-
-
Notifications
You must be signed in to change notification settings - Fork 201
/
user_login.go
81 lines (73 loc) · 2 KB
/
user_login.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
package model
import (
"time"
"github.com/admpub/nging/v4/application/handler"
"github.com/admpub/nging/v4/application/library/common"
"github.com/webx-top/com"
"github.com/webx-top/db"
"github.com/webx-top/echo"
"github.com/webx-top/echo/code"
)
func (u *User) CheckPasswd(username string, password string) (exists bool, err error) {
exists = true
err = u.Get(nil, `username`, username)
if err != nil {
if err == db.ErrNoMoreRows {
exists = false
}
return
}
if u.NgingUser.Disabled == `Y` {
err = u.Context().NewError(code.UserDisabled, `该用户已被禁用`).SetZone(`disabled`)
return
}
if u.NgingUser.Password != com.MakePassword(password, u.NgingUser.Salt) {
err = u.Context().NewError(code.InvalidParameter, `密码不正确`).SetZone(`password`)
}
return
}
func (u *User) FireLoginSuccess() error {
c := u.Context()
loginLogM := u.NewLoginLog(u.Username)
u.NgingUser.LastLogin = uint(time.Now().Unix())
u.NgingUser.LastIp = c.RealIP()
set := echo.H{
`last_login`: u.NgingUser.LastLogin,
`login_fails`: 0,
}
if !common.IsAnonymousMode(`user`) {
set[`last_ip`] = u.NgingUser.LastIp
}
if len(u.NgingUser.SessionId) > 0 {
if u.NgingUser.SessionId != loginLogM.SessionId {
c.Session().RemoveID(u.NgingUser.SessionId)
set.Set(`session_id`, loginLogM.SessionId)
}
} else {
set.Set(`session_id`, loginLogM.SessionId)
}
// update user data
u.NgingUser.UpdateFields(nil, set, `id`, u.NgingUser.Id)
// loging
loginLogM.OwnerId = uint64(u.Id)
loginLogM.Success = `Y`
loginLogM.AddAndSaveSession()
// session
u.SetSession()
if u.NeedCheckU2F(u.NgingUser.Id, 2) {
c.Session().Set(`auth2ndURL`, handler.URLFor(`/gauth_check`))
}
return nil
}
func (u *User) FireLoginFailure(pass string, err error) error {
if !echo.IsErrorCode(err, code.UserDisabled) {
// 仅记录密码不正确的情况
loginLogM := u.NewLoginLog(u.Username)
loginLogM.Errpwd = pass
loginLogM.Failmsg = err.Error()
loginLogM.Success = `N`
loginLogM.Add()
u.IncrLoginFails()
}
return nil
}