Skip to content

Commit

Permalink
feat: refactor reset password api and forgetPage.js (casdoor#1601)
Browse files Browse the repository at this point in the history
  • Loading branch information
@leo220yuyaodog
leo220yuyaodog authored Mar 1, 2023
1 parent b38f221 commit e21087a
Show file tree
Hide file tree
Showing 9 changed files with 537 additions and 338 deletions.
2 changes: 1 addition & 1 deletion authz/authz.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ m = (r.subOwner == p.subOwner || p.subOwner == "*") && \
p, built-in, *, *, *, *, *
p, app, *, *, *, *, *
p, *, *, POST, /api/signup, *, *
p, *, *, POST, /api/get-email-and-phone, *, *
p, *, *, GET, /api/get-email-and-phone, *, *
p, *, *, POST, /api/login, *, *
p, *, *, GET, /api/get-app-login, *, *
p, *, *, POST, /api/logout, *, *
Expand Down
21 changes: 8 additions & 13 deletions controllers/user.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -231,24 +231,20 @@ func (c *ApiController) DeleteUser() {
// @Param username formData string true "The username of the user"
// @Param organization formData string true "The organization of the user"
// @Success 200 {object} controllers.Response The Response object
// @router /get-email-and-phone [post]
// @router /get-email-and-phone [get]
func (c *ApiController) GetEmailAndPhone() {
var form RequestForm
err := json.Unmarshal(c.Ctx.Input.RequestBody, &form)
if err != nil {
c.ResponseError(err.Error())
return
}
organization := c.Ctx.Request.Form.Get("organization")
username := c.Ctx.Request.Form.Get("username")

user := object.GetUserByFields(form.Organization, form.Username)
user := object.GetUserByFields(organization, username)
if user == nil {
c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(form.Organization, form.Username)))
c.ResponseError(fmt.Sprintf(c.T("general:The user: %s doesn't exist"), util.GetId(organization, username)))
return
}

respUser := object.User{Name: user.Name}
var contentType string
switch form.Username {
switch username {
case user.Email:
contentType = "email"
respUser.Email = user.Email
Expand Down Expand Up @@ -281,7 +277,7 @@ func (c *ApiController) SetPassword() {
newPassword := c.Ctx.Request.Form.Get("newPassword")

requestUserId := c.GetSessionUsername()
userId := fmt.Sprintf("%s/%s", userOwner, userName)
userId := util.GetId(userOwner, userName)

hasPermission, err := object.CheckUserPermission(requestUserId, userId, userOwner, true, c.GetAcceptLanguage())
if !hasPermission {
Expand Down Expand Up @@ -311,8 +307,7 @@ func (c *ApiController) SetPassword() {

targetUser.Password = newPassword
object.SetUserField(targetUser, "password", targetUser.Password)
c.Data["json"] = Response{Status: "ok"}
c.ServeJSON()
c.ResponseOk()
}

// CheckUserPassword
Expand Down
8 changes: 5 additions & 3 deletions object/user_util.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,11 @@ func GetUserByFields(organization string, field string) *User {
}

// check email
user = GetUserByField(organization, "email", field)
if user != nil {
return user
if strings.Contains(field, "@") {
user = GetUserByField(organization, "email", field)
if user != nil {
return user
}
}

// check phone
Expand Down
2 changes: 1 addition & 1 deletion routers/router.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ func initAPI() {

beego.Router("/api/set-password", &controllers.ApiController{}, "POST:SetPassword")
beego.Router("/api/check-user-password", &controllers.ApiController{}, "POST:CheckUserPassword")
beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "POST:GetEmailAndPhone")
beego.Router("/api/get-email-and-phone", &controllers.ApiController{}, "GET:GetEmailAndPhone")
beego.Router("/api/send-verification-code", &controllers.ApiController{}, "POST:SendVerificationCode")
beego.Router("/api/verify-captcha", &controllers.ApiController{}, "POST:VerifyCaptcha")
beego.Router("/api/reset-email-or-phone", &controllers.ApiController{}, "POST:ResetEmailOrPhone")
Expand Down
168 changes: 152 additions & 16 deletions swagger/swagger.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -339,6 +339,42 @@
}
}
},
"/api/add-session": {
"post": {
"tags": [
"Session API"
],
"description": "Add session for one user in one application. If there are other existing sessions, join the session into the list.",
"operationId": "ApiController.AddSession",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id(organization/application/user) of session",
"required": true,
"type": "string"
},
{
"in": "query",
"name": "sessionId",
"description": "sessionId to be added",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
},
"/api/add-syncer": {
"post": {
"tags": [
Expand Down Expand Up @@ -889,13 +925,13 @@
"tags": [
"Session API"
],
"description": "Delete session by userId",
"description": "Delete session for one user in one application.",
"operationId": "ApiController.DeleteSession",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id ( owner/name )(owner/name) of user.",
"description": "The id(organization/application/user) of session",
"required": true,
"type": "string"
}
Expand Down Expand Up @@ -1233,7 +1269,7 @@
}
},
"/api/get-email-and-phone": {
"post": {
"get": {
"tags": [
"User API"
],
Expand Down Expand Up @@ -1306,7 +1342,7 @@
}
},
"/api/get-ldap": {
"post": {
"get": {
"tags": [
"Account API"
],
Expand All @@ -1322,7 +1358,7 @@
}
},
"/api/get-ldaps": {
"post": {
"get": {
"tags": [
"Account API"
],
Expand Down Expand Up @@ -1884,12 +1920,41 @@
}
}
},
"/api/get-session": {
"get": {
"tags": [
"Session API"
],
"description": "Get session for one user in one application.",
"operationId": "ApiController.GetSingleSession",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id(organization/application/user) of session",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
},
"/api/get-sessions": {
"get": {
"tags": [
"Session API"
],
"description": "Get organization user sessions",
"description": "Get organization user sessions.",
"operationId": "ApiController.GetSessions",
"parameters": [
{
Expand Down Expand Up @@ -2356,6 +2421,42 @@
}
}
},
"/api/is-session-duplicated": {
"get": {
"tags": [
"Session API"
],
"description": "Check if there are other different sessions for one user in one application.",
"operationId": "ApiController.IsSessionDuplicated",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id(organization/application/user) of session",
"required": true,
"type": "string"
},
{
"in": "query",
"name": "sessionId",
"description": "sessionId to be checked",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
},
"/api/login": {
"post": {
"tags": [
Expand Down Expand Up @@ -3224,6 +3325,35 @@
}
}
},
"/api/update-session": {
"post": {
"tags": [
"Session API"
],
"description": "Update session for one user in one application.",
"operationId": "ApiController.UpdateSession",
"parameters": [
{
"in": "query",
"name": "id",
"description": "The id(organization/application/user) of session",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "The Response object",
"schema": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
},
"/api/update-syncer": {
"post": {
"tags": [
Expand Down Expand Up @@ -3505,11 +3635,11 @@
}
},
"definitions": {
"2346.0xc0001ce990.false": {
"2346.0xc000278ab0.false": {
"title": "false",
"type": "object"
},
"2381.0xc0001ce9c0.false": {
"2381.0xc000278ae0.false": {
"title": "false",
"type": "object"
},
Expand Down Expand Up @@ -3566,6 +3696,9 @@
"code": {
"type": "string"
},
"countryCode": {
"type": "string"
},
"email": {
"type": "string"
},
Expand Down Expand Up @@ -3599,9 +3732,6 @@
"phoneCode": {
"type": "string"
},
"phonePrefix": {
"type": "string"
},
"provider": {
"type": "string"
},
Expand Down Expand Up @@ -3636,10 +3766,10 @@
"type": "object",
"properties": {
"data": {
"$ref": "#/definitions/2346.0xc0001ce990.false"
"$ref": "#/definitions/2346.0xc000278ab0.false"
},
"data2": {
"$ref": "#/definitions/2381.0xc0001ce9c0.false"
"$ref": "#/definitions/2381.0xc000278ae0.false"
},
"msg": {
"type": "string"
Expand Down Expand Up @@ -4091,6 +4221,12 @@
"$ref": "#/definitions/object.AccountItem"
}
},
"countryCodes": {
"type": "array",
"items": {
"type": "string"
}
},
"createdTime": {
"type": "string"
},
Expand Down Expand Up @@ -4137,9 +4273,6 @@
"passwordType": {
"type": "string"
},
"phonePrefix": {
"type": "string"
},
"tags": {
"type": "array",
"items": {
Expand Down Expand Up @@ -4906,6 +5039,9 @@
"cloudfoundry": {
"type": "string"
},
"countryCode": {
"type": "string"
},
"createdIp": {
"type": "string"
},
Expand Down
Loading

0 comments on commit e21087a

Please sign in to comment.