优化登录和权限检查逻辑，增加用户存在性验证，改进错误处理

2024-12-28 22:30:24 +08:00 · 2024-12-28 22:30:24 +08:00 · 683973bd4f
commit 683973bd4f
parent 571541b34d
2 changed files with 13 additions and 7 deletions
--- a/src/db/auth.cpp
+++ b/src/db/auth.cpp
@ -86,7 +86,7 @@ extern "C"
        auto value  = std::string{};
        auto status = user_db->Get(leveldb::ReadOptions{}, mangle_user_id(user_id), &value);
        if (!status.ok()) {
-            std::println(stderr, "Failed to login: {}", status.ToString());
+            if (!status.IsNotFound()) std::println(stderr, "Failed to login: {}", status.ToString());
            return 0;
        }
        *result = validate_password(password, value.data());
@ -132,7 +132,7 @@ extern "C"
        if (status.ok()) {
            *result = std::stoi(value);
        } else {
-            std::println(stderr, "Failed to get user permission: {}", status.ToString());
+            if (!status.IsNotFound()) std::println(stderr, "Failed to get user permission: {}", status.ToString());
            return 0;
        }
        return 1;
--- a/src/server/auth/repasswd.c
+++ b/src/server/auth/repasswd.c
@ -77,15 +77,21 @@ static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t*

 static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
 {
-    int perm1;
-    int flag = get_user_permission(user_id, &perm1);
+    int result1, result2;
+    int flag  = check_user_exists(user_id, &result1);
+    flag     &= check_user_exists(form->user_id, &result2);
    if (!flag) {
-        res_check_permission_fail(conn);
+        res_check_exist_fail(conn);
+        return;
+    }
+    if (!(result1 && result2)) {
+        res_not_exist(conn);
        return;
    }

-    int perm2;
-    flag = get_user_permission(form->user_id, &perm2);
+    int perm1, perm2;
+    flag  = get_user_permission(user_id, &perm1);
+    flag &= get_user_permission(form->user_id, &perm2);
    if (!flag) {
        res_check_permission_fail(conn);
        return;