KeqingMoe/math
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

优化登录和权限检查逻辑,增加用户存在性验证,改进错误处理

Browse Source
This commit is contained in:
keqingmoe 2024-12-28 22:30:24 +08:00
parent 571541b34d
commit 683973bd4f
2 changed files with 13 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/db/auth.cpp
View File

@ -86,7 +86,7 @@ extern "C"
auto value = std::string{}; auto value = std::string{};
auto status = user_db->Get(leveldb::ReadOptions{}, mangle_user_id(user_id), &value); auto status = user_db->Get(leveldb::ReadOptions{}, mangle_user_id(user_id), &value);
if (!status.ok()) { if (!status.ok()) {
std::println(stderr, "Failed to login: {}", status.ToString()); if (!status.IsNotFound()) std::println(stderr, "Failed to login: {}", status.ToString());
return 0; return 0;
} }
*result = validate_password(password, value.data()); *result = validate_password(password, value.data());
@ -132,7 +132,7 @@ extern "C"
if (status.ok()) { if (status.ok()) {
*result = std::stoi(value); *result = std::stoi(value);
} else { } else {
std::println(stderr, "Failed to get user permission: {}", status.ToString()); if (!status.IsNotFound()) std::println(stderr, "Failed to get user permission: {}", status.ToString());
return 0; return 0;
} }
return 1; return 1;

16
src/server/auth/repasswd.c
View File

@ -77,15 +77,21 @@ static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t*
static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form) static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{ {
int perm1; int result1, result2;
int flag = get_user_permission(user_id, &perm1); int flag = check_user_exists(user_id, &result1);
flag &= check_user_exists(form->user_id, &result2);
if (!flag) { if (!flag) {
res_check_permission_fail(conn); res_check_exist_fail(conn);
return;
}
if (!(result1 && result2)) {
res_not_exist(conn);
return; return;
} }
int perm2; int perm1, perm2;
flag = get_user_permission(form->user_id, &perm2); flag = get_user_permission(user_id, &perm1);
flag &= get_user_permission(form->user_id, &perm2);
if (!flag) { if (!flag) {
res_check_permission_fail(conn); res_check_permission_fail(conn);
return; return;