添加临时Token登录接口

2025-04-05 20:17:53 +08:00 · 2021-03-16 13:28:38 +08:00 · 2021-03-16 13:28:38 +08:00 · 25c58d9988
commit 25c58d9988
parent c7a1d0ef28
4 changed files with 91 additions and 27 deletions
--- a/controllers/AccountController.go
+++ b/controllers/AccountController.go
@ -1,18 +1,23 @@
 package controllers

 import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/base64"
+	"fmt"
 	"net/url"
 	"regexp"
 	"strings"
 	"time"

+	"html/template"
+
 	"github.com/astaxie/beego"
 	"github.com/lifei6671/gocaptcha"
 	"github.com/lifei6671/mindoc/conf"
 	"github.com/lifei6671/mindoc/mail"
 	"github.com/lifei6671/mindoc/models"
 	"github.com/lifei6671/mindoc/utils"
-	"html/template"
 )

 // AccountController 用户登录与注册
@ -131,6 +136,67 @@ func (c *AccountController) Login() {
 	}
 }

+// 临时登录
+func (c *AccountController) TmpLogin() {
+	if c.Member != nil {
+		c.Redirect(conf.URLFor("HomeController.Index"), 302)
+	}
+
+	tmpToken := c.GetString("tmpToken")
+	if tmpToken == "" {
+		c.Redirect(conf.URLFor("AccountController.Login"), 302)
+	}
+
+	tmp, err := base64.URLEncoding.DecodeString(tmpToken)
+	if err != nil {
+		c.Redirect(conf.URLFor("AccountController.Login"), 302)
+	}
+
+	tmpToken = string(tmp)
+	var remember CookieRemember
+	// 如果 Cookie 中存在登录信息
+	cookie, ok := c.GetSecureCookie(conf.GetAppKey(), "login")
+	if !ok {
+		cookie, ok = parseHelper(tmpToken)
+	}
+
+	// 解析用户，并登录
+	if ok {
+		if err := utils.Decode(cookie, &remember); err == nil {
+			if member, err := models.NewMember().Find(remember.MemberId); err == nil {
+				c.SetMember(*member)
+				c.LoggedIn(false)
+				c.StopRun()
+			}
+		}
+	}
+	c.Redirect(conf.URLFor("AccountController.Login"), 302)
+
+}
+
+func parseHelper(value string) (string, bool) {
+
+	parts := strings.SplitN(value, "|", 3)
+
+	if len(parts) != 3 {
+		return "", false
+	}
+
+	vs := parts[0]
+	timestamp := parts[1]
+	sig := parts[2]
+
+	h := hmac.New(sha1.New, []byte(conf.GetAppKey()))
+	fmt.Fprintf(h, "%s%s", vs, timestamp)
+
+	if fmt.Sprintf("%02x", h.Sum(nil)) != sig {
+		return "", false
+	}
+	res, _ := base64.URLEncoding.DecodeString(vs)
+	return string(res), true
+
+}
+
 // 登录成功后的操作，如重定向到原始请求页面
 func (c *AccountController) LoggedIn(isPost bool) interface{} {

--- a/models/BookModel.go
+++ b/models/BookModel.go
@ -15,6 +15,7 @@ import (
 	"time"

 	"encoding/json"
+
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego/logs"
 	"github.com/astaxie/beego/orm"
--- a/models/comment_vote.go
+++ b/models/comment_vote.go
@ -1,9 +1,10 @@
 package models

 import (
+	"time"
+
 	"github.com/astaxie/beego/orm"
 	"github.com/lifei6671/mindoc/conf"
-	"time"
 )

 type CommentVote struct {
--- a/routers/router.go
+++ b/routers/router.go
@ -9,6 +9,7 @@ func init() {
 	beego.Router("/", &controllers.HomeController{}, "*:Index")

 	beego.Router("/login", &controllers.AccountController{}, "*:Login")
+	beego.Router("/token", &controllers.AccountController{}, "get:TmpLogin")
 	beego.Router("/logout", &controllers.AccountController{}, "*:Logout")
 	beego.Router("/register", &controllers.AccountController{}, "*:Register")
 	beego.Router("/find_password", &controllers.AccountController{}, "*:FindPassword")
@ -35,8 +36,8 @@ func init() {
 	beego.Router("/manager/attach/list", &controllers.ManagerController{}, "*:AttachList")
 	beego.Router("/manager/attach/detailed/:id", &controllers.ManagerController{}, "*:AttachDetailed")
 	beego.Router("/manager/attach/delete", &controllers.ManagerController{}, "post:AttachDelete")
-	beego.Router("/manager/label/list", &controllers.ManagerController{},"get:LabelList")
-	beego.Router("/manager/label/delete/:id", &controllers.ManagerController{},"post:LabelDelete")
+	beego.Router("/manager/label/list", &controllers.ManagerController{}, "get:LabelList")
+	beego.Router("/manager/label/delete/:id", &controllers.ManagerController{}, "post:LabelDelete")

 	//beego.Router("/manager/config",  &controllers.ManagerController{}, "*:Config")

@ -51,16 +52,14 @@ func init() {
 	beego.Router("/manager/team/member/change_role", &controllers.ManagerController{}, "POST:TeamChangeMemberRole")
 	beego.Router("/manager/team/member/search", &controllers.ManagerController{}, "*:TeamSearchMember")

-
 	beego.Router("/manager/team/book/list/:id", &controllers.ManagerController{}, "*:TeamBookList")
 	beego.Router("/manager/team/book/add", &controllers.ManagerController{}, "POST:TeamBookAdd")
 	beego.Router("/manager/team/book/delete", &controllers.ManagerController{}, "POST:TeamBookDelete")
 	beego.Router("/manager/team/book/search", &controllers.ManagerController{}, "*:TeamSearchBook")

-	beego.Router("/manager/itemsets", &controllers.ManagerController{},"*:Itemsets")
-	beego.Router("/manager/itemsets/edit", &controllers.ManagerController{},"post:ItemsetsEdit")
-	beego.Router("/manager/itemsets/delete", &controllers.ManagerController{},"post:ItemsetsDelete")
-
+	beego.Router("/manager/itemsets", &controllers.ManagerController{}, "*:Itemsets")
+	beego.Router("/manager/itemsets/edit", &controllers.ManagerController{}, "post:ItemsetsEdit")
+	beego.Router("/manager/itemsets/delete", &controllers.ManagerController{}, "post:ItemsetsDelete")

 	beego.Router("/setting", &controllers.SettingController{}, "*:Index")
 	beego.Router("/setting/password", &controllers.SettingController{}, "*:Password")
@ -74,15 +73,14 @@ func init() {
 	beego.Router("/book/:key/sort", &controllers.BookController{}, "post:SaveSort")
 	beego.Router("/book/:key/teams", &controllers.BookController{}, "*:Team")

-
 	beego.Router("/book/create", &controllers.BookController{}, "*:Create")
 	beego.Router("/book/itemsets/search", &controllers.BookController{}, "*:ItemsetsSearch")

 	beego.Router("/book/users/create", &controllers.BookMemberController{}, "post:AddMember")
 	beego.Router("/book/users/change", &controllers.BookMemberController{}, "post:ChangeRole")
 	beego.Router("/book/users/delete", &controllers.BookMemberController{}, "post:RemoveMember")
-	beego.Router("/book/users/import", &controllers.BookController{},"post:Import")
-	beego.Router("/book/users/copy", &controllers.BookController{},"post:Copy")
+	beego.Router("/book/users/import", &controllers.BookController{}, "post:Import")
+	beego.Router("/book/users/copy", &controllers.BookController{}, "post:Copy")

 	beego.Router("/book/setting/save", &controllers.BookController{}, "post:SaveBook")
 	beego.Router("/book/setting/open", &controllers.BookController{}, "post:PrivatelyOwned")
@ -94,26 +92,24 @@ func init() {
 	beego.Router("/book/team/delete", &controllers.BookController{}, "POST:TeamDelete")
 	beego.Router("/book/team/search", &controllers.BookController{}, "*:TeamSearch")

-
 	//管理文章的路由
-	beego.Router("/manage/blogs", &controllers.BlogController{},"*:ManageList")
+	beego.Router("/manage/blogs", &controllers.BlogController{}, "*:ManageList")
 	beego.Router("/manage/blogs/setting/?:id", &controllers.BlogController{}, "*:ManageSetting")
-	beego.Router("/manage/blogs/edit/?:id",&controllers.BlogController{}, "*:ManageEdit")
-	beego.Router("/manage/blogs/delete",&controllers.BlogController{}, "post:ManageDelete")
-	beego.Router("/manage/blogs/upload",&controllers.BlogController{}, "post:Upload")
-	beego.Router("/manage/blogs/attach/:id",&controllers.BlogController{}, "post:RemoveAttachment")
-
+	beego.Router("/manage/blogs/edit/?:id", &controllers.BlogController{}, "*:ManageEdit")
+	beego.Router("/manage/blogs/delete", &controllers.BlogController{}, "post:ManageDelete")
+	beego.Router("/manage/blogs/upload", &controllers.BlogController{}, "post:Upload")
+	beego.Router("/manage/blogs/attach/:id", &controllers.BlogController{}, "post:RemoveAttachment")

 	//读文章的路由
 	beego.Router("/blogs", &controllers.BlogController{}, "*:List")
-	beego.Router("/blog-attach/:id:int/:attach_id:int", &controllers.BlogController{},"get:Download")
-	beego.Router("/blog-:id([0-9]+).html",&controllers.BlogController{}, "*:Index")
+	beego.Router("/blog-attach/:id:int/:attach_id:int", &controllers.BlogController{}, "get:Download")
+	beego.Router("/blog-:id([0-9]+).html", &controllers.BlogController{}, "*:Index")

 	//模板相关接口
-	beego.Router("/api/template/get", &controllers.TemplateController{},"get:Get")
-	beego.Router("/api/template/list", &controllers.TemplateController{},"post:List")
-	beego.Router("/api/template/add", &controllers.TemplateController{},"post:Add")
-	beego.Router("/api/template/remove", &controllers.TemplateController{},"post:Delete")
+	beego.Router("/api/template/get", &controllers.TemplateController{}, "get:Get")
+	beego.Router("/api/template/list", &controllers.TemplateController{}, "post:List")
+	beego.Router("/api/template/add", &controllers.TemplateController{}, "post:Add")
+	beego.Router("/api/template/remove", &controllers.TemplateController{}, "post:Delete")

 	beego.Router("/api/attach/remove/", &controllers.DocumentController{}, "post:RemoveAttachment")
 	beego.Router("/api/:key/edit/?:id", &controllers.DocumentController{}, "*:Edit")
@ -145,7 +141,7 @@ func init() {
 	beego.Router("/tag/:key", &controllers.LabelController{}, "get:Index")
 	beego.Router("/tags", &controllers.LabelController{}, "get:List")

-	beego.Router("/items", &controllers.ItemsetsController{},"get:Index")
-	beego.Router("/items/:key", &controllers.ItemsetsController{},"get:List")
+	beego.Router("/items", &controllers.ItemsetsController{}, "get:Index")
+	beego.Router("/items/:key", &controllers.ItemsetsController{}, "get:List")

 }