5 changed files with 94 additions and 18 deletions
Split View
Diff Options
-
+11 -0modules/auth/user_form.go
-
+2 -1options/locale/locale_en-US.ini
-
+2 -1options/locale/locale_zh-CN.ini
-
+1 -0routers/routes/routes.go
-
+78 -16routers/user/auth.go
+ 11
- 0
modules/auth/user_form.go
View File
| @@ -389,6 +389,17 @@ func (f *PhoneNumberCodeForm) Validate(ctx *macaron.Context, errs binding.Errors | |||
| return validate(errs, ctx.Data, f, ctx.Locale) | |||
| } | |||
| type ResetPassWordByPhoneForm struct { | |||
| PhoneNumber string `binding:"Required;MaxSize(20)"` | |||
| VerifyCode string `binding:"Required;MaxSize(10)"` | |||
| Password string `binding:"MaxSize(255)"` | |||
| Remember bool | |||
| } | |||
| func (f *ResetPassWordByPhoneForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { | |||
| return validate(errs, ctx.Data, f, ctx.Locale) | |||
| } | |||
| type SlideImageForm struct { | |||
| SlideID string `binding:"Required"` | |||
| X int `binding:"Required"` | |||
+ 2
- 1
options/locale/locale_en-US.ini
View File
| @@ -342,6 +342,7 @@ reset_password = Account Recovery | |||
| invalid_code = Your confirmation code is invalid or has expired. | |||
| reset_password_helper = Recover Account | |||
| reset_password_wrong_user = You are signed in as %s, but the account recovery link is for %s | |||
| reset_password_wrong_user_phone=You are signed in, but the phone number is used by other user. | |||
| password_too_short = Password length cannot be less than %d characters. | |||
| non_local_account = Non-local users can not update their password through the openi web interface. | |||
| verify = Verify | |||
| @@ -378,7 +379,7 @@ disable_forgot_password_mail = Account recovery is disabled. Please contact your | |||
| sspi_auth_failed = SSPI authentication failed | |||
| [phone] | |||
| format_err=The format of phone number is wrong. | |||
| query_err=Fail to query phone number, can not send verify code, please try again later. | |||
| query_err=Fail to query phone number, please try again later. | |||
| already_register=The phone number is already used. | |||
| not_register=The phone number is wrong. | |||
| not_modify=The phone number is not updated. | |||
+ 2
- 1
options/locale/locale_zh-CN.ini
View File
| @@ -346,6 +346,7 @@ reset_password=账户恢复 | |||
| invalid_code=此确认密钥无效或已过期。 | |||
| reset_password_helper=恢复账户 | |||
| reset_password_wrong_user=您已作为 %s 登录,无法使用链接恢复 %s 的账户。 | |||
| reset_password_wrong_user_phone=您已登录,不能用别的账号的手机恢复。 | |||
| password_too_short=密码长度不能少于 %d 位。 | |||
| non_local_account=非本地帐户不能通过 openi 的 web 界面更改密码。 | |||
| verify=验证 | |||
| @@ -382,7 +383,7 @@ disable_forgot_password_mail = Account recovery is disabled. Please contact your | |||
| sspi_auth_failed=SSPI 认证失败 | |||
| [phone] | |||
| format_err=手机号格式错误。 | |||
| query_err=查询手机号失败,无法发送,请稍后再试。 | |||
| query_err=查询手机号失败,请稍后再试。 | |||
| already_register=手机号已被使用。 | |||
| not_register=手机号输入错误。 | |||
| not_modify=手机号未修改。 | |||
+ 1
- 0
routers/routes/routes.go
View File
| @@ -494,6 +494,7 @@ func RegisterRoutes(m *macaron.Macaron) { | |||
| m.Get("/email2user", user.Email2User) | |||
| m.Get("/recover_account", user.ResetPasswd) | |||
| m.Post("/recover_account", user.ResetPasswdPost) | |||
| m.Post("/recover_account_by_phone", user.ResetPasswdByPhonePost) | |||
| m.Get("/forgot_password", user.ForgotPasswd) | |||
| m.Post("/forgot_password", user.ForgotPasswdPost) | |||
| m.Post("/logout", user.SignOut) | |||
+ 78
- 16
routers/user/auth.go
View File
| @@ -50,13 +50,14 @@ const ( | |||
| // tplSignUp template path for sign up page | |||
| tplSignUp base.TplName = "user/auth/signup" | |||
| // TplActivate template path for activate user | |||
| TplActivate base.TplName = "user/auth/activate" | |||
| tplForgotPassword base.TplName = "user/auth/forgot_passwd" | |||
| tplResetPassword base.TplName = "user/auth/reset_passwd" | |||
| tplTwofa base.TplName = "user/auth/twofa" | |||
| tplTwofaScratch base.TplName = "user/auth/twofa_scratch" | |||
| tplLinkAccount base.TplName = "user/auth/link_account" | |||
| tplU2F base.TplName = "user/auth/u2f" | |||
| TplActivate base.TplName = "user/auth/activate" | |||
| tplForgotPassword base.TplName = "user/auth/forgot_passwd" | |||
| tplForgotPasswordPhone base.TplName = "user/auth/forgot_passwd_phone" | |||
| tplResetPassword base.TplName = "user/auth/reset_passwd" | |||
| tplTwofa base.TplName = "user/auth/twofa" | |||
| tplTwofaScratch base.TplName = "user/auth/twofa_scratch" | |||
| tplLinkAccount base.TplName = "user/auth/link_account" | |||
| tplU2F base.TplName = "user/auth/u2f" | |||
| ) | |||
| // AutoSignIn reads cookie and try to auto-login. | |||
| @@ -1398,18 +1399,30 @@ func ActivateEmail(ctx *context.Context) { | |||
| // ForgotPasswd render the forget pasword page | |||
| func ForgotPasswd(ctx *context.Context) { | |||
| ctx.Data["Title"] = ctx.Tr("auth.forgot_password_title") | |||
| forgetType := ctx.Query("type") | |||
| if setting.MailService == nil { | |||
| ctx.Data["IsResetDisable"] = true | |||
| ctx.HTML(200, tplForgotPassword) | |||
| return | |||
| } | |||
| if forgetType == "phone" { | |||
| if !setting.PhoneService.Enabled { | |||
| ctx.Data["IsResetDisable"] = true | |||
| ctx.HTML(200, tplForgotPasswordPhone) | |||
| return | |||
| } | |||
| ctx.Data["IsResetRequest"] = true | |||
| ctx.HTML(200, tplForgotPasswordPhone) | |||
| } else { | |||
| email := ctx.Query("email") | |||
| ctx.Data["Email"] = email | |||
| if setting.MailService == nil { | |||
| ctx.Data["IsResetDisable"] = true | |||
| ctx.HTML(200, tplForgotPassword) | |||
| return | |||
| } | |||
| ctx.Data["IsResetRequest"] = true | |||
| ctx.HTML(200, tplForgotPassword) | |||
| email := ctx.Query("email") | |||
| ctx.Data["Email"] = email | |||
| ctx.Data["IsResetRequest"] = true | |||
| ctx.HTML(200, tplForgotPassword) | |||
| } | |||
| } | |||
| // ForgotPasswdPost response for forget password request | |||
| @@ -1622,6 +1635,55 @@ func ResetPasswdPost(ctx *context.Context) { | |||
| handleSignInFull(ctx, u, remember, true) | |||
| } | |||
| func ResetPasswdByPhonePost(ctx *context.Context, form auth.ResetPassWordByPhoneForm) { | |||
| phoneNumber := strings.TrimSpace(form.PhoneNumber) | |||
| verifyCode := strings.TrimSpace(form.VerifyCode) | |||
| isRight := phoneService.IsVerifyCodeRight(phoneNumber, verifyCode) | |||
| if !isRight { | |||
| ctx.RenderWithErr(ctx.Tr("phone.verify_code_fail"), tplForgotPasswordPhone, form) | |||
| return | |||
| } | |||
| passwd := strings.TrimSpace(form.Password) | |||
| if len(passwd) < setting.MinPasswordLength { | |||
| ctx.RenderWithErr(ctx.Tr("auth.password_too_short", setting.MinPasswordLength), tplForgotPasswordPhone, form) | |||
| return | |||
| } else if !password.IsComplexEnough(passwd) { | |||
| ctx.RenderWithErr(password.BuildComplexityError(ctx), tplForgotPasswordPhone, form) | |||
| return | |||
| } | |||
| u, err := models.GetUserByPhoneNumber(phoneNumber) | |||
| if err != nil { | |||
| log.Error("fail to query by phone number", err) | |||
| ctx.RenderWithErr(ctx.Tr("phone.query_err", setting.MinPasswordLength), tplForgotPasswordPhone, form) | |||
| return | |||
| } | |||
| if nil != ctx.User && u.ID != ctx.User.ID { | |||
| ctx.RenderWithErr(ctx.Tr("auth.reset_password_wrong_user", ctx.User.Email, u.Email), tplForgotPasswordPhone, form) | |||
| return | |||
| } | |||
| if u.Rands, err = models.GetUserSalt(); err != nil { | |||
| ctx.ServerError("UpdateUser", err) | |||
| return | |||
| } | |||
| if u.Salt, err = models.GetUserSalt(); err != nil { | |||
| ctx.ServerError("UpdateUser", err) | |||
| return | |||
| } | |||
| u.HashPassword(passwd) | |||
| u.MustChangePassword = false | |||
| if err := models.UpdateUserCols(u, "must_change_password", "passwd", "rands", "salt"); err != nil { | |||
| ctx.ServerError("UpdateUser", err) | |||
| return | |||
| } | |||
| handleSignInFull(ctx, u, form.Remember, true) | |||
| } | |||
| // MustChangePassword renders the page to change a user's password | |||
| func MustChangePassword(ctx *context.Context) { | |||
| ctx.Data["Title"] = ctx.Tr("auth.must_change_password") | |||