Пример #1
0
func SignInPost(ctx *middleware.Context, form auth.LogInForm) {
	ctx.Data["Title"] = "Log In"

	sid, isOauth := ctx.Session.Get("socialId").(int64)
	if isOauth {
		ctx.Data["IsSocialLogin"] = true
	} else if base.OauthService != nil {
		ctx.Data["OauthEnabled"] = true
		ctx.Data["OauthService"] = base.OauthService
	}

	if ctx.HasError() {
		ctx.HTML(200, "user/signin")
		return
	}

	user, err := models.LoginUserPlain(form.UserName, form.Password)
	if err != nil {
		if err == models.ErrUserNotExist {
			log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password)
			ctx.RenderWithErr("Username or password is not correct", "user/signin", &form)
			return
		}

		ctx.Handle(500, "user.SignIn", err)
		return
	}

	if form.Remember == "on" {
		secret := base.EncodeMd5(user.Rands + user.Passwd)
		days := 86400 * base.LogInRememberDays
		ctx.SetCookie(base.CookieUserName, user.Name, days)
		ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
	}

	// Bind with social account.
	if isOauth {
		if err = models.BindUserOauth2(user.Id, sid); err != nil {
			if err == models.ErrOauth2RecordNotExist {
				ctx.Handle(404, "user.SignInPost(GetOauth2ById)", err)
			} else {
				ctx.Handle(500, "user.SignInPost(GetOauth2ById)", err)
			}
			return
		}
		ctx.Session.Delete("socialId")
		log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
	}

	ctx.Session.Set("userId", user.Id)
	ctx.Session.Set("userName", user.Name)
	if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 {
		ctx.SetCookie("redirect_to", "", -1)
		ctx.Redirect(redirectTo)
		return
	}

	ctx.Redirect("/")
}
Пример #2
0
func SignIn(ctx *middleware.Context, form auth.LogInForm) {
	ctx.Data["Title"] = "Log In"

	if ctx.Req.Method == "GET" {
		// Check auto-login.
		userName := ctx.GetCookie(base.CookieUserName)
		if len(userName) == 0 {
			ctx.HTML(200, "user/signin")
			return
		}

		isSucceed := false
		defer func() {
			if !isSucceed {
				log.Trace("%s auto-login cookie cleared: %s", ctx.Req.RequestURI, userName)
				ctx.SetCookie(base.CookieUserName, "", -1)
				ctx.SetCookie(base.CookieRememberName, "", -1)
			}
		}()

		user, err := models.GetUserByName(userName)
		if err != nil {
			ctx.HTML(200, "user/signin")
			return
		}

		secret := base.EncodeMd5(user.Rands + user.Passwd)
		value, _ := ctx.GetSecureCookie(secret, base.CookieRememberName)
		if value != user.Name {
			ctx.HTML(200, "user/signin")
			return
		}

		isSucceed = true
		ctx.Session.Set("userId", user.Id)
		ctx.Session.Set("userName", user.Name)
		redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to"))
		if len(redirectTo) > 0 {
			ctx.SetCookie("redirect_to", "", -1)
			ctx.Redirect(redirectTo)
		} else {
			ctx.Redirect("/")
		}
		return
	}

	if ctx.HasError() {
		ctx.HTML(200, "user/signin")
		return
	}

	user, err := models.LoginUserPlain(form.UserName, form.Password)
	if err != nil {
		if err == models.ErrUserNotExist {
			log.Trace("%s Log in failed: %s/%s", ctx.Req.RequestURI, form.UserName, form.Password)
			ctx.RenderWithErr("Username or password is not correct", "user/signin", &form)
			return
		}

		ctx.Handle(200, "user.SignIn", err)
		return
	}

	if form.Remember == "on" {
		secret := base.EncodeMd5(user.Rands + user.Passwd)
		days := 86400 * base.LogInRememberDays
		ctx.SetCookie(base.CookieUserName, user.Name, days)
		ctx.SetSecureCookie(secret, base.CookieRememberName, user.Name, days)
	}

	ctx.Session.Set("userId", user.Id)
	ctx.Session.Set("userName", user.Name)
	redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to"))
	if len(redirectTo) > 0 {
		ctx.SetCookie("redirect_to", "", -1)
		ctx.Redirect(redirectTo)
	} else {
		ctx.Redirect("/")
	}
}