KeqingMoe/math
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: KeqingMoe:c80a950177777a2e4d1fb423bc84fab66009f4d6
Branches Tags
KeqingMoe:main
..
compare: KeqingMoe:683973bd4fa30c66629d583168262e3fe3f9f708
Branches Tags
KeqingMoe:main

3 Commits
c80a950177 ... 683973bd4f

Author SHA1 Message Date
keqingmoe
683973bd4f 优化登录和权限检查逻辑,增加用户存在性验证,改进错误处理 2024-12-28 22:30:24 +08:00
keqingmoe
571541b34d 添加用户密码重置功能,优化权限检查逻辑,增强身份验证流程 2024-12-28 22:21:20 +08:00
keqingmoe
f560099e38 添加权限管理功能,允许管理员修改用户权限,更新相关组件和对话框 2024-12-28 22:10:56 +08:00
4 changed files with 101 additions and 48 deletions
Show Stats Expand all files Collapse all files

4
src/db/auth.cpp
View File

@ -86,7 +86,7 @@ extern "C"
auto value = std::string{}; auto value = std::string{};
auto status = user_db->Get(leveldb::ReadOptions{}, mangle_user_id(user_id), &value); auto status = user_db->Get(leveldb::ReadOptions{}, mangle_user_id(user_id), &value);
if (!status.ok()) { if (!status.ok()) {
std::println(stderr, "Failed to login: {}", status.ToString()); if (!status.IsNotFound()) std::println(stderr, "Failed to login: {}", status.ToString());
return 0; return 0;
} }
*result = validate_password(password, value.data()); *result = validate_password(password, value.data());
@ -132,7 +132,7 @@ extern "C"
if (status.ok()) { if (status.ok()) {
*result = std::stoi(value); *result = std::stoi(value);
} else { } else {
std::println(stderr, "Failed to get user permission: {}", status.ToString()); if (!status.IsNotFound()) std::println(stderr, "Failed to get user permission: {}", status.ToString());
return 0; return 0;
} }
return 1; return 1;

46
src/server/auth/admin.c
View File

@ -55,6 +55,8 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
form->user_id = kqm_strndup(value, valuelen); form->user_id = kqm_strndup(value, valuelen);
} else if (strcmp(key, "raw_passwd") == 0) { } else if (strcmp(key, "raw_passwd") == 0) {
form->raw_passwd = kqm_strndup(value, valuelen); form->raw_passwd = kqm_strndup(value, valuelen);
} else if (strcmp(key, "new_passwd") == 0) {
form->new_passwd = kqm_strndup(value, valuelen);
} else if (strcmp(key, "permission") == 0) { } else if (strcmp(key, "permission") == 0) {
form->permission = kqm_strndup(value, valuelen); form->permission = kqm_strndup(value, valuelen);
} }
@ -89,10 +91,12 @@ static void impl_repasswd(mg_connection* conn, admin_form_t* form)
} }
int result; int result;
if (!admin_login(form->password, &result)) { if (!admin_login(form->raw_passwd, &result)) {
res_unauth(conn); res_unauth(conn);
return;
} else if (!result) { } else if (!result) {
res_incorrect(conn); res_incorrect(conn);
return;
} }
if (!set_admin_password(form->new_passwd)) { if (!set_admin_password(form->new_passwd)) {
@ -113,7 +117,17 @@ static void impl_repasswd2(mg_connection* conn, admin_form_t* form)
return; return;
} }
int flag = set_user_password(form->user_id, form->new_passwd); int result;
int flag = check_user_exists(form->user_id, &result);
if (!flag) {
res_check_exist_fail(conn);
return;
} else if (!result) {
res_not_exist(conn);
return;
}
flag = set_user_password(form->user_id, form->new_passwd);
if (!flag) { if (!flag) {
res_repasswd_fail(conn); res_repasswd_fail(conn);
} else { } else {
@ -147,7 +161,17 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
return; return;
} }
int flag = delete_user(form->user_id); int result;
int flag = check_user_exists(form->user_id, &result);
if (!flag) {
res_check_exist_fail(conn);
return;
} else if (!result) {
res_not_exist(conn);
return;
}
flag = delete_user(form->user_id);
if (!flag) { if (!flag) {
res_delete_account_fail(conn); res_delete_account_fail(conn);
} else { } else {
@ -155,6 +179,11 @@ static void impl_delete(mg_connection* conn, admin_form_t* form)
} }
} }
static void impl_auth(mg_connection* conn, admin_form_t* form)
{
res_auth(conn);
}
int admin_handler(mg_connection* conn, void* cbdata) int admin_handler(mg_connection* conn, void* cbdata)
{ {
@ -181,17 +210,20 @@ int admin_handler(mg_connection* conn, void* cbdata)
mg_handle_form_request(conn, &admin_callback); mg_handle_form_request(conn, &admin_callback);
if (form.action && !strcmp(form.action, "login")) { if (!admin_session) {
form.token = strdup("");
admin_session = strdup(""); admin_session = strdup("");
} }
if (form.action && !strcmp(form.action, "login")) {
form.token = strdup(admin_session);
}
if (!form.action) { if (!form.action) {
res_need_action(conn); res_need_action(conn);
} else if (!form.token) { } else if (!form.token) {
res_need_token(conn); res_need_token(conn);
} else if (!admin_session || strcmp(form.token, admin_session)) { } else if (!admin_session || strcmp(form.token, admin_session)) {
res_permission_denied(conn); res_auth_fail(conn);
} else { } else {
if (!strcmp(form.action, "login")) { if (!strcmp(form.action, "login")) {
impl_login(conn, &form); impl_login(conn, &form);
@ -203,6 +235,8 @@ int admin_handler(mg_connection* conn, void* cbdata)
impl_permission(conn, &form); impl_permission(conn, &form);
} else if (!strcmp(form.action, "delete")) { } else if (!strcmp(form.action, "delete")) {
impl_delete(conn, &form); impl_delete(conn, &form);
} else if (!strcmp(form.action, "auth")) {
impl_auth(conn, &form);
} else { } else {
res_bad_action(conn); res_bad_action(conn);
} }

97
src/server/auth/repasswd.c
View File

@ -1,5 +1,6 @@
#include "server/auth.h" #include "server/auth.h"
#include "server/response.h" #include "server/response.h"
#include "server/types.h"
#include "server/util.h" #include "server/util.h"
@ -54,6 +55,60 @@ static int field_get(const char* key, const char* value, size_t valuelen, void*
return MG_FORM_FIELD_HANDLE_GET; return MG_FORM_FIELD_HANDLE_GET;
} }
static void impl_self(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{
int result;
int flag = login(user_id, form->raw_passwd, &result);
if (!flag) {
res_repasswd_fail(conn);
} else {
if (result) {
flag = set_user_password(user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_incorrect(conn);
}
}
}
static void impl_others(mg_connection* conn, const char* user_id, repasswd_form_t* form)
{
int result1, result2;
int flag = check_user_exists(user_id, &result1);
flag &= check_user_exists(form->user_id, &result2);
if (!flag) {
res_check_exist_fail(conn);
return;
}
if (!(result1 && result2)) {
res_not_exist(conn);
return;
}
int perm1, perm2;
flag = get_user_permission(user_id, &perm1);
flag &= get_user_permission(form->user_id, &perm2);
if (!flag) {
res_check_permission_fail(conn);
return;
}
if (perm1 == 1 && perm2 == 2) {
int flag = set_user_password(form->user_id, form->new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_permission_denied(conn);
}
}
int user_repasswd_handler(mg_connection* conn, void* cbdata) int user_repasswd_handler(mg_connection* conn, void* cbdata)
{ {
const mg_request_info* post_body = mg_get_request_info(conn); const mg_request_info* post_body = mg_get_request_info(conn);
@ -97,45 +152,9 @@ int user_repasswd_handler(mg_connection* conn, void* cbdata)
char* user_id = get_payload(form.token); char* user_id = get_payload(form.token);
if (form.user_id && strcmp(user_id, form.user_id)) { if (form.user_id && strcmp(user_id, form.user_id)) {
int perm1; impl_others(conn, user_id, &form);
int flag = get_user_permission(user_id, &perm1); } else if (form.raw_passwd) {
if (!flag) { impl_self(conn, user_id, &form);
res_check_permission_fail(conn);
}
int perm2;
flag = get_user_permission(form.user_id, &perm2);
if (!flag) {
res_check_permission_fail(conn);
}
if (perm1 < perm2) {
int flag = set_user_password(form.user_id, form.new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_permission_denied(conn);
}
} else if(form.raw_passwd) {
int result;
int flag = login(user_id, form.raw_passwd, &result);
if (!flag) {
res_repasswd_fail(conn);
} else {
if (result) {
flag = set_user_password(user_id, form.new_passwd);
if (!flag) {
res_repasswd_fail(conn);
} else {
res_repasswd(conn);
}
} else {
res_incorrect(conn);
}
}
} else { } else {
res_need_password(conn); res_need_password(conn);
} }

2
ui/src/components/admin/Permission.vue
View File

@ -13,7 +13,7 @@
<v-divider :thickness="10" class="border-opacity-0"></v-divider> <v-divider :thickness="10" class="border-opacity-0"></v-divider>
<v-btn :loading="loading" class="mb-8" color="blue" size="large" type="submit" variant="tonal" block> <v-btn :loading="loading" class="mb-8" color="blue" size="large" type="submit" variant="tonal" block>
修改密码 修改权限
</v-btn> </v-btn>
</v-form> </v-form>