Guwan
/
ldap-1-backend
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: 优化重置密码的逻辑,添加验证码校验 (#164)

This commit is contained in:
二丫讲梵 2023-03-09 11:41:33 +08:00 committed by GitHub
parent b78ff04475
commit e53290e1d8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 76 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
controller/base_controller.go
View File

@ -9,6 +9,14 @@ import (
type BaseController struct{} type BaseController struct{}
// SendCode 给用户邮箱发送验证码
func (m *BaseController) SendCode(c *gin.Context) {
req := new(request.BaseSendCodeReq)
Run(c, req, func() (interface{}, interface{}) {
return logic.Base.SendCode(c, req)
})
}
// ChangePwd 用户通过邮箱修改密码 // ChangePwd 用户通过邮箱修改密码
func (m *BaseController) ChangePwd(c *gin.Context) { func (m *BaseController) ChangePwd(c *gin.Context) {
req := new(request.BaseChangePwdReq) req := new(request.BaseChangePwdReq)

34
logic/base_logic.go
View File

@ -15,18 +15,46 @@ import (
type BaseLogic struct{} type BaseLogic struct{}
// Add 添加数据 // SendCode 发送验证码
func (l BaseLogic) SendCode(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) {
r, ok := req.(*request.BaseSendCodeReq)
if !ok {
return nil, ReqAssertErr
}
_ = c
// 判断邮箱是否正确
if !isql.User.Exist(tools.H{"mail": r.Mail}) {
return nil, tools.NewValidatorError(fmt.Errorf("邮箱不存在,请检查邮箱是否正确"))
}
err := tools.SendCode([]string{r.Mail})
if err != nil {
return nil, tools.NewLdapError(fmt.Errorf("邮件发送失败" + err.Error()))
}
return nil, nil
}
// ChangePwd 重置密码
func (l BaseLogic) ChangePwd(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) { func (l BaseLogic) ChangePwd(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) {
r, ok := req.(*request.BaseChangePwdReq) r, ok := req.(*request.BaseChangePwdReq)
if !ok { if !ok {
return nil, ReqAssertErr return nil, ReqAssertErr
} }
_ = c _ = c
// 判断邮箱是否正确 // 判断邮箱是否正确
if !isql.User.Exist(tools.H{"mail": r.Mail}) { if !isql.User.Exist(tools.H{"mail": r.Mail}) {
return nil, tools.NewValidatorError(fmt.Errorf("邮箱不存在,请检查邮箱是否正确")) return nil, tools.NewValidatorError(fmt.Errorf("邮箱不存在,请检查邮箱是否正确"))
} }
// 判断验证码是否过期
cacheCode, ok := tools.VerificationCodeCache.Get(r.Mail)
if !ok {
return nil, tools.NewValidatorError(fmt.Errorf("对不起该验证码已超过5分钟有效期请重新重新密码"))
}
// 判断验证码是否正确
if cacheCode != r.Code {
return nil, tools.NewValidatorError(fmt.Errorf("验证码错误,请检查邮箱中正确的验证码,如果点击多次发送验证码,请用最后一次生成的验证码来验证"))
}
user := new(model.User) user := new(model.User)
err := isql.User.Find(tools.H{"mail": r.Mail}, user) err := isql.User.Find(tools.H{"mail": r.Mail}, user)
@ -41,7 +69,7 @@ func (l BaseLogic) ChangePwd(c *gin.Context, req interface{}) (data interface{},
err = tools.SendMail([]string{user.Mail}, newpass) err = tools.SendMail([]string{user.Mail}, newpass)
if err != nil { if err != nil {
return nil, tools.NewLdapError(fmt.Errorf("发送邮件失败" + err.Error())) return nil, tools.NewLdapError(fmt.Errorf("邮件发送失败" + err.Error()))
} }
// 更新数据库密码 // 更新数据库密码

6
model/request/base_req.go
View File

@ -1,8 +1,14 @@
package request package request
// BaseSendCodeReq 发送验证码
type BaseSendCodeReq struct {
Mail string `json:"mail" validate:"required,min=0,max=100"`
}
// BaseChangePwdReq 修改密码结构体 // BaseChangePwdReq 修改密码结构体
type BaseChangePwdReq struct { type BaseChangePwdReq struct {
Mail string `json:"mail" validate:"required,min=0,max=100"` Mail string `json:"mail" validate:"required,min=0,max=100"`
Code string `json:"code" validate:"required,len=6"`
} }
// BaseDashboardReq 系统首页展示数据结构体 // BaseDashboardReq 系统首页展示数据结构体

2
public/common/ldap.go
View File

@ -113,7 +113,7 @@ func (lcp *LdapConnPool) GetConnection() (*ldap.Conn, error) {
} }
func (lcp *LdapConnPool) PutConnection(conn *ldap.Conn) { func (lcp *LdapConnPool) PutConnection(conn *ldap.Conn) {
log.Println("放回了一个连接") log.Println("放回了一个 LDAP 连接")
lcp.mu.Lock() lcp.mu.Lock()
defer lcp.mu.Unlock() defer lcp.mu.Unlock()

28
public/tools/email.go
View File

@ -2,14 +2,20 @@ package tools
import ( import (
"fmt" "fmt"
"math/rand"
"time"
"github.com/eryajf/go-ldap-admin/config" "github.com/eryajf/go-ldap-admin/config"
"github.com/patrickmn/go-cache"
"strconv" "strconv"
"gopkg.in/gomail.v2" "gopkg.in/gomail.v2"
) )
// 验证码放到缓存当中
var VerificationCodeCache = cache.New(24*time.Hour, 48*time.Hour)
func email(mailTo []string, subject string, body string) error { func email(mailTo []string, subject string, body string) error {
mailConn := map[string]string{ mailConn := map[string]string{
"user": config.Conf.Email.User, "user": config.Conf.Email.User,
@ -36,3 +42,25 @@ func SendMail(sendto []string, pass string) error {
body := fmt.Sprintf("<li><a>更改之后的密码为: %s </a></li>", pass) body := fmt.Sprintf("<li><a>更改之后的密码为: %s </a></li>", pass)
return email(sendto, subject, body) return email(sendto, subject, body)
} }
// SendCode 发送验证码
func SendCode(sendto []string) error {
rnd := rand.New(rand.NewSource(time.Now().UnixNano()))
vcode := fmt.Sprintf("%06v", rnd.Int31n(1000000))
// 把验证码信息放到cache以便于验证时拿到
VerificationCodeCache.Set(sendto[0], vcode, time.Minute*5)
subject := "验证码-重置密码"
//发送的内容
body := fmt.Sprintf(`<div>
<div>
尊敬的用户您好
</div>
<div style="padding: 8px 40px 8px 50px;">
<p>你本次的验证码为 %s ,为了保证账号安全验证码有效期为5分钟请确认为本人操作切勿向他人泄露感谢您的理解与使用</p>
</div>
<div>
<p>此邮箱为系统邮箱请勿回复</p>
</div>
</div>`, vcode)
return email(sendto, subject, body)
}

1
routes/base_routes.go
View File

@ -18,6 +18,7 @@ func InitBaseRoutes(r *gin.RouterGroup, authMiddleware *jwt.GinJWTMiddleware) gi
base.POST("/login", authMiddleware.LoginHandler) base.POST("/login", authMiddleware.LoginHandler)
base.POST("/logout", authMiddleware.LogoutHandler) base.POST("/logout", authMiddleware.LogoutHandler)
base.POST("/refreshToken", authMiddleware.RefreshHandler) base.POST("/refreshToken", authMiddleware.RefreshHandler)
base.POST("/sendcode", controller.Base.SendCode) // 给用户邮箱发送验证码
base.POST("/changePwd", controller.Base.ChangePwd) // 修改用户密码 base.POST("/changePwd", controller.Base.ChangePwd) // 修改用户密码
base.GET("/dashboard", controller.Base.Dashboard) // 系统首页展示数据 base.GET("/dashboard", controller.Base.Dashboard) // 系统首页展示数据
} }