- user2
This commit is contained in:
gazebo
@@ -1,9 +1,13 @@
|
||||
package password
|
||||
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"git.rosy.net.cn/baseapi/utils"
|
||||
"git.rosy.net.cn/jx-callback/business/auth2"
|
||||
"git.rosy.net.cn/jx-callback/business/auth2/authprovider"
|
||||
"git.rosy.net.cn/jx-callback/business/model"
|
||||
"git.rosy.net.cn/jx-callback/business/model/dao"
|
||||
)
|
||||
@@ -13,7 +17,7 @@ const (
|
||||
)
|
||||
|
||||
type Auther struct {
|
||||
auth2.DefAuther
|
||||
authprovider.DefAuther
|
||||
}
|
||||
|
||||
var (
|
||||
@@ -25,7 +29,7 @@ func init() {
|
||||
}
|
||||
|
||||
func (a *Auther) VerifySecret(userID, passMD5 string) (authBind *model.AuthBind, err error) {
|
||||
if authBind, err = dao.GetAuthBind(nil, "", AuthType, userID, ""); err == nil {
|
||||
if authBind, err = dao.GetAuthBind(dao.GetDB(), "", AuthType, userID); err == nil {
|
||||
err = a.checkPassword(authBind, passMD5)
|
||||
} else if dao.IsNoRowsError(err) {
|
||||
err = auth2.ErrUserNotExist
|
||||
@@ -36,19 +40,30 @@ func (a *Auther) VerifySecret(userID, passMD5 string) (authBind *model.AuthBind,
|
||||
// 特殊接口
|
||||
func (a *Auther) ChangePassword(userID, oldPassMD5, newPassMD5 string) (err error) {
|
||||
var authBind *model.AuthBind
|
||||
if authBind, err = dao.GetAuthBind(nil, "", AuthType, userID, ""); err == nil {
|
||||
if err = a.checkPassword(authBind, oldPassMD5); err == nil || authBind.AuthSecret == "" {
|
||||
db := dao.GetDB()
|
||||
if authBind, err = dao.GetAuthBind(db, "", AuthType, userID); err == nil {
|
||||
if err = a.checkPassword(authBind, oldPassMD5); err == nil || authBind.AuthSecret == "" { // 如果原密码为空,不判断原密码,代表重置密码
|
||||
authBind.AuthSecret = newPassMD5
|
||||
_, err = dao.UpdateEntity(nil, authBind, "AuthSecret")
|
||||
_, err = dao.UpdateEntity(db, authBind, "AuthSecret")
|
||||
}
|
||||
} else if dao.IsNoRowsError(err) {
|
||||
err = auth2.ErrUserNotExist
|
||||
salt := utils.GetUUID()
|
||||
err = a.AddAuthBind(&model.AuthBind{
|
||||
Type: AuthType,
|
||||
AuthID: userID,
|
||||
AuthSecret: a.encryptPassword(newPassMD5, salt),
|
||||
AuthSecret2: salt,
|
||||
}, "admin")
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
||||
func (a *Auther) encryptPassword(password, salt string) string {
|
||||
return fmt.Sprintf("%x", sha1.Sum([]byte(password+salt)))
|
||||
}
|
||||
|
||||
func (a *Auther) checkPassword(authBind *model.AuthBind, passMD5 string) (err error) {
|
||||
if authBind.AuthSecret != passMD5 {
|
||||
if authBind.AuthSecret != a.encryptPassword(passMD5, authBind.AuthSecret2) {
|
||||
return ErrUserAndPassNotMatch
|
||||
}
|
||||
return nil
|
||||
|
||||
Reference in New Issue
Block a user