KeqingMoe/math
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加用户密码重置功能,优化权限检查逻辑,增强身份验证流程

Browse Source
This commit is contained in:
keqingmoe 2024-12-28 22:21:20 +08:00
parent f560099e38
commit 571541b34d
2 changed files with 92 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/server/auth/admin.c
View File

@ -55,6 +55,8 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
form->user_id = kqm_strndup(value, valuelen); form->user_id = kqm_strndup(value, valuelen);
} else if (strcmp(key, "raw_passwd") == 0) { } else if (strcmp(key, "raw_passwd") == 0) {
form->raw_passwd = kqm_strndup(value, valuelen); form->raw_passwd = kqm_strndup(value, valuelen);
} else if (strcmp(key, "new_passwd") == 0) {
form->new_passwd = kqm_strndup(value, valuelen);
} else if (strcmp(key, "permission") == 0) { } else if (strcmp(key, "permission") == 0) {
form->permission = kqm_strndup(value, valuelen); form->permission = kqm_strndup(value, valuelen);
} }
@ -89,10 +91,12 @@ static void impl_repasswd(mg_connection* conn, admin_form_t* form)
} }
int result; int result;
if (!admin_login(form->password, &result)) { if (!admin_login(form->raw_passwd, &result)) {
res_unauth(conn); res_unauth(conn);
return;
} else if (!result) { } else if (!result) {
res_incorrect(conn); res_incorrect(conn);
return;
} }
if (!set_admin_password(form->new_passwd)) { if (!set_admin_password(form->new_passwd)) {
@ -113,7 +117,17 @@ static void impl_repasswd2(mg_connection* conn, admin_form_t* form)
return; return;
} }
int flag = set_user_password(form->user_id, form->new_passwd); int result;
int flag = check_user_exists(form->user_id, &result);
if (!flag) {
res_check_exist_fail(conn);
return;
} else if (!result) {
res_not_exist(conn);
return;
}
flag = set_user_password(form->user_id, form->new_passwd);
if (!flag) { if (!flag) {
res_repasswd_fail(conn); res_repasswd_fail(conn);
} else { } else {
@ -147,7 +161,17 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
return; return;
} }
int flag = delete_user(form->user_id); int result;
int flag = check_user_exists(form->user_id, &result);
if (!flag) {
res_check_exist_fail(conn);
return;
} else if (!result) {
res_not_exist(conn);
return;
}
flag = delete_user(form->user_id);
if (!flag) { if (!flag) {
res_delete_account_fail(conn); res_delete_account_fail(conn);
} else { } else {
@ -155,6 +179,11 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
} }
} }
static void impl_auth(mg_connection* conn, admin_form_t* form)
{
res_auth(conn);
}
int admin_handler(mg_connection* conn, void* cbdata) int admin_handler(mg_connection* conn, void* cbdata)
{ {
@ -181,17 +210,20 @@ int admin_handler(mg_connection* conn, void* cbdata)
mg_handle_form_request(conn, &admin_callback); mg_handle_form_request(conn, &admin_callback);
if (form.action && !strcmp(form.action, "login")) { if (!admin_session) {
form.token = strdup("");
admin_session = strdup(""); admin_session = strdup("");
} }
if (form.action && !strcmp(form.action, "login")) {
form.token = strdup(admin_session);
}
if (!form.action) { if (!form.action) {
res_need_action(conn); res_need_action(conn);
} else if (!form.token) { } else if (!form.token) {
res_need_token(conn); res_need_token(conn);
} else if (!admin_session || strcmp(form.token, admin_session)) { } else if (!admin_session || strcmp(form.token, admin_session)) {
res_permission_denied(conn); res_auth_fail(conn);
} else { } else {
if (!strcmp(form.action, "login")) { if (!strcmp(form.action, "login")) {
impl_login(conn, &form); impl_login(conn, &form);
@ -203,6 +235,8 @@ int admin_handler(mg_connection* conn, void* cbdata)
impl_permission(conn, &form); impl_permission(conn, &form);
} else if (!strcmp(form.action, "delete")) { } else if (!strcmp(form.action, "delete")) {
impl_delete(conn, &form); impl_delete(conn, &form);
} else if (!strcmp(form.action, "auth")) {
impl_auth(conn, &form);
} else { } else {
res_bad_action(conn); res_bad_action(conn);
} }

89
src/server/auth/repasswd.c
View File

@ -1,5 +1,6 @@
#include "server/auth.h" #include "server/auth.h"
#include "server/response.h" #include "server/response.h"
#include "server/types.h"
#include "server/util.h" #include "server/util.h"
@ -54,6 +55,54 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
return MG_FORM_FIELD_HANDLE_GET; return MG_FORM_FIELD_HANDLE_GET;
} }
static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{
int result;
int flag = login(user_id, form->raw_passwd, &result);
if (!flag) {
res_repasswd_fail(conn);
} else {
if (result) {
flag = set_user_password(user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_incorrect(conn);
}
}
}
static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{
int perm1;
int flag = get_user_permission(user_id, &perm1);
if (!flag) {
res_check_permission_fail(conn);
return;
}
int perm2;
flag = get_user_permission(form->user_id, &perm2);
if (!flag) {
res_check_permission_fail(conn);
return;
}
if (perm1 == 1 && perm2 == 2) {
int flag = set_user_password(form->user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_permission_denied(conn);
}
}
int user_repasswd_handler(mg_connection* conn, void* cbdata) int user_repasswd_handler(mg_connection* conn, void* cbdata)
{ {
const mg_request_info* post_body = mg_get_request_info(conn); const mg_request_info* post_body = mg_get_request_info(conn);
@ -97,45 +146,9 @@ int user_repasswd_handler(mg_connection* conn, void* cbdata)
char* user_id = get_payload(form.token); char* user_id = get_payload(form.token);
if (form.user_id && strcmp(user_id, form.user_id)) { if (form.user_id && strcmp(user_id, form.user_id)) {
int perm1; impl_others(conn, user_id, &form);
int flag = get_user_permission(user_id, &perm1);
if (!flag) {
res_check_permission_fail(conn);
}
int perm2;
flag = get_user_permission(form.user_id, &perm2);
if (!flag) {
res_check_permission_fail(conn);
}
if (perm1 < perm2) {
int flag = set_user_password(form.user_id, form.new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_permission_denied(conn);
}
} else if (form.raw_passwd) { } else if (form.raw_passwd) {
int result; impl_self(conn, user_id, &form);
int flag = login(user_id, form.raw_passwd, &result);
if (!flag) {
res_repasswd_fail(conn);
} else {
if (result) {
flag = set_user_password(user_id, form.new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_incorrect(conn);
}
}
} else { } else {
res_need_password(conn); res_need_password(conn);
} }