mindoc/controllers/account.go

package controllers

import (
	"regexp"
	"strconv"
	"strings"
	"time"

	"net/smtp"

	"github.com/astaxie/beego"
	"github.com/astaxie/beego/logs"
	"github.com/lifei6671/gocaptcha"
	"github.com/lifei6671/mindoc/conf"
	"github.com/lifei6671/mindoc/models"
	"github.com/lifei6671/mindoc/utils"
)

// AccountController 用户登录与注册
type AccountController struct {
	BaseController
}

// Login 用户登录
func (c *AccountController) Login() {
	c.Prepare()
	c.TplName = "account/login.tpl"

	var remember struct {
		MemberId int
		Account  string
		Time     time.Time
	}

	// 显式指定的 URL 参数优先；为了统一处理，将之更新到 Session 中
	turl := c.GetString("turl", "")
	if turl != "" {
		c.SetSession("turl", turl)
	}

	beego.Info("AccountController.Login(): turl is: " + turl)

	// 如果 Cookie 中存在登录信息
	if cookie, ok := c.GetSecureCookie(conf.GetAppKey(), "login"); ok {
		if err := utils.Decode(cookie, &remember); err == nil {
			if member, err := models.NewMember().Find(remember.MemberId); err == nil {
				c.SetMember(*member)

				c.LoggedIn(false)
				c.StopRun()
			}
		}
	}

	if c.Ctx.Input.IsPost() {
		account := c.GetString("account")
		password := c.GetString("password")
		captcha := c.GetString("code")
		is_remember := c.GetString("is_remember")

		// 如果开启了验证码
		if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
			v, ok := c.GetSession(conf.CaptchaSessionName).(string)
			if !ok || !strings.EqualFold(v, captcha) {
				c.JsonResult(6001, "验证码不正确")
			}
		}

		member, err := models.NewMember().Login(account, password)
		if err == nil {
			member.LastLoginTime = time.Now()
			member.Update()

			c.SetMember(*member)
			if strings.EqualFold(is_remember, "yes") {
				remember.MemberId = member.MemberId
				remember.Account = member.Account
				remember.Time = time.Now()
				v, err := utils.Encode(remember)
				if err == nil {
					c.SetSecureCookie(conf.GetAppKey(), "login", v)
				}
			}

			data := c.LoggedIn(true)
			c.JsonResult(0, "ok", data)
		} else {
			logs.Error("用户登录 =>", err)
			c.JsonResult(500, "账号或密码错误", nil)
		}
	}
}

// 登录成功后的操作，如重定向到原始请求页面
func (c *AccountController) LoggedIn(isPost bool) interface{} {
	turl := ""
	value := c.GetSession("turl")
	if value != nil {
		turl = value.(string)
	}
	c.DelSession("turl")

	beego.Info("AccountController.LoggedIn(): turl is: " + turl)

	if !isPost {
		// 检查是否存在 turl 参数，如果有则重定向至 turl 处，否则进入 Home 页面
		if turl == "" {
			turl = beego.URLFor("HomeController.Index")
		}
		c.Redirect(turl, 302)
		return nil
	} else {
		var data struct {
			TURL string `json:"turl"`
		}
		data.TURL = turl
		return data
	}
}

// 用户注册
func (c *AccountController) Register() {
	c.TplName = "account/register.tpl"

	// 如果没有开启用户注册
	if v, ok := c.Option["ENABLED_REGISTER"]; ok && !strings.EqualFold(v, "true") {
		c.Abort("404")
	}

	if c.Ctx.Input.IsPost() {
		account := c.GetString("account")
		password1 := c.GetString("password1")
		password2 := c.GetString("password2")
		email := c.GetString("email")
		captcha := c.GetString("code")

		if ok, err := regexp.MatchString(conf.RegexpAccount, account); account == "" || !ok || err != nil {
			c.JsonResult(6001, "账号只能由英文字母数字组成，且在3-50个字符")
		}
		if l := strings.Count(password1, ""); password1 == "" || l > 50 || l < 6 {
			c.JsonResult(6002, "密码必须在6-50个字符之间")
		}
		if password1 != password2 {
			c.JsonResult(6003, "确认密码不正确")
		}
		if ok, err := regexp.MatchString(conf.RegexpEmail, email); !ok || err != nil || email == "" {
			c.JsonResult(6004, "邮箱格式不正确")
		}
		// 如果开启了验证码
		if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
			v, ok := c.GetSession(conf.CaptchaSessionName).(string)
			if !ok || !strings.EqualFold(v, captcha) {
				c.JsonResult(6001, "验证码不正确")
			}
		}

		member := models.NewMember()

		if _, err := member.FindByAccount(account); err == nil && member.MemberId > 0 {
			c.JsonResult(6005, "账号已存在")
		}

		member.Account = account
		member.Password = password1
		member.Role = conf.MemberGeneralRole
		member.Avatar = conf.GetDefaultAvatar()
		member.CreateAt = 0
		member.Email = email
		member.Status = 0
		if err := member.Add(); err != nil {
			beego.Error(err)
			c.JsonResult(6006, "注册失败，请联系系统管理员处理")
		}

		c.JsonResult(0, "ok", member)
	}
}

// 找回密码
func (c *AccountController) FindPassword() {
	c.TplName = "account/find_password_setp1.tpl"
	mail_conf := conf.GetMailConfig()

	if c.Ctx.Input.IsPost() {

		email := c.GetString("email")
		captcha := c.GetString("code")

		if email == "" {
			c.JsonResult(6005, "邮箱地址不能为空")
		}
		if !mail_conf.EnableMail {
			c.JsonResult(6004, "未启用邮件服务")
		}

		// 如果开启了验证码
		if v, ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v, "true") {
			v, ok := c.GetSession(conf.CaptchaSessionName).(string)
			if !ok || !strings.EqualFold(v, captcha) {
				c.JsonResult(6001, "验证码不正确")
			}
		}

		member, err := models.NewMember().FindByFieldFirst("email", email)
		if err != nil {
			c.JsonResult(6006, "邮箱不存在")
		}
		if member.Status != 0 {
			c.JsonResult(6007, "账号已被禁用")
		}
		if member.AuthMethod == conf.AuthMethodLDAP {
			c.JsonResult(6011, "当前用户不支持找回密码")
		}

		count, err := models.NewMemberToken().FindSendCount(email, time.Now().Add(-1*time.Hour), time.Now())

		if err != nil {
			beego.Error(err)
			c.JsonResult(6008, "发送邮件失败")
		}
		if count > mail_conf.MailNumber {
			c.JsonResult(6008, "发送次数太多，请稍候再试")
		}

		member_token := models.NewMemberToken()

		member_token.Token = string(utils.Krand(32, utils.KC_RAND_KIND_ALL))
		member_token.Email = email
		member_token.MemberId = member.MemberId
		member_token.IsValid = false
		if _, err := member_token.InsertOrUpdate(); err != nil {
			c.JsonResult(6009, "邮件发送失败")
		}

		data := map[string]interface{}{
			"SITE_NAME": c.Option["SITE_NAME"],
			"url":       c.BaseUrl() + beego.URLFor("AccountController.FindPassword", "token", member_token.Token, "mail", email),
		}

		body, err := c.ExecuteViewPathTemplate("account/mail_template.tpl", data)
		if err != nil {
			beego.Error(err)
			c.JsonResult(6003, "邮件发送失败")
		}

		go func(mail_conf *conf.SmtpConf, email string, body string) {
			auth := smtp.PlainAuth(
				"",
				mail_conf.SmtpUserName,
				mail_conf.SmtpPassword,
				mail_conf.SmtpHost,
			)

			mime := "MIME-version: 1.0;\nContent-Type: text/html; charset=\"UTF-8\";\n\n"
			subject := "Subject: 找回密码!\n"

			err = smtp.SendMail(
				mail_conf.SmtpHost+":"+strconv.Itoa(mail_conf.SmtpPort),
				auth,
				mail_conf.FormUserName,
				[]string{email},
				[]byte(subject+mime+"\n"+body),
			)
			if err != nil {
				beego.Error("邮件发送失败 => ", email, err)
			}
		}(mail_conf, email, body)

		c.JsonResult(0, "ok", c.BaseUrl()+beego.URLFor("AccountController.Login"))
	}

	token := c.GetString("token")
	mail := c.GetString("mail")

	if token != "" && mail != "" {
		member_token, err := models.NewMemberToken().FindByFieldFirst("token", token)

		if err != nil {
			beego.Error(err)
			c.Data["ErrorMessage"] = "邮件已失效"
			c.TplName = "errors/error.tpl"
			return
		}
		sub_time := member_token.SendTime.Sub(time.Now())

		if !strings.EqualFold(member_token.Email, mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {
			c.Data["ErrorMessage"] = "验证码已过期，请重新操作。"
			c.TplName = "errors/error.tpl"
			return
		}
		c.Data["Email"] = member_token.Email
		c.Data["Token"] = member_token.Token
		c.TplName = "account/find_password_setp2.tpl"

	}
}

// 校验邮件并修改密码
func (c *AccountController) ValidEmail() {
	c.Prepare()
	password1 := c.GetString("password1")
	password2 := c.GetString("password2")
	captcha := c.GetString("code")
	token := c.GetString("token")
	mail := c.GetString("mail")

	if password1 == "" {
		c.JsonResult(6001, "密码不能为空")
	}
	if l := strings.Count(password1, ""); l < 6 || l > 50 {
		c.JsonResult(6001, "密码不能为空且必须在6-50个字符之间")
	}
	if password2 == "" {
		c.JsonResult(6002, "确认密码不能为空")
	}
	if password1 != password2 {
		c.JsonResult(6003, "确认密码输入不正确")
	}
	if captcha == "" {
		c.JsonResult(6004, "验证码不能为空")
	}
	v, ok := c.GetSession(conf.CaptchaSessionName).(string)
	if !ok || !strings.EqualFold(v, captcha) {
		c.JsonResult(6001, "验证码不正确")
	}

	mail_conf := conf.GetMailConfig()
	member_token, err := models.NewMemberToken().FindByFieldFirst("token", token)

	if err != nil {
		beego.Error(err)
		c.JsonResult(6007, "邮件已失效")
	}
	sub_time := member_token.SendTime.Sub(time.Now())

	if !strings.EqualFold(member_token.Email, mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {

		c.JsonResult(6008, "验证码已过期，请重新操作。")
	}
	member, err := models.NewMember().Find(member_token.MemberId)
	if err != nil {
		beego.Error(err)
		c.JsonResult(6005, "用户不存在")
	}
	hash, err := utils.PasswordHash(password1)

	if err != nil {
		beego.Error(err)
		c.JsonResult(6006, "保存密码失败")
	}

	member.Password = hash

	err = member.Update("password")
	member_token.ValidTime = time.Now()
	member_token.IsValid = true
	member_token.InsertOrUpdate()

	if err != nil {
		beego.Error(err)
		c.JsonResult(6006, "保存密码失败")
	}
	c.JsonResult(0, "ok", c.BaseUrl()+beego.URLFor("AccountController.Login"))
}

// Logout 退出登录
func (c *AccountController) Logout() {
	c.SetMember(models.Member{})

	c.SetSecureCookie(conf.GetAppKey(), "login", "", -3600)

	c.Redirect(beego.URLFor("AccountController.Login"), 302)
}

// 验证码
func (c *AccountController) Captcha() {
	c.Prepare()

	captchaImage, err := gocaptcha.NewCaptchaImage(140, 40, gocaptcha.RandLightColor())

	if err != nil {
		beego.Error(err)
		c.Abort("500")
	}

	captchaImage.DrawNoise(gocaptcha.CaptchaComplexLower)

	// captchaImage.DrawTextNoise(gocaptcha.CaptchaComplexHigh)
	txt := gocaptcha.RandText(4)

	c.SetSession(conf.CaptchaSessionName, txt)

	captchaImage.DrawText(txt)
	// captchaImage.Drawline(3);
	captchaImage.DrawBorder(gocaptcha.ColorToRGB(0x17A7A7A))
	// captchaImage.DrawHollowLine()

	captchaImage.SaveImage(c.Ctx.ResponseWriter, gocaptcha.ImageFormatJpeg)
	c.StopRun()
}