feat: 优化重置密码的逻辑,添加验证码校验 (opsre#164)

jyhgit · Mar 9, 2023 · e53290e · e53290e
1 parent b78ff04
commit e53290e
Show file tree

Hide file tree

Showing 6 changed files with 76 additions and 5 deletions.
diff --git a/controller/base_controller.go b/controller/base_controller.go
@@ -9,6 +9,14 @@ import (
 
 type BaseController struct{}
 
+// SendCode 给用户邮箱发送验证码
+func (m *BaseController) SendCode(c *gin.Context) {
+	req := new(request.BaseSendCodeReq)
+	Run(c, req, func() (interface{}, interface{}) {
+		return logic.Base.SendCode(c, req)
+	})
+}
+
 // ChangePwd 用户通过邮箱修改密码
 func (m *BaseController) ChangePwd(c *gin.Context) {
 	req := new(request.BaseChangePwdReq)

diff --git a/logic/base_logic.go b/logic/base_logic.go
@@ -15,18 +15,46 @@ import (
 
 type BaseLogic struct{}
 
-// Add 添加数据
+// SendCode 发送验证码
+func (l BaseLogic) SendCode(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) {
+	r, ok := req.(*request.BaseSendCodeReq)
+	if !ok {
+		return nil, ReqAssertErr
+	}
+	_ = c
+	// 判断邮箱是否正确
+	if !isql.User.Exist(tools.H{"mail": r.Mail}) {
+		return nil, tools.NewValidatorError(fmt.Errorf("邮箱不存在,请检查邮箱是否正确"))
+	}
+
+	err := tools.SendCode([]string{r.Mail})
+	if err != nil {
+		return nil, tools.NewLdapError(fmt.Errorf("邮件发送失败" + err.Error()))
+	}
+
+	return nil, nil
+}
+
+// ChangePwd 重置密码
 func (l BaseLogic) ChangePwd(c *gin.Context, req interface{}) (data interface{}, rspError interface{}) {
 	r, ok := req.(*request.BaseChangePwdReq)
 	if !ok {
 		return nil, ReqAssertErr
 	}
 	_ = c
-
 	// 判断邮箱是否正确
 	if !isql.User.Exist(tools.H{"mail": r.Mail}) {
 		return nil, tools.NewValidatorError(fmt.Errorf("邮箱不存在,请检查邮箱是否正确"))
 	}
+	// 判断验证码是否过期
+	cacheCode, ok := tools.VerificationCodeCache.Get(r.Mail)
+	if !ok {
+		return nil, tools.NewValidatorError(fmt.Errorf("对不起，该验证码已超过5分钟有效期，请重新重新密码"))
+	}
+	// 判断验证码是否正确
+	if cacheCode != r.Code {
+		return nil, tools.NewValidatorError(fmt.Errorf("验证码错误，请检查邮箱中正确的验证码，如果点击多次发送验证码，请用最后一次生成的验证码来验证"))
+	}
 
 	user := new(model.User)
 	err := isql.User.Find(tools.H{"mail": r.Mail}, user)
@@ -41,7 +69,7 @@ func (l BaseLogic) ChangePwd(c *gin.Context, req interface{}) (data interface{},
 
 	err = tools.SendMail([]string{user.Mail}, newpass)
 	if err != nil {
-		return nil, tools.NewLdapError(fmt.Errorf("发送邮件失败" + err.Error()))
+		return nil, tools.NewLdapError(fmt.Errorf("邮件发送失败" + err.Error()))
 	}
 
 	// 更新数据库密码

diff --git a/model/request/base_req.go b/model/request/base_req.go
@@ -1,8 +1,14 @@
 package request
 
+// BaseSendCodeReq 发送验证码
+type BaseSendCodeReq struct {
+	Mail string `json:"mail" validate:"required,min=0,max=100"`
+}
+
 // BaseChangePwdReq 修改密码结构体
 type BaseChangePwdReq struct {
 	Mail string `json:"mail" validate:"required,min=0,max=100"`
+	Code string `json:"code" validate:"required,len=6"`
 }
 
 // BaseDashboardReq  系统首页展示数据结构体

diff --git a/public/common/ldap.go b/public/common/ldap.go
@@ -113,7 +113,7 @@ func (lcp *LdapConnPool) GetConnection() (*ldap.Conn, error) {
 }
 
 func (lcp *LdapConnPool) PutConnection(conn *ldap.Conn) {
-	log.Println("放回了一个连接")
+	log.Println("放回了一个 LDAP 连接")
 	lcp.mu.Lock()
 	defer lcp.mu.Unlock()
 

diff --git a/public/tools/email.go b/public/tools/email.go
@@ -2,14 +2,20 @@ package tools
 
 import (
 	"fmt"
+	"math/rand"
+	"time"
 
 	"github.com/eryajf/go-ldap-admin/config"
+	"github.com/patrickmn/go-cache"
 
 	"strconv"
 
 	"gopkg.in/gomail.v2"
 )
 
+// 验证码放到缓存当中
+var VerificationCodeCache = cache.New(24*time.Hour, 48*time.Hour)
+
 func email(mailTo []string, subject string, body string) error {
 	mailConn := map[string]string{
 		"user": config.Conf.Email.User,
@@ -33,6 +39,28 @@ func email(mailTo []string, subject string, body string) error {
 func SendMail(sendto []string, pass string) error {
 	subject := "重置LDAP密码成功"
 	// 邮件正文
-	body := fmt.Sprintf("<li><a>更改之后的密码为:%s</a></li>", pass)
+	body := fmt.Sprintf("<li><a>更改之后的密码为: %s </a></li>", pass)
+	return email(sendto, subject, body)
+}
+
+// SendCode 发送验证码
+func SendCode(sendto []string) error {
+	rnd := rand.New(rand.NewSource(time.Now().UnixNano()))
+	vcode := fmt.Sprintf("%06v", rnd.Int31n(1000000))
+	// 把验证码信息放到cache，以便于验证时拿到
+	VerificationCodeCache.Set(sendto[0], vcode, time.Minute*5)
+	subject := "验证码-重置密码"
+	//发送的内容
+	body := fmt.Sprintf(`<div>
+        <div>
+            尊敬的用户，您好！
+        </div>
+        <div style="padding: 8px 40px 8px 50px;">
+            <p>你本次的验证码为 %s ,为了保证账号安全，验证码有效期为5分钟。请确认为本人操作，切勿向他人泄露，感谢您的理解与使用。</p>
+        </div>
+        <div>
+            <p>此邮箱为系统邮箱，请勿回复。</p>
+        </div>
+    </div>`, vcode)
 	return email(sendto, subject, body)
 }
diff --git a/routes/base_routes.go b/routes/base_routes.go
@@ -18,6 +18,7 @@ func InitBaseRoutes(r *gin.RouterGroup, authMiddleware *jwt.GinJWTMiddleware) gi
 		base.POST("/login", authMiddleware.LoginHandler)
 		base.POST("/logout", authMiddleware.LogoutHandler)
 		base.POST("/refreshToken", authMiddleware.RefreshHandler)
+		base.POST("/sendcode", controller.Base.SendCode)   // 给用户邮箱发送验证码
 		base.POST("/changePwd", controller.Base.ChangePwd) // 修改用户密码
 		base.GET("/dashboard", controller.Base.Dashboard)  // 系统首页展示数据
 	}