsg.Password, reqMsg.SafeUser.GetId())
	}

	msgId, ok := UserMgr().changeUser(&reqMsg.SafeUser)

	rspMsg := &ChangeUserResponse{}
	rspMsg.Init(reqMsg)
	rspMsg.Init(reqMsg)
	if !ok {
		rspMsg.SetRsp(msgId)
	} else {
		newUser, _ := UserMgr().getUser(reqMsg.Id)
		if newUser != nil {
			rspMsg.SafeUser = *newUser
		}

	}

	WriteLog(rspMsg, reqMsg.Name, comm.NULL_STR)
	this.SendJson(rspMsg)
}
Exemplo n.º 3
0
func (this *AwakeLoginAction) Post() {
	reqMsg := &AwakeLoginRequest{}
	if !this.GetReqJson(reqMsg) {
		return
	}

	rspMsg := &AwakeLoginResponse{}
	rspMsg.Init(reqMsg)

	reqMsg.Password = strings.TrimSpace(reqMsg.Password)

	if reqMsg.Password == comm.NULL_STR {
		rspMsg.SetRspRetId(msg.MSG_PARA_ABSENT)
		this.SendJson(rspMsg)
		return
	}

	sessionId := reqMsg.GetReqSessionId()
	session, ok := SessionMgr().GetSession(sessionId)
	if !ok {
		rspMsg.SetRspRetId(msg.MSG_FAIL)
		this.SendJson(rspMsg)
		return
	}

	if !SessionMgr().IsValid(sessionId) {
		rspMsg.SetRspRetId(msg.MSG_SESSION_INVALID)
		this.SendJson(rspMsg)
		return
	}

	reqMsg.Password = utils.PasswordBySeed(reqMsg.Password, session.GetUserId())

	user, ok := UserMgr().getUser(session.GetUserId())
	if !ok {
		rspMsg.SetRspRetId(msg.MSG_FAIL)
		this.SendJson(rspMsg)
		return
	}

	if user.Password != reqMsg.Password {
		rspMsg.SetRspRetId(MSG_PASSWORD_ERROR)
		this.SendJson(rspMsg)
		return
	}
	session.KeepAlive()

	this.SendJson(rspMsg)

}
Exemplo n.º 4
0
func (this *userMgrImpl) createUser(user *SafeUser) (msgId string, ok bool) {
	msgId = msg.MSG_FAIL
	ok = false

	if user == nil {
		return
	}

	user.Name = strings.TrimSpace(user.Name)
	user.EmployeeId = strings.TrimSpace(user.EmployeeId)
	user.Password = strings.TrimSpace(user.Password)

	if user.Name == comm.NULL_STR ||
		user.Password == comm.NULL_STR {
		msgId = msg.MSG_PARA_ABSENT
		return
	}

	user.Id = utils.RandStr()

	user.Password = utils.PasswordBySeed(user.Password, user.GetId())

	if this.existUserByName(user.Name) {
		msgId = MSG_USERNAME_CLASH
		return
	}

	if this.existUserByEmployee(user.EmployeeId) {
		msgId = MSG_EMPLOYEEID_CLASH
		return
	}

	db := ds.DB()
	defer db.Close()

	createUserSql := "insert into fast.safeUser values($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15)"
	createUserStmt, err := db.Prepare(createUserSql)
	utils.VerifyErr(err)
	createUserStmt.Exec(
		user.Id,
		user.DepartId,
		user.Name,
		user.Password,
		user.EmployeeId,
		user.NickName,
		user.FirstName,
		user.LastName,
		user.Mobile,
		user.Email,
		user.UserRemark,
		user.IsLock,
		user.LockReason,
		user.IsForever,
		user.AccountExpired)
	createUserStmt.Close()

	createMapRoleSql := "insert into fast.safeRole values($1,$2,$3,$4,$5,$6,$7)"
	createMapRoleStmt, err := db.Prepare(createMapRoleSql)
	utils.VerifyErr(err)
	createMapRoleStmt.Exec(
		user.Id,
		comm.NULL_STR,
		comm.NULL_STR,
		comm.NULL_STR,
		true,
		false,
		comm.NULL_STR)
	createMapRoleStmt.Close()

	insertRoleAllocSql := "insert into fast.roleAlloc values($1,$2)"
	insertRoleAllocStmt, err := db.Prepare(insertRoleAllocSql)
	utils.VerifyErr(err)
	for _, v := range user.Roles {
		insertRoleAllocStmt.Exec(v, user.Id)
	}
	insertRoleAllocStmt.Exec(user.Id, user.Id)

	insertRoleAllocStmt.Close()

	insertOperateAuthSql := "insert into fast.operateAuth values($1,$2)"
	insertOperateAuthStmt, err := db.Prepare(insertOperateAuthSql)
	utils.VerifyErr(err)
	for _, v := range user.Operates {
		insertOperateAuthStmt.Exec(v, user.Id)
	}
	insertOperateAuthStmt.Close()

	insertObjAuthSql := "insert into fast.objectAuth values($1,$2)"
	insertObjAuthStmt, err := db.Prepare(insertObjAuthSql)
	utils.VerifyErr(err)
	for _, v := range user.Objects {
		insertObjAuthStmt.Exec(v, user.Id)
	}
	insertObjAuthStmt.Close()

	this.mapUser[user.Id] = user

	msgId = msg.MSG_SUCCESS
	ok = true

	return
}
Exemplo n.º 5
0
func (this *sessionMgrImpl) login(req *http.Request, userName, pasword, hostIp, hostName string) (session *SafeSession, msgId string, ok bool) {
	session = nil
	msgId = comm.NULL_STR
	ok = false

	userName = strings.TrimSpace(userName)
	pasword = strings.TrimSpace(pasword)

	if userName == comm.NULL_STR || pasword == comm.NULL_STR {
		msgId = msg.MSG_PARA_ABSENT
		return
	}

	user, ok := UserMgr().getUserByName(userName)
	if !ok {
		msgId = MSG_USER_INVALID
		return
	}

	msgId, ok = UserMgr().isValid(user.GetId())
	if !ok {
		return
	}

	pasword = utils.PasswordBySeed(pasword, user.GetId())

	if user.Password != pasword {
		msgId = MSG_PASSWORD_ERROR
		ok = false
		return
	}

	if this.IsOnLine(userName) {
		this.Offline(userName)
	}

	clientOnlineLimit := LicenseMgr().GetAllowInt("clientOnlineLimit")
	activateClient := len(this.mapSessions)
	if activateClient >= clientOnlineLimit && !LicenseMgr().IsEmpty() {
		msgId = msg.MSG_LICENSE_NOENOUGH
		ok = false
		return
	}

	session = &SafeSession{}

	session.LoginUserId = user.Id
	session.LoginUserName = user.Name

	session.RandId = utils.RandStr()
	session.ConnTime = utils.StrTime()

	session.ClientIp = hostIp
	session.ClientHost = hostName
	session.ServerIp = req.Host
	session.ServerHost = req.Host

	session.KeepAliveTime = session.ConnTime
	session.SessionStatus = SAFE_SESSION_LOGIN

	session.Id = session.LoginUserName + "&" + session.ConnTime + "&" + utils.RandStr()
	session.Id = utils.EnCodeBase64(session.GetId())
	session.Id = utils.Md5(session.GetId())

	this.mapSessions[session.GetId()] = session

	db := ds.DB()
	defer db.Close()

	insertSql := "insert into fast.safeSession values($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11)"
	insertStmt, err := db.Prepare(insertSql)
	utils.VerifyErr(err)
	insertStmt.Exec(
		session.Id,
		session.RandId,
		session.ConnTime,
		session.LoginUserId,
		session.LoginUserName,
		session.ClientIp,
		session.ClientHost,
		session.ServerIp,
		session.ServerHost,
		session.KeepAliveTime,
		session.SessionStatus)

	insertStmt.Close()

	msgId = msg.MSG_SUCCESS
	ok = true

	return
}