| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193 |
- package controller
- import (
- "crypto/sha1"
- "encoding/hex"
- "encoding/json"
- "fmt"
- "github.com/gin-gonic/gin"
- "message-pusher/common"
- "message-pusher/model"
- "net/http"
- "sort"
- "strings"
- )
- func GetStatus(c *gin.Context) {
- c.JSON(http.StatusOK, gin.H{
- "success": true,
- "message": "",
- "data": gin.H{
- "version": common.Version,
- "start_time": common.StartTime,
- "email_verification": common.EmailVerificationEnabled,
- "github_oauth": common.GitHubOAuthEnabled,
- "github_client_id": common.GitHubClientId,
- "system_name": common.SystemName,
- "footer_html": common.Footer,
- "wechat_qrcode": common.WeChatAccountQRCodeImageURL,
- "wechat_login": common.WeChatAuthEnabled,
- "server_address": common.ServerAddress,
- "turnstile_check": common.TurnstileCheckEnabled,
- "turnstile_site_key": common.TurnstileSiteKey,
- },
- })
- return
- }
- func GetNotice(c *gin.Context) {
- common.OptionMapRWMutex.RLock()
- defer common.OptionMapRWMutex.RUnlock()
- c.JSON(http.StatusOK, gin.H{
- "success": true,
- "message": "",
- "data": common.OptionMap["Notice"],
- })
- return
- }
- func GetAbout(c *gin.Context) {
- common.OptionMapRWMutex.RLock()
- defer common.OptionMapRWMutex.RUnlock()
- c.JSON(http.StatusOK, gin.H{
- "success": true,
- "message": "",
- "data": common.OptionMap["About"],
- })
- return
- }
- func SendEmailVerification(c *gin.Context) {
- email := c.Query("email")
- if err := common.Validate.Var(email, "required,email"); err != nil {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": "无效的参数",
- })
- return
- }
- if model.IsEmailAlreadyTaken(email) {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": "邮箱地址已被占用",
- })
- return
- }
- code := common.GenerateVerificationCode(6)
- common.RegisterVerificationCodeWithKey(email, code, common.EmailVerificationPurpose)
- subject := fmt.Sprintf("%s邮箱验证邮件", common.SystemName)
- content := fmt.Sprintf("<p>您好,你正在进行%s邮箱验证。</p>"+
- "<p>您的验证码为: <strong>%s</strong></p>"+
- "<p>验证码 %d 分钟内有效,如果不是本人操作,请忽略。</p>", common.SystemName, code, common.VerificationValidMinutes)
- err := common.SendEmail(subject, email, content)
- if err != nil {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": err.Error(),
- })
- return
- }
- c.JSON(http.StatusOK, gin.H{
- "success": true,
- "message": "",
- })
- return
- }
- func SendPasswordResetEmail(c *gin.Context) {
- email := c.Query("email")
- if err := common.Validate.Var(email, "required,email"); err != nil {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": "无效的参数",
- })
- return
- }
- if !model.IsEmailAlreadyTaken(email) {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": "该邮箱地址未注册",
- })
- return
- }
- code := common.GenerateVerificationCode(0)
- common.RegisterVerificationCodeWithKey(email, code, common.PasswordResetPurpose)
- link := fmt.Sprintf("%s/user/reset?email=%s&token=%s", common.ServerAddress, email, code)
- subject := fmt.Sprintf("%s密码重置", common.SystemName)
- content := fmt.Sprintf("<p>您好,你正在进行%s密码重置。</p>"+
- "<p>点击<a href='%s'>此处</a>进行密码重置。</p>"+
- "<p>重置链接 %d 分钟内有效,如果不是本人操作,请忽略。</p>", common.SystemName, link, common.VerificationValidMinutes)
- err := common.SendEmail(subject, email, content)
- if err != nil {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": err.Error(),
- })
- return
- }
- c.JSON(http.StatusOK, gin.H{
- "success": true,
- "message": "",
- })
- return
- }
- type PasswordResetRequest struct {
- Email string `json:"email"`
- Token string `json:"token"`
- }
- func ResetPassword(c *gin.Context) {
- var req PasswordResetRequest
- err := json.NewDecoder(c.Request.Body).Decode(&req)
- if req.Email == "" || req.Token == "" {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": "无效的参数",
- })
- return
- }
- if !common.VerifyCodeWithKey(req.Email, req.Token, common.PasswordResetPurpose) {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": "重置链接非法或已过期",
- })
- return
- }
- password := common.GenerateVerificationCode(12)
- err = model.ResetUserPasswordByEmail(req.Email, password)
- if err != nil {
- c.JSON(http.StatusOK, gin.H{
- "success": false,
- "message": err.Error(),
- })
- return
- }
- common.DeleteKey(req.Email, common.PasswordResetPurpose)
- c.JSON(http.StatusOK, gin.H{
- "success": true,
- "message": "",
- "data": password,
- })
- return
- }
- func WeChatTestAccountVerification(c *gin.Context) {
- user := model.User{Username: c.Param("username")}
- user.FillUserByUsername()
- // https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Access_Overview.html
- signature := c.Query("signature")
- timestamp := c.Query("timestamp")
- nonce := c.Query("nonce")
- echoStr := c.Query("echostr")
- arr := []string{user.WeChatTestAccountVerificationToken, timestamp, nonce}
- sort.Strings(arr)
- str := strings.Join(arr, "")
- hash := sha1.Sum([]byte(str))
- hexStr := hex.EncodeToString(hash[:])
- if signature == hexStr {
- c.String(http.StatusOK, echoStr)
- } else {
- c.Status(http.StatusForbidden)
- }
- }
|
