func (this *UserController) processUserPasswordForm(user *models.User) {
valid := validation.Validation{}
userPasswordForm := UserPasswordForm{}
if err := this.ParseForm(&userPasswordForm); err != nil {
beego.Error(err)
}
_, err := valid.Valid(userPasswordForm)
if err != nil {
beego.Error(err)
this.Abort("400")
}
if !user.VerifyPassword(userPasswordForm.CurrentPassword) {
valid.SetError("CurrentPassword", "当前密码错误")
}
if len(valid.Errors) > 0 {
this.Data["UserPasswordFormValidErrors"] = valid.Errors
beego.Trace(fmt.Sprint(valid.Errors))
} else {
user.SetPassword(userPasswordForm.Password)
if err := user.Update(); err != nil {
this.Abort("500")
}
this.FlashWrite("notice", "密码已更新!")
this.Redirect(this.Ctx.Request.RequestURI, 302)
}
}
func (this *AuthController) DoLogin() {
this.CheckRequestFrequency(3, 15, 30)
if this.IsLogin {
this.Redirect("/", 302)
}
valid := validation.Validation{}
form := LoginForm{}
if err := this.ParseForm(&form); err != nil {
beego.Error(err)
}
b, err := valid.Valid(form)
if err != nil {
beego.Error(err)
}
if !b {
this.loginPageWithErrors(form, valid.Errors)
return
}
//用户不存在?
user := models.User{Username: form.Username, Email: form.Username}
if err := user.Read("Username"); err != nil {
if err2 := user.Read("Email"); err2 != nil {
errMsg := fmt.Sprintf("用户 %s 不存在!", form.Username)
beego.Trace(errMsg)
valid.SetError("username", errMsg)
this.loginPageWithErrors(form, valid.Errors)
return
}
}
//用户被禁止?
if user.IsBanned {
beego.Trace(fmt.Sprintf("用户%s被禁用,不能登录!", user.Username))
valid.SetError("username", "抱歉,您被禁止登录!")
this.loginPageWithErrors(form, valid.Errors)
return
}
//检查密码
if !user.VerifyPassword(form.Password) {
beego.Trace(fmt.Sprintf("%s 登录失败!", form.Username))
valid.SetError("password", "密码错误")
this.loginPageWithErrors(form, valid.Errors)
return
}
//验证全部通过
var remember bool
if form.Remember != "" {
remember = true
}
this.LogUserIn(&user, remember)
this.Redirect(GetLoginRedirectUrl(this.Ctx), 302)
return
}
func (this *SocialAuthController) processLoginForm(socialType social.SocialType) {
valid := validation.Validation{}
form := SocialAuthLoginForm{}
var user models.User
if err := this.ParseForm(&form); err != nil {
beego.Error(err)
}
b, err := valid.Valid(form)
if err != nil {
beego.Error(err)
}
if !b {
goto showLoginErrors
}
//用户不存在?
user = models.User{Username: form.Username, Email: form.Username}
if err := user.Read("Username"); err != nil {
if err2 := user.Read("Email"); err2 != nil {
errMsg := fmt.Sprintf("用户 %s 不存在!", form.Username)
valid.SetError("Username", errMsg)
goto showLoginErrors
}
}
//用户被禁止?
if user.IsBanned {
beego.Trace(fmt.Sprintf("用户%s被禁用,不能登录!", user.Username))
valid.SetError("Username", "抱歉,您被禁止登录!")
goto showLoginErrors
}
//检查密码
if !user.VerifyPassword(form.Password) {
beego.Trace(fmt.Sprintf("%s 登录失败!", form.Username))
valid.SetError("Password", "密码错误")
goto showLoginErrors
}
//验证全部通过
if loginRedirect, _, err := SocialAuth.ConnectAndLogin(this.Ctx, socialType, user.Id); err != nil {
beego.Error("ConnectAndLogin:"******"Let's redirect ", loginRedirect)
this.Redirect(loginRedirect, 302)
return
}
showLoginErrors:
this.Data["LoginForm"] = form
this.Data["LoginFormErrors"] = valid.Errors
return
}