KeqingMoe/math
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加用户密码重置功能,优化权限检查逻辑,增强身份验证流程

Browse Source
This commit is contained in:
keqingmoe 2024-12-28 22:21:20 +08:00
parent f560099e38
commit 571541b34d
2 changed files with 92 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
src/server/auth/admin.c
View File

@ -55,6 +55,8 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
form->user_id = kqm_strndup(value, valuelen);
} else if (strcmp(key, "raw_passwd") == 0) {
form->raw_passwd = kqm_strndup(value, valuelen);
} else if (strcmp(key, "new_passwd") == 0) {
form->new_passwd = kqm_strndup(value, valuelen);
} else if (strcmp(key, "permission") == 0) {
form->permission = kqm_strndup(value, valuelen);
}
@ -89,10 +91,12 @@ static void impl_repasswd(mg_connection* conn, admin_form_t* form)
}
int result;
if (!admin_login(form->password, &result)) {
if (!admin_login(form->raw_passwd, &result)) {
res_unauth(conn);
return;
} else if (!result) {
res_incorrect(conn);
return;
}
if (!set_admin_password(form->new_passwd)) {
@ -113,7 +117,17 @@ static void impl_repasswd2(mg_connection* conn, admin_form_t* form)
return;
}
int flag = set_user_password(form->user_id, form->new_passwd);
int result;
int flag = check_user_exists(form->user_id, &result);
if (!flag) {
res_check_exist_fail(conn);
return;
} else if (!result) {
res_not_exist(conn);
return;
}
flag = set_user_password(form->user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
@ -147,7 +161,17 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
return;
}
int flag = delete_user(form->user_id);
int result;
int flag = check_user_exists(form->user_id, &result);
if (!flag) {
res_check_exist_fail(conn);
return;
} else if (!result) {
res_not_exist(conn);
return;
}
flag = delete_user(form->user_id);
if (!flag) {
res_delete_account_fail(conn);
} else {
@ -155,6 +179,11 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
}
}
static void impl_auth(mg_connection* conn, admin_form_t* form)
{
res_auth(conn);
}
int admin_handler(mg_connection* conn, void* cbdata)
{
@ -181,17 +210,20 @@ int admin_handler(mg_connection* conn, void* cbdata)
mg_handle_form_request(conn, &admin_callback);
if (form.action && !strcmp(form.action, "login")) {
form.token = strdup("");
if (!admin_session) {
admin_session = strdup("");
}
if (form.action && !strcmp(form.action, "login")) {
form.token = strdup(admin_session);
}
if (!form.action) {
res_need_action(conn);
} else if (!form.token) {
res_need_token(conn);
} else if (!admin_session || strcmp(form.token, admin_session)) {
res_permission_denied(conn);
res_auth_fail(conn);
} else {
if (!strcmp(form.action, "login")) {
impl_login(conn, &form);
@ -203,6 +235,8 @@ int admin_handler(mg_connection* conn, void* cbdata)
impl_permission(conn, &form);
} else if (!strcmp(form.action, "delete")) {
impl_delete(conn, &form);
} else if (!strcmp(form.action, "auth")) {
impl_auth(conn, &form);
} else {
res_bad_action(conn);
}

91
src/server/auth/repasswd.c
View File

@ -1,5 +1,6 @@
#include "server/auth.h"
#include "server/response.h"
#include "server/types.h"
#include "server/util.h"
@ -54,6 +55,54 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
return MG_FORM_FIELD_HANDLE_GET;
}
static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{
int result;
int flag = login(user_id, form->raw_passwd, &result);
if (!flag) {
res_repasswd_fail(conn);
} else {
if (result) {
flag = set_user_password(user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_incorrect(conn);
}
}
}
static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{
int perm1;
int flag = get_user_permission(user_id, &perm1);
if (!flag) {
res_check_permission_fail(conn);
return;
}
int perm2;
flag = get_user_permission(form->user_id, &perm2);
if (!flag) {
res_check_permission_fail(conn);
return;
}
if (perm1 == 1 && perm2 == 2) {
int flag = set_user_password(form->user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_permission_denied(conn);
}
}
int user_repasswd_handler(mg_connection* conn, void* cbdata)
{
const mg_request_info* post_body = mg_get_request_info(conn);
@ -97,45 +146,9 @@ int user_repasswd_handler(mg_connection* conn, void* cbdata)
char* user_id = get_payload(form.token);
if (form.user_id && strcmp(user_id, form.user_id)) {
int perm1;
int flag = get_user_permission(user_id, &perm1);
if (!flag) {
res_check_permission_fail(conn);
}
int perm2;
flag = get_user_permission(form.user_id, &perm2);
if (!flag) {
res_check_permission_fail(conn);
}
if (perm1 < perm2) {
int flag = set_user_password(form.user_id, form.new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_permission_denied(conn);
}
} else if(form.raw_passwd) {
int result;
int flag = login(user_id, form.raw_passwd, &result);
if (!flag) {
res_repasswd_fail(conn);
} else {
if (result) {
flag = set_user_password(user_id, form.new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_incorrect(conn);
}
}
impl_others(conn, user_id, &form);
} else if (form.raw_passwd) {
impl_self(conn, user_id, &form);
} else {
res_need_password(conn);
}