Fixing log in
Cette révision appartient à :
Parent
d84c294c1b
révision
1ca1f364a0
|
@ -105,11 +105,12 @@ func FindByID(id uint) (*models.User, int, error) {
|
|||
return user, http.StatusOK, nil
|
||||
}
|
||||
|
||||
func SessionByID(id uint) (user *models.User, status int, err error) {
|
||||
func SessionByID(id uint) (*models.User, int, error) {
|
||||
var user = &models.User{}
|
||||
if models.ORM.Preload("Notifications").Where("user_id = ?", id).First(user).RecordNotFound() { // We only load unread notifications
|
||||
status, err = http.StatusBadRequest, errors.New("user_not_found")
|
||||
return user, http.StatusBadRequest, errors.New("user_not_found")
|
||||
}
|
||||
return
|
||||
return user, http.StatusOK, nil
|
||||
}
|
||||
|
||||
// FindForAdmin retrieves a user for an administrator, preloads torrents.
|
||||
|
|
|
@ -6,8 +6,8 @@ import (
|
|||
"strconv"
|
||||
|
||||
"github.com/NyaaPantsu/nyaa/models"
|
||||
"github.com/NyaaPantsu/nyaa/utils/validator/user"
|
||||
"github.com/NyaaPantsu/nyaa/utils/log"
|
||||
"github.com/NyaaPantsu/nyaa/utils/validator/user"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
)
|
||||
|
||||
|
@ -27,27 +27,28 @@ func Exists(email string, pass string) (user *models.User, status int, err error
|
|||
if email == "" || pass == "" {
|
||||
return user, http.StatusNotFound, errors.New("no_username_password")
|
||||
}
|
||||
|
||||
var userExist = &models.User{}
|
||||
// search by email or username
|
||||
if userValidator.EmailValidation(email) {
|
||||
if models.ORM.Where("email = ?", email).First(user).RecordNotFound() {
|
||||
if models.ORM.Where("email = ?", email).First(userExist).RecordNotFound() {
|
||||
status, err = http.StatusNotFound, errors.New("user_not_found")
|
||||
return
|
||||
}
|
||||
} else if models.ORM.Where("username = ?", email).First(user).RecordNotFound() {
|
||||
} else if models.ORM.Where("username = ?", email).First(userExist).RecordNotFound() {
|
||||
status, err = http.StatusNotFound, errors.New("user_not_found")
|
||||
return
|
||||
}
|
||||
err = bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(pass))
|
||||
user = userExist
|
||||
err = bcrypt.CompareHashAndPassword([]byte(userExist.Password), []byte(pass))
|
||||
if err != nil {
|
||||
status, err = http.StatusUnauthorized, errors.New("incorrect_password")
|
||||
return
|
||||
}
|
||||
if user.IsBanned() {
|
||||
if userExist.IsBanned() {
|
||||
status, err = http.StatusUnauthorized, errors.New("account_banned")
|
||||
return
|
||||
}
|
||||
if user.IsScraped() {
|
||||
if userExist.IsScraped() {
|
||||
status, err = http.StatusUnauthorized, errors.New("account_need_activation")
|
||||
return
|
||||
}
|
||||
|
|
|
@ -114,53 +114,48 @@ func SetLogin(c *gin.Context, user *models.User) (int, error) {
|
|||
}
|
||||
|
||||
// CurrentUser retrieves a current user.
|
||||
func CurrentUser(c *gin.Context) (user *models.User, status int, err error) {
|
||||
func CurrentUser(c *gin.Context) (*models.User, int, error) {
|
||||
encoded := c.Request.Header.Get("X-Auth-Token")
|
||||
var user = &models.User{}
|
||||
if len(encoded) == 0 {
|
||||
// check cookie instead
|
||||
cookie, errCookie := c.Cookie(CookieName)
|
||||
if errCookie != nil {
|
||||
err = errCookie
|
||||
status = http.StatusInternalServerError
|
||||
return
|
||||
cookie, err := c.Cookie(CookieName)
|
||||
if err != nil {
|
||||
return user, http.StatusInternalServerError, err
|
||||
}
|
||||
encoded = cookie
|
||||
}
|
||||
userID, err := Decode(encoded)
|
||||
if err != nil {
|
||||
status = http.StatusInternalServerError
|
||||
return
|
||||
return user, http.StatusInternalServerError, err
|
||||
}
|
||||
|
||||
userFromContext := getUserFromContext(c)
|
||||
|
||||
if userFromContext.ID > 0 && userID == userFromContext.ID {
|
||||
user = &userFromContext
|
||||
user = userFromContext
|
||||
} else {
|
||||
users.SessionByID(userID)
|
||||
setUserToContext(c, *user)
|
||||
user, _, _ = users.SessionByID(userID)
|
||||
setUserToContext(c, user)
|
||||
}
|
||||
|
||||
if user.IsBanned() {
|
||||
// recheck as user might've been banned in the meantime
|
||||
status, err = http.StatusUnauthorized, errors.New("account_banned")
|
||||
return
|
||||
return user, http.StatusUnauthorized, errors.New("account_banned")
|
||||
}
|
||||
if err != nil {
|
||||
status = http.StatusInternalServerError
|
||||
return
|
||||
return user, http.StatusInternalServerError, err
|
||||
}
|
||||
status = http.StatusOK
|
||||
return
|
||||
return user, http.StatusOK, nil
|
||||
}
|
||||
func getUserFromContext(c *gin.Context) models.User {
|
||||
func getUserFromContext(c *gin.Context) *models.User {
|
||||
if rv := context.Get(c.Request, UserContextKey); rv != nil {
|
||||
return rv.(models.User)
|
||||
return rv.(*models.User)
|
||||
}
|
||||
return models.User{}
|
||||
return &models.User{}
|
||||
}
|
||||
|
||||
func setUserToContext(c *gin.Context, val models.User) {
|
||||
func setUserToContext(c *gin.Context, val *models.User) {
|
||||
context.Set(c.Request, UserContextKey, val)
|
||||
}
|
||||
|
||||
|
|
Référencer dans un nouveau ticket