Apq
/
mindoc
镜像来自 https://github.com/mindoc-org/mindoc.git


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367
							package controllers

import (
	"time"
	"strings"
	"regexp"

	"net/smtp"
	"github.com/lifei6671/godoc/conf"
	"github.com/lifei6671/godoc/models"
	"github.com/lifei6671/godoc/utils"
	"github.com/astaxie/beego"
	"github.com/astaxie/beego/logs"
	"github.com/lifei6671/gocaptcha"
	"strconv"
)

// AccountController 用户登录与注册.
type AccountController struct {
	BaseController
}

// Login 用户登录.
func (c *AccountController) Login()  {
	c.Prepare()
	c.TplName = "account/login.tpl"

	var remember struct { MemberId int ; Account string; Time time.Time}

	//如果Cookie中存在登录信息
	if cookie,ok := c.GetSecureCookie(conf.GetAppKey(),"login");ok{

		if err := utils.Decode(cookie,&remember); err == nil {
			if member,err := models.NewMember().Find(remember.MemberId); err == nil {
				c.SetMember(*member)

				c.Redirect(beego.URLFor("HomeController.Index"), 302)
				c.StopRun()
			}
		}
	}

	if c.Ctx.Input.IsPost() {
		account := c.GetString("account")
		password := c.GetString("password")
		captcha := c.GetString("code")
		is_remember := c.GetString("is_remember")

		//如果开启了验证码
		if v,ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v,"true") {
			v,ok := c.GetSession(conf.CaptchaSessionName).(string);
			if !ok || !strings.EqualFold(v,captcha){
				c.JsonResult(6001,"验证码不正确")
			}
		}
		member,err := models.NewMember().Login(account,password)

		//如果没有数据
		if err == nil {
			member.LastLoginTime = time.Now()
			member.Update()

			c.SetMember(*member)
			if strings.EqualFold(is_remember,"yes") {
				remember.MemberId = member.MemberId
				remember.Account = member.Account
				remember.Time = time.Now()
				v ,err := utils.Encode(remember)
				if err == nil {
					c.SetSecureCookie(conf.GetAppKey(),"login",v)
				}

			}

			c.JsonResult(0,"ok")
		}else{
			logs.Error("用户登录 =>",err)
			c.JsonResult(500,"账号或密码错误",nil)
		}

		return
	}
}

//用户注册.
func (c *AccountController) Register()  {
	c.TplName = "account/register.tpl"

	//如果没有开启用户注册
	if v,ok := c.Option["ENABLED_REGISTER"]; ok && !strings.EqualFold(v,"true") {
		c.Abort("404")
	}

	if c.Ctx.Input.IsPost() {
		account := c.GetString("account")
		password1 := c.GetString("password1")
		password2 := c.GetString("password2")
		email := c.GetString("email")
		captcha := c.GetString("code")

		if ok,err := regexp.MatchString(conf.RegexpAccount,account); account == "" || !ok || err != nil {
			c.JsonResult(6001,"账号只能由英文字母数字组成，且在3-50个字符")
		}
		if  l := strings.Count(password1,"") ; password1 == "" || l > 50 || l < 6{
			c.JsonResult(6002,"密码必须在6-50个字符之间")
		}
		if password1 != password2 {
			c.JsonResult(6003,"确认密码不正确")
		}
		if  ok,err := regexp.MatchString(conf.RegexpEmail,email); !ok || err != nil || email == "" {
			c.JsonResult(6004,"邮箱格式不正确")
		}
		//如果开启了验证码
		if v,ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v,"true") {
			v,ok := c.GetSession(conf.CaptchaSessionName).(string);
			if !ok || !strings.EqualFold(v,captcha){
				c.JsonResult(6001,"验证码不正确")
			}
		}

		member := models.NewMember()

		if _,err := member.FindByAccount(account); err == nil && member.MemberId > 0 {
			c.JsonResult(6005,"账号已存在")
		}

		member.Account = account
		member.Password = password1
		member.Role = conf.MemberGeneralRole
		member.Avatar = conf.GetDefaultAvatar()
		member.CreateAt = 0
		member.Email = email
		member.Status = 0
		if err := member.Add(); err != nil {
			beego.Error(err)
			c.JsonResult(6006,"注册失败，请联系系统管理员处理")
		}

		c.JsonResult(0,"ok",member)
	}
}

//找回密码.
func (c *AccountController) FindPassword()  {
	c.TplName = "account/find_password_setp1.tpl"
	mail_conf := conf.GetMailConfig()

	if c.Ctx.Input.IsPost() {

		email := c.GetString("email")
		captcha := c.GetString("code")

		if email == "" {
			c.JsonResult(6005,"邮箱地址不能为空")
		}
		if !mail_conf.EnableMail {
			c.JsonResult(6004,"未启用邮件服务")
		}

		//如果开启了验证码
		if v,ok := c.Option["ENABLED_CAPTCHA"]; ok && strings.EqualFold(v,"true") {
			v,ok := c.GetSession(conf.CaptchaSessionName).(string);
			if !ok || !strings.EqualFold(v,captcha){
				c.JsonResult(6001,"验证码不正确")
			}
		}

		member ,err := models.NewMember().FindByFieldFirst("email",email)
		if err != nil {
			c.JsonResult(6006,"邮箱不存在")
		}
		if member.Status != 0 {
			c.JsonResult(6007,"账号已被禁用")
		}
		if member.AuthMethod == conf.AuthMethodLDAP {
			c.JsonResult(6011,"当前用户不支持找回密码")
		}

		count,err := models.NewMemberToken().FindSendCount(email,time.Now().Add(-1*time.Hour),time.Now())

		if err != nil {
			beego.Error(err)
			c.JsonResult(6008,"发送邮件失败")
		}
		if count > mail_conf.MailNumber {
			c.JsonResult(6008,"发送次数太多，请稍候再试")
		}

		member_token := models.NewMemberToken()

		member_token.Token = string(utils.Krand(32,utils.KC_RAND_KIND_ALL))
		member_token.Email = email
		member_token.MemberId = member.MemberId
		member_token.IsValid = false
		if _,err := member_token.InsertOrUpdate(); err != nil {
			c.JsonResult(6009,"邮件发送失败")
		}

		data := map[string]interface{}{
			"SITE_NAME" : c.Option["SITE_NAME"],
			"url" : c.BaseUrl() + beego.URLFor("AccountController.FindPassword", "token",member_token.Token,"mail",email),
		}

		body,err := c.ExecuteViewPathTemplate("account/mail_template.tpl",data)
		if err != nil {
			beego.Error(err)
			c.JsonResult(6003,"邮件发送失败")
		}

		go func(mail_conf *conf.SmtpConf,email string,body string) {
			auth := smtp.PlainAuth(
				"",
				mail_conf.SmtpUserName,
				mail_conf.SmtpPassword,
				mail_conf.SmtpHost,
			)

			mime := "MIME-version: 1.0;\nContent-Type: text/html; charset=\"UTF-8\";\n\n";
			subject := "Subject: 找回密码!\n"

			err = smtp.SendMail(
				mail_conf.SmtpHost + ":" + strconv.Itoa(mail_conf.SmtpPort),
				auth,
				mail_conf.FormUserName,
				[]string{ email },
				[]byte(subject + mime +"\n" +body),
			)
			if err != nil {
				beego.Error("邮件发送失败 => ",email,err)
			}
		}(mail_conf,email,body)


		c.JsonResult(0,"ok", c.BaseUrl() + beego.URLFor("AccountController.Login"))
	}

	token := c.GetString("token")
	mail := c.GetString("mail")

	if token != "" && mail != "" {
		member_token,err := models.NewMemberToken().FindByFieldFirst("token",token)

		if err != nil {
			beego.Error(err)
			c.Data["ErrorMessage"] = "邮件已失效"
			c.TplName = "errors/error.tpl"
			return
		}
		sub_time := member_token.SendTime.Sub(time.Now())

		if !strings.EqualFold(member_token.Email,mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {
			c.Data["ErrorMessage"] = "验证码已过期，请重新操作。"
			c.TplName = "errors/error.tpl"
			return
		}
		c.Data["Email"] = member_token.Email
		c.Data["Token"] = member_token.Token
		c.TplName = "account/find_password_setp2.tpl"

	}
}

//校验邮件并修改密码.
func (c *AccountController) ValidEmail() {
	c.Prepare()
	password1 := c.GetString("password1")
	password2 := c.GetString("password2")
	captcha := c.GetString("code")
	token := c.GetString("token")
	mail := c.GetString("mail")

	if password1 == "" {
		c.JsonResult(6001,"密码不能为空")
	}
	if l :=  strings.Count(password1,""); l <6 || l > 50{
		c.JsonResult(6001,"密码不能为空且必须在6-50个字符之间")
	}
	if password2 == ""{
		c.JsonResult(6002,"确认密码不能为空")
	}
	if password1 != password2 {
		c.JsonResult(6003,"确认密码输入不正确")
	}
	if captcha == "" {
		c.JsonResult(6004,"验证码不能为空")
	}
	v,ok := c.GetSession(conf.CaptchaSessionName).(string);
	if !ok || !strings.EqualFold(v,captcha){
		c.JsonResult(6001,"验证码不正确")
	}

	mail_conf := conf.GetMailConfig()
	member_token,err := models.NewMemberToken().FindByFieldFirst("token",token)

	if err != nil {
		beego.Error(err)
		c.JsonResult(6007,"邮件已失效")
	}
	sub_time := member_token.SendTime.Sub(time.Now())

	if !strings.EqualFold(member_token.Email,mail) || sub_time.Minutes() > float64(mail_conf.MailExpired) || !member_token.ValidTime.IsZero() {

		c.JsonResult(6008,"验证码已过期，请重新操作。")
	}
	member ,err := models.NewMember().Find(member_token.MemberId)
	if err != nil{
		beego.Error(err)
		c.JsonResult(6005,"用户不存在")
	}
	hash ,err := utils.PasswordHash(password1);

	if  err != nil {
		beego.Error(err)
		c.JsonResult(6006,"保存密码失败")
	}

	member.Password = hash

	err = member.Update("password")
	member_token.ValidTime = time.Now()
	member_token.IsValid = true
	member_token.InsertOrUpdate()

	if  err != nil {
		beego.Error(err)
		c.JsonResult(6006,"保存密码失败")
	}
	c.JsonResult(0,"ok",c.BaseUrl() + beego.URLFor("AccountController.Login"))
}


// Logout 退出登录.
func (c *AccountController) Logout(){
	c.SetMember(models.Member{});

	c.SetSecureCookie(conf.GetAppKey(),"login","",-3600)
	
	c.Redirect(beego.URLFor("AccountController.Login"),302)
}

//验证码.
func (c *AccountController) Captcha()  {
	c.Prepare()

	captchaImage, err := gocaptcha.NewCaptchaImage(140, 40, gocaptcha.RandLightColor())

	if err != nil {
		beego.Error(err)
		c.Abort("500")
	}

	captchaImage.DrawNoise(gocaptcha.CaptchaComplexLower)

	//captchaImage.DrawTextNoise(gocaptcha.CaptchaComplexHigh)
	txt := gocaptcha.RandText(4)

	c.SetSession(conf.CaptchaSessionName,txt)

	captchaImage.DrawText(txt)
	//captchaImage.Drawline(3);
	captchaImage.DrawBorder(gocaptcha.ColorToRGB(0x17A7A7A))
	//captchaImage.DrawHollowLine()


	captchaImage.SaveImage(c.Ctx.ResponseWriter, gocaptcha.ImageFormatJpeg)
	c.StopRun()
}