func AuthInterceptor(c *revel.Controller) revel.Result {
// 全部变成首字大写
/*
var controller = strings.Title(c.Name)
var method = strings.Title(c.MethodName)
// 是否需要验证?
if !needValidate(controller, method) {
return nil
}
*/
// 验证是否已登录
// 必须是管理员
if username, ok := c.Session["Username"]; ok && username == configService.GetAdminUsername() {
return nil // 已登录
}
// 没有登录, 判断是否是ajax操作
if c.Request.Header.Get("X-Requested-With") == "XMLHttpRequest" {
re := info.NewRe()
re.Msg = "NOTLOGIN"
return c.RenderJson(re)
}
return c.Redirect("/login")
}
func CheckUserAuth(controller *revel.Controller) revel.Result {
if controller.Action == "Static.Serve" ||
controller.Action == "App.Login" ||
controller.Action == "User.Login" ||
controller.Action == "User.Logout" {
return nil
}
var (
userAuth = new(security.UserAuth)
username string
sessionData = *security.GetSessionData(&controller.Session)
)
security.AuthCache.Get(controller.Session.Id(), userAuth)
if v, ok := sessionData["username"]; ok {
username = v.(string)
}
if userAuth != nil && username != "" && userAuth.Equal(security.UserAuthGenerate(controller.Request)) {
return nil
}
controller.Flash.Error("Please log in first")
controller.Response.Out.Header().Set("Requires-Auth", "1")
// controller.Response.Status = 401
return controller.Redirect((*User).Login)
}
func checkUser(c *revel.Controller) revel.Result {
if _, ok := c.Session["user"]; ok {
return nil
}
c.Flash.Error(c.Message("login.message.notloggedin"))
return c.Redirect(routes.App.Login())
}
func adminOnly(c *revel.Controller) revel.Result {
if c.Session["usertype"] == "ADMIN" {
return nil
}
c.Flash.Error(c.Message("access.message.notallowed"))
return c.Redirect(routes.App.Index())
}
func CheckLoginAdmin(c *revel.Controller) revel.Result {
if c.Session[LOGIN_USERID] == "" || models.Role(c.Session[LOGIN_USERROLE]) != models.ROLE_SUPER_ADMIN {
return c.Redirect(
revel.MainRouter.Reverse("Auth.Login", map[string]string{}).Url,
)
}
return nil
}
// func init() {
// revel.InterceptFunc(CheckLogin, revel.BEFORE, &App{})
// }
func CheckLogin(c *revel.Controller) revel.Result {
if c.Session[LOGIN_USERID] == "" {
return c.Redirect(
revel.MainRouter.Reverse("Auth.Login", map[string]string{}).Url,
)
}
return nil
}
// search certain content
func Search(key string, c *revel.Controller) revel.Result {
var problems []models.Problem
err := engine.Where("title = ? ", key).Find(&problems)
if err != nil {
c.Flash.Error("error %s", err.Error())
c.Redirect(routes.Notice.Crash())
}
return c.Render(problems)
}
//authentication check
func authenticate(c *revel.Controller) revel.Result {
if inStringSlice(strings.ToLower(c.Action),
adminPermission) {
if !adminAuthentication(c) {
c.Flash.Error("you are not admin")
return c.Redirect("/")
}
}
if inStringSlice(strings.ToLower(c.Action),
userPermission) {
if ok := connected(c); !ok {
c.Flash.Error("please login first")
return c.Redirect(routes.Account.Login())
} else {
return nil
}
}
if inStringSlice(strings.ToLower(c.Action),
logoutCheck) {
if ok := connected(c); ok {
c.Flash.Error("can not repeat login")
return c.Redirect("/")
} else {
return nil
}
}
return nil
}
//检测登陆
func CheckLogin(c *revel.Controller) revel.Result {
//登陆页面,CSS, JS, Ajax, 验证码页面 都不进行登陆验证
if c.Name == "User" && c.MethodName == "Login" || c.Name == "Ajax" || c.Name == "Static" || c.Name == "Captcha" || c.Name == "Kindeditor" {
if LANG, ok := c.Session["Lang"]; ok {
//设置语言
c.RenderArgs["currentLocale"] = LANG
} else {
//设置默认语言
c.RenderArgs["currentLocale"] = "zh"
}
return nil
} else {
UserID := utils.GetSession("UserID", c.Session)
if len(UserID) > 0 {
UserID, err := strconv.ParseInt(UserID, 10, 64)
if err != nil {
revel.WARN.Println(err)
return c.Redirect("/Login/")
}
admin := new(models.Admin)
admin_info := admin.GetById(UserID)
if admin_info.Id <= 0 {
return c.Redirect("/Login/")
}
//控制器
c.RenderArgs["Controller"] = c.Name
//动作
c.RenderArgs["action"] = c.Action
//模型
c.RenderArgs["Model"] = c.MethodName
//登陆信息
c.RenderArgs["admin_info"] = admin_info
//设置语言
c.RenderArgs["currentLocale"] = admin_info.Lang
} else {
//控制器
c.RenderArgs["Controller"] = c.Name
//动作
c.RenderArgs["action"] = c.Action
//模型
c.RenderArgs["Model"] = c.MethodName
return c.Redirect("/Login/")
}
}
return nil
}
func checkRole(this *revel.Controller) revel.Result {
pv := models.PV{
IP: this.Request.Host,
Page: this.Action,
TimeStamp: time.Now().Format("2006-01-02 15:04:05")}
addPV(pv)
// 设置游客的访问权限
if this.Session["administrator"] == "" {
if this.Action == "Admin.SignIn" ||
this.Action == "Picture.Show" ||
this.Action == "Picture.Search" ||
this.Action == "Picture.AddComment" ||
this.Action == "Picture.UploadForCheck" ||
this.Action == "Picture.PostUploadForCheck" ||
this.Action == "Picture.UniversityPictureNums" {
return nil
} else {
this.Flash.Success("需要管理员身份才能访问该页面。")
log.Println("游客访问了 " + this.Action + " 页面,已自动跳转到首页")
return this.Redirect(controllers.App.Index)
}
}
// 设置管理员的访问权限
if this.Session["administrator"] == "true" {
if this.Action == "Admin.SignIn" {
this.Flash.Success("您已经登录,请先注销再登录。")
log.Println("管理员访问了登录页面,已自动跳转到首页")
return this.Redirect(controllers.App.Index)
} else {
log.Println("管理员 " + this.Session["administrator"] + " 访问了 " + this.Action + " 页面")
return nil
}
}
return this.Redirect(controllers.Admin.SignIn)
}