77 lines
2.3 KiB
Go
77 lines
2.3 KiB
Go
package handler
|
|
|
|
import (
|
|
"encoding/json"
|
|
"github.com/gorilla/csrf"
|
|
"net/http"
|
|
"picgo/configs"
|
|
"picgo/corelib"
|
|
"picgo/corelib/captcha"
|
|
"picgo/data"
|
|
"picgo/model"
|
|
)
|
|
|
|
func LoginPageHandler(w http.ResponseWriter, r *http.Request) {
|
|
switch r.Method {
|
|
case http.MethodGet:
|
|
tmpData := map[string]interface{}{
|
|
csrf.TemplateTag: csrf.TemplateField(r),
|
|
}
|
|
corelib.TemplateHandler(w, tmpData, "login.html", "view/login.html")
|
|
default:
|
|
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
|
|
}
|
|
}
|
|
|
|
func LoginApiHandler(w http.ResponseWriter, r *http.Request) {
|
|
switch r.Method {
|
|
case http.MethodPost:
|
|
var (
|
|
err error
|
|
res model.LoginRequest
|
|
user model.SysUser
|
|
)
|
|
if err = json.NewDecoder(r.Body).Decode(&res); err != nil {
|
|
corelib.Logger.Error("LoginApiHandler, 参数获取失败")
|
|
corelib.WriteJsonResponse(w, 400, "参数错误", nil)
|
|
return
|
|
}
|
|
if (res.Username == "") || (res.Password == "") {
|
|
corelib.Logger.Error("LoginApiHandler, 用户名或者密码为空")
|
|
corelib.WriteJsonResponse(w, 400, "请输入用户名密码", nil)
|
|
return
|
|
}
|
|
cid := getCaptchaId(r)
|
|
if ok := captcha.Verify(cid, res.Captcha); !ok {
|
|
corelib.Logger.Error("LoginApiHandler, 验证码错误")
|
|
corelib.WriteJsonResponse(w, 400, "验证码错误", nil)
|
|
return
|
|
}
|
|
|
|
if user, err = data.SysUserSelectByUsername(res.Username); err != nil {
|
|
corelib.Logger.Error("LoginApiHandler, 用户不存在")
|
|
corelib.WriteJsonResponse(w, 1040, "用户不存在", nil)
|
|
return
|
|
}
|
|
|
|
// 验证用户名密码
|
|
if !corelib.ComparePasswords(user.Password, res.Password, user.Salt) {
|
|
corelib.Logger.Error("LoginApiHandler, 用户名或密码错误")
|
|
corelib.WriteJsonResponse(w, 1041, "用户名或密码错误", nil)
|
|
return
|
|
}
|
|
session, _ := corelib.SessionStore.Get(r, configs.Settings.Server.SessionName)
|
|
session.Values["username"] = user.Username
|
|
session.Values["id"] = user.ID
|
|
if err = session.Save(r, w); err != nil {
|
|
corelib.Logger.Error("LoginApiHandler, 会话保存失败:", err)
|
|
corelib.WriteJsonResponse(w, 1042, "会话保存失败", nil)
|
|
return
|
|
}
|
|
w.Header().Set("Content-Type", "application/json")
|
|
corelib.WriteJsonResponse(w, 200, "登录成功", nil)
|
|
default:
|
|
http.Error(w, "Method Not Allowed", http.StatusMethodNotAllowed)
|
|
}
|
|
}
|