feat: support multiple country codes for sending SMS (casdoor#1557)

* feat: support multiple country code

* feat: improve UI

* feat: migrate accountItem

* fix: Aliyun compatible

* fix: phone validate

* fix: typo

controllers/account.go

@@ -58,7 +58,7 @@ type RequestForm struct {
 
 	EmailCode   string `json:"emailCode"`
 	PhoneCode   string `json:"phoneCode"`
-	PhonePrefix string `json:"phonePrefix"`
+	CountryCode string `json:"countryCode"`
 
 	AutoSignin bool `json:"autoSignin"`
 
@@ -121,7 +121,7 @@ func (c *ApiController) Signup() {
 	}
 
 	organization := object.GetOrganization(fmt.Sprintf("%s/%s", "admin", form.Organization))
-	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.Affiliation, c.GetAcceptLanguage())
+	msg := object.CheckUserSignup(application, organization, form.Username, form.Password, form.Name, form.FirstName, form.LastName, form.Email, form.Phone, form.CountryCode, form.Affiliation, c.GetAcceptLanguage())
 	if msg != "" {
 		c.ResponseError(msg)
 		return
@@ -137,7 +137,7 @@ func (c *ApiController) Signup() {
 
 	var checkPhone string
 	if application.IsSignupItemVisible("Phone") && form.Phone != "" {
-		checkPhone = fmt.Sprintf("+%s%s", form.PhonePrefix, form.Phone)
+		checkPhone, _ = util.GetE164Number(form.Phone, form.CountryCode)
 		checkResult := object.CheckVerificationCode(checkPhone, form.PhoneCode, c.GetAcceptLanguage())
 		if len(checkResult) != 0 {
 			c.ResponseError(c.T("account:Phone: %s"), checkResult)
@@ -179,6 +179,7 @@ func (c *ApiController) Signup() {
 		Avatar:            organization.DefaultAvatar,
 		Email:             form.Email,
 		Phone:             form.Phone,
+		CountryCode:       form.CountryCode,
 		Address:           []string{},
 		Affiliation:       form.Affiliation,
 		IdCard:            form.IdCard,

controllers/auth.go

@@ -263,34 +263,32 @@ func (c *ApiController) Login() {
 				checkDest = form.Username
 			} else {
 				verificationCodeType = "phone"
-				if len(form.PhonePrefix) == 0 {
-					responseText := fmt.Sprintf(c.T("auth:%s No phone prefix"), verificationCodeType)
-					c.ResponseError(responseText)
-					return
-				}
 				if user != nil && util.GetMaskedPhone(user.Phone) == form.Username {
 					form.Username = user.Phone
 				}
-				checkDest = fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username)
 			}
-			user = object.GetUserByFields(form.Organization, form.Username)
-			if user == nil {
+
+			if user = object.GetUserByFields(form.Organization, form.Username); user == nil {
 				c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(form.Organization, form.Username)))
 				return
 			}
+			if verificationCodeType == "phone" {
+				form.CountryCode = user.GetCountryCode(form.CountryCode)
+				var ok bool
+				if checkDest, ok = util.GetE164Number(form.Username, form.CountryCode); !ok {
+					c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), form.CountryCode))
+					return
+				}
+			}
+
 			checkResult = object.CheckSigninCode(user, checkDest, form.Code, c.GetAcceptLanguage())
 			if len(checkResult) != 0 {
-				responseText := fmt.Sprintf("%s - %s", verificationCodeType, checkResult)
-				c.ResponseError(responseText)
+				c.ResponseError(fmt.Sprintf("%s - %s", verificationCodeType, checkResult))
 				return
 			}
 
 			// disable the verification code
-			if strings.Contains(form.Username, "@") {
-				object.DisableVerificationCode(form.Username)
-			} else {
-				object.DisableVerificationCode(fmt.Sprintf("+%s%s", form.PhonePrefix, form.Username))
-			}
+			object.DisableVerificationCode(checkDest)
 		} else {
 			application := object.GetApplication(fmt.Sprintf("admin/%s", form.Application))
 			if application == nil {

controllers/service.go

@@ -130,13 +130,13 @@ func (c *ApiController) SendSms() {
 		return
 	}
 
-	org := object.GetOrganization(smsForm.OrgId)
 	var invalidReceivers []string
 	for idx, receiver := range smsForm.Receivers {
-		if !util.IsPhoneCnValid(receiver) {
+		// The receiver phone format: E164 like +8613854673829 +441932567890
+		if !util.IsPhoneValid(receiver, "") {
 			invalidReceivers = append(invalidReceivers, receiver)
 		} else {
-			smsForm.Receivers[idx] = fmt.Sprintf("+%s%s", org.PhonePrefix, receiver)
+			smsForm.Receivers[idx] = receiver
 		}
 	}
 

controllers/user_util.go

@@ -62,6 +62,10 @@ func checkPermissionForUpdateUser(userId string, newUser object.User, c *ApiCont
 		item := object.GetAccountItemByName("Phone", organization)
 		itemsChanged = append(itemsChanged, item)
 	}
+	if oldUser.CountryCode != newUser.CountryCode {
+		item := object.GetAccountItemByName("Country code", organization)
+		itemsChanged = append(itemsChanged, item)
+	}
 	if oldUser.Region != newUser.Region {
 		item := object.GetAccountItemByName("Country/Region", organization)
 		itemsChanged = append(itemsChanged, item)

controllers/verification.go

@@ -24,6 +24,13 @@ import (
 	"github.com/casdoor/casdoor/util"
 )
 
+const (
+	SignupVerification = "signup"
+	ResetVerification  = "reset"
+	LoginVerification  = "login"
+	ForgetVerification = "forget"
+)
+
 func (c *ApiController) getCurrentUser() *object.User {
 	var user *object.User
 	userId := c.GetSessionUsername()
@@ -42,18 +49,15 @@ func (c *ApiController) getCurrentUser() *object.User {
 func (c *ApiController) SendVerificationCode() {
 	destType := c.Ctx.Request.Form.Get("type")
 	dest := c.Ctx.Request.Form.Get("dest")
+	countryCode := c.Ctx.Request.Form.Get("countryCode")
 	checkType := c.Ctx.Request.Form.Get("checkType")
 	checkId := c.Ctx.Request.Form.Get("checkId")
 	checkKey := c.Ctx.Request.Form.Get("checkKey")
-	checkUser := c.Ctx.Request.Form.Get("checkUser")
 	applicationId := c.Ctx.Request.Form.Get("applicationId")
 	method := c.Ctx.Request.Form.Get("method")
+	checkUser := c.Ctx.Request.Form.Get("checkUser")
 	remoteAddr := util.GetIPFromRequest(c.Ctx.Request)
 
-	if destType == "" {
-		c.ResponseError(c.T("general:Missing parameter") + ": type.")
-		return
-	}
 	if dest == "" {
 		c.ResponseError(c.T("general:Missing parameter") + ": dest.")
 		return
@@ -62,98 +66,101 @@ func (c *ApiController) SendVerificationCode() {
 		c.ResponseError(c.T("general:Missing parameter") + ": applicationId.")
 		return
 	}
-	if !strings.Contains(applicationId, "/") {
-		c.ResponseError(c.T("verification:Wrong parameter") + ": applicationId.")
-		return
-	}
 	if checkType == "" {
 		c.ResponseError(c.T("general:Missing parameter") + ": checkType.")
 		return
 	}
+	if checkKey == "" {
+		c.ResponseError(c.T("general:Missing parameter") + ": checkKey.")
+		return
+	}
+	if !strings.Contains(applicationId, "/") {
+		c.ResponseError(c.T("verification:Wrong parameter") + ": applicationId.")
+		return
+	}
 
-	captchaProvider := captcha.GetCaptchaProvider(checkType)
-
-	if captchaProvider != nil {
-		if checkKey == "" {
-			c.ResponseError(c.T("general:Missing parameter") + ": checkKey.")
-			return
-		}
-		isHuman, err := captchaProvider.VerifyCaptcha(checkKey, checkId)
-		if err != nil {
-			c.ResponseError(err.Error())
-			return
-		}
-
-		if !isHuman {
-			c.ResponseError(c.T("verification:Turing test failed."))
-			return
-		}
+	if captchaProvider := captcha.GetCaptchaProvider(checkType); captchaProvider == nil {
+		c.ResponseError(c.T("general:don't support captchaProvider: ") + checkType)
+		return
+	} else if isHuman, err := captchaProvider.VerifyCaptcha(checkKey, checkId); err != nil {
+		c.ResponseError(err.Error())
+		return
+	} else if !isHuman {
+		c.ResponseError(c.T("verification:Turing test failed."))
+		return
 	}
 
-	user := c.getCurrentUser()
 	application := object.GetApplication(applicationId)
-	organization := object.GetOrganization(fmt.Sprintf("%s/%s", application.Owner, application.Organization))
+	organization := object.GetOrganization(util.GetId(application.Owner, application.Organization))
 	if organization == nil {
 		c.ResponseError(c.T("verification:Organization does not exist"))
 		return
 	}
 
-	if checkUser == "true" && user == nil && object.GetUserByFields(organization.Name, dest) == nil {
-		c.ResponseError(c.T("general:Please login first"))
-		return
+	var user *object.User
+	// checkUser != "", means method is ForgetVerification
+	if checkUser != "" {
+		owner := application.Organization
+		user = object.GetUser(util.GetId(owner, checkUser))
 	}
 
 	sendResp := errors.New("invalid dest type")
 
-	if user == nil && checkUser != "" && checkUser != "true" {
-		name := application.Organization
-		user = object.GetUser(fmt.Sprintf("%s/%s", name, checkUser))
-	}
 	switch destType {
 	case "email":
-		if user != nil && util.GetMaskedEmail(user.Email) == dest {
-			dest = user.Email
-		}
 		if !util.IsEmailValid(dest) {
 			c.ResponseError(c.T("verification:Email is invalid"))
 			return
 		}
 
-		userByEmail := object.GetUserByEmail(organization.Name, dest)
-		if userByEmail == nil && method != "signup" && method != "reset" {
-			c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
-			return
+		if method == LoginVerification || method == ForgetVerification {
+			if user != nil && util.GetMaskedEmail(user.Email) == dest {
+				dest = user.Email
+			}
+
+			user = object.GetUserByEmail(organization.Name, dest)
+			if user == nil {
+				c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
+				return
+			}
+		} else if method == ResetVerification {
+			user = c.getCurrentUser()
 		}
 
 		provider := application.GetEmailProvider()
 		sendResp = object.SendVerificationCodeToEmail(organization, user, provider, remoteAddr, dest)
 	case "phone":
-		if user != nil && util.GetMaskedPhone(user.Phone) == dest {
-			dest = user.Phone
-		}
-		if !util.IsPhoneCnValid(dest) {
-			c.ResponseError(c.T("verification:Phone number is invalid"))
-			return
+		if method == LoginVerification || method == ForgetVerification {
+			if user != nil && util.GetMaskedPhone(user.Phone) == dest {
+				dest = user.Phone
+			}
+
+			if user = object.GetUserByPhone(organization.Name, dest); user == nil {
+				c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
+				return
+			}
+
+			countryCode = user.GetCountryCode(countryCode)
+		} else if method == ResetVerification {
+			if user = c.getCurrentUser(); user != nil {
+				countryCode = user.GetCountryCode(countryCode)
+			}
 		}
 
-		userByPhone := object.GetUserByPhone(organization.Name, dest)
-		if userByPhone == nil && method != "signup" && method != "reset" {
-			c.ResponseError(c.T("verification:the user does not exist, please sign up first"))
+		provider := application.GetSmsProvider()
+		if phone, ok := util.GetE164Number(dest, countryCode); !ok {
+			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), countryCode))
 			return
+		} else {
+			sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, phone)
 		}
-
-		dest = fmt.Sprintf("+%s%s", organization.PhonePrefix, dest)
-		provider := application.GetSmsProvider()
-		sendResp = object.SendVerificationCodeToPhone(organization, user, provider, remoteAddr, dest)
 	}
 
 	if sendResp != nil {
-		c.Data["json"] = Response{Status: "error", Msg: sendResp.Error()}
+		c.ResponseError(sendResp.Error())
 	} else {
-		c.Data["json"] = Response{Status: "ok"}
+		c.ResponseOk()
 	}
-
-	c.ServeJSON()
 }
 
 // ResetEmailOrPhone ...
@@ -169,7 +176,8 @@ func (c *ApiController) ResetEmailOrPhone() {
 	destType := c.Ctx.Request.Form.Get("type")
 	dest := c.Ctx.Request.Form.Get("dest")
 	code := c.Ctx.Request.Form.Get("code")
-	if len(dest) == 0 || len(code) == 0 || len(destType) == 0 {
+
+	if util.IsStrsEmpty(destType, dest, code) {
 		c.ResponseError(c.T("general:Missing parameter"))
 		return
 	}
@@ -192,12 +200,10 @@ func (c *ApiController) ResetEmailOrPhone() {
 			c.ResponseError(errMsg)
 			return
 		}
-
-		phonePrefix := "86"
-		if organization != nil && organization.PhonePrefix != "" {
-			phonePrefix = organization.PhonePrefix
+		if checkDest, ok = util.GetE164Number(dest, user.GetCountryCode("")); !ok {
+			c.ResponseError(fmt.Sprintf(c.T("verification:Phone number is invalid in your region %s"), user.CountryCode))
+			return
 		}
-		checkDest = fmt.Sprintf("+%s%s", phonePrefix, dest)
 	} else if destType == "email" {
 		if object.HasUserByField(user.Owner, "email", user.Email) {
 			c.ResponseError(c.T("check:Email already exists"))
@@ -215,8 +221,8 @@ func (c *ApiController) ResetEmailOrPhone() {
 			return
 		}
 	}
-	if ret := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); len(ret) != 0 {
-		c.ResponseError(ret)
+	if msg := object.CheckVerificationCode(checkDest, code, c.GetAcceptLanguage()); len(msg) != 0 {
+		c.ResponseError(msg)
 		return
 	}
 
@@ -233,8 +239,7 @@ func (c *ApiController) ResetEmailOrPhone() {
 	}
 
 	object.DisableVerificationCode(checkDest)
-	c.Data["json"] = Response{Status: "ok"}
-	c.ServeJSON()
+	c.ResponseOk()
 }
 
 // VerifyCaptcha ...

go.mod

@@ -30,6 +30,7 @@ require (
 	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3
 	github.com/markbates/goth v1.75.2
 	github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d // indirect
+	github.com/nyaruka/phonenumbers v1.1.5
 	github.com/qiangmzsx/string-adapter/v2 v2.1.0
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/russellhaering/gosaml2 v0.6.0

go.sum

@@ -354,6 +354,8 @@ github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRW
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
 github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d h1:VhgPp6v9qf9Agr/56bj7Y/xa04UccTW04VP0Qed4vnQ=
 github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U=
+github.com/nyaruka/phonenumbers v1.1.5 h1:vYy2DI+z5hdaemqVzXYJ4CVyK92IG484CirEY+40GTo=
+github.com/nyaruka/phonenumbers v1.1.5/go.mod h1:yShPJHDSH3aTKzCbXyVxNpbl2kA+F+Ne5Pun/MvFRos=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.0 h1:Iw5WCbBcaAAd0fpRb1c9r5YCylv4XDoCSigm1zLevwU=

i18n/locales/de/data.json

@@ -9,7 +9,6 @@
     "The application does not allow to sign up new account": "The application does not allow to sign up new account"
   },
   "auth": {
-    "%s No phone prefix": "%s No phone prefix",
     "Challenge method should be S256": "Challenge method should be S256",
     "Failed to create user, user information is invalid: %s": "Failed to create user, user information is invalid: %s",
     "Failed to login in: %s": "Failed to login in: %s",
@@ -57,13 +56,15 @@
     "Username is too long (maximum is 39 characters).": "Username is too long (maximum is 39 characters).",
     "Username must have at least 2 characters": "Username must have at least 2 characters",
     "You have entered the wrong password or code too many times, please wait for %d minutes and try again": "You have entered the wrong password or code too many times, please wait for %d minutes and try again",
+    "Your region is not allow to signup by phone": "Your region is not allow to signup by phone",
     "password or code is incorrect, you have %d remaining chances": "password or code is incorrect, you have %d remaining chances",
     "unsupported password type: %s": "unsupported password type: %s"
   },
   "general": {
     "Missing parameter": "Missing parameter",
     "Please login first": "Please login first",
-    "The user: %s doesn't exist": "The user: %s doesn't exist"
+    "The user: %s doesn't exist": "The user: %s doesn't exist",
+    "don't support captchaProvider: ": "don't support captchaProvider: "
   },
   "ldap": {
     "Ldap server exist": "Ldap server exist"
@@ -130,7 +131,7 @@
     "Email is invalid": "Email is invalid",
     "Invalid captcha provider.": "Invalid captcha provider.",
     "Organization does not exist": "Organization does not exist",
-    "Phone number is invalid": "Phone number is invalid",
+    "Phone number is invalid in your region %s": "Phone number is invalid in your region %s",
     "Turing test failed.": "Turing test failed.",
     "Unable to get the email modify rule.": "Unable to get the email modify rule.",
     "Unable to get the phone modify rule.": "Unable to get the phone modify rule.",