Пример #1
0
func (c AuthController) PasswordPost() revel.Result {
	revel.INFO.Printf("POST > /auth.password ...")
	accountID, ok := c.Session["account"]
	if !ok {
		c.Flash.Error("please login first.")
		return c.Redirect(routes.AuthController.Login())
	}


	var account models.SystemAccount
	account.ID = models.DecodeID(accountID)
	if err := db.First(&account).Error; err != nil {
		c.Flash.Error("please login first: fake session.")
		return c.Redirect(routes.AuthController.Login())
	}

	var old_password, new_password, new_password2 string
	c.Params.Bind(&old_password, "old_password")
	c.Params.Bind(&new_password, "new_password")
	c.Params.Bind(&new_password2, "new_password2")

	if new_password != new_password2 {
		c.Flash.Error("new password not equal")
		return c.Redirect(routes.AuthController.Password())
	}

	//! params validation check
	c.Validation.Required(old_password)
	c.Validation.Required(new_password)

	if c.Validation.HasErrors() {
		// Store the validation errors in the flash context and redirect.
		c.Validation.Keep()
		c.FlashParams()
		return c.Redirect(routes.AuthController.Password())
	}


	tx := db.Begin()
	account.Password = new_password
	if err := tx.Model(&account).Update("password", models.SystemAccountCipher(&account).Password).Error; err != nil {
		tx.Rollback()
		c.Flash.Error("reset password:"******"auth.password updated success.")
	return c.Redirect(routes.PortalController.Index())
}
Пример #2
0
func (c AuthController) LoginPost() revel.Result {
	revel.INFO.Printf("POST > /login ...")
	var name, password string
	var remember bool

	c.Params.Bind(&name, "name")
	c.Params.Bind(&password, "password")
	c.Params.Bind(&remember, "remember")

	//! params validation check
	c.Validation.Required(name)
	c.Validation.Email(name)
	c.Validation.Required(password)
	if c.Validation.HasErrors() {
		// Store the validation errors in the flash context and redirect.
		c.Validation.Keep()
		c.FlashParams()
		return c.Redirect(routes.AuthController.Login())
	}

	var account models.SystemAccount
	if err := db.Where("mailbox = ?", name).First(&account).Error; err != nil {
		c.Flash.Error("authorized failed:" + err.Error())
		return c.Redirect(routes.AuthController.Login())
	}

	obj := models.SystemAccountCipher(&models.SystemAccount{Password: password})
	if obj.Password != account.Password {
		c.Flash.Error("authorized failed: password wrong")
		return c.Redirect(routes.AuthController.Login())
	}

	if account.Status != GetOptionValue("system_account_status", "normal") {
		c.Flash.Error("authorized failed: forbidden")
		return c.Redirect(routes.AuthController.Login())
	}

	expires := revel.Config.StringDefault("session.expires", "10m")
	duration, err := time.ParseDuration(expires)
	if err != nil {
		c.Flash.Error("time parsed failed:" + err.Error())
		return c.Redirect(routes.AuthController.Login())
	}

	remote, _, _ := net.SplitHostPort(c.Request.RemoteAddr)
	forward := c.Request.Header.Get("X-Forwarded-For")
	if forward != "" {
		remote = forward
	}

	token, err := GenerateSystemToken(account.ID, remote, 0, duration)
	if err != nil {
		c.Flash.Error("token generate failed:" + err.Error())
		return c.Redirect(routes.AuthController.Login())
	}
	c.Session["account"] = models.EncodeID(account.ID)
	c.Session["secret"] = token.Secret
	if remember {
		c.Session.SetDefaultExpiration()
	} else {
		c.Session.SetNoExpiration()
	}

	return c.Redirect(routes.PortalController.Index())
}