Merge pull request #45 from NJUPT-SAST/dev-windpo

fix: APIS:1、UserInfo:fix get userInfo by uid,2、VerifyAccount、SendEmai…
NJUPT-SAST · Sep 24, 2023 · 9e06780 · 9e06780
2 parents d7e8b4b + ac3cff5
commit 9e06780
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 6 deletions.
diff --git a/api/v1/user.go b/api/v1/user.go
@@ -2,6 +2,7 @@ package v1
 
 import (
 	"net/http"
+	"regexp"
 	"strings"
 
 	"github.com/NJUPT-SAST/sast-link-backend/model"
@@ -129,6 +130,12 @@ func SendEmail(ctx *gin.Context) {
 		ctx.JSON(http.StatusUnauthorized, result.Failed(result.TicketNotCorrect))
 		return
 	}
+	// verify if the user email correct
+	matched, _ := regexp.MatchString("^[a-zA-Z][0-9]{8}@njupt.edu.cn$", username)
+	if !matched {
+		ctx.JSON(http.StatusBadRequest, result.Failed(result.UserEmailError))
+		return
+	}
 
 	var title string
 	if flag == model.REGIST_TICKET_SUB {
@@ -142,7 +149,6 @@ func SendEmail(ctx *gin.Context) {
 			logrus.Fields{
 				"username": username,
 			}).Error(err)
-
 		ctx.JSON(http.StatusOK, result.Failed(result.HandleError(err)))
 	} else {
 		ctx.JSON(http.StatusOK, result.Success(nil))

diff --git a/model/result/common.go b/model/result/common.go
@@ -39,6 +39,7 @@ var (
 	InvalidAccToken       = LocalError{ErrCode: 20009, ErrMsg: "无效的token"}
 	SendEmailError        = LocalError{ErrCode: 30001, ErrMsg: "发送邮件失败"}
 	CaptchaError          = LocalError{ErrCode: 30002, ErrMsg: "验证码错误"}
+	UserEmailError        = LocalError{ErrCode: 30003, ErrMsg: "邮箱格式错误"}
 	VerifyAccountError    = LocalError{ErrCode: 40001, ErrMsg: "验证账户失败"}
 	VerifyPasswordError   = LocalError{ErrCode: 40002, ErrMsg: "验证账户密码失败"}
 	// this is default error
@@ -75,6 +76,7 @@ var errorMap = map[int]LocalError{
 	20009: InvalidAccToken,
 	30001: SendEmailError,
 	30002: CaptchaError,
+	30003: UserEmailError,
 	40001: VerifyAccountError,
 	40002: VerifyPasswordError,
 	60001: ClientErr,

diff --git a/model/user.go b/model/user.go
@@ -2,7 +2,6 @@ package model
 
 import (
 	"errors"
-	"fmt"
 	"regexp"
 	"time"
 
@@ -115,10 +114,23 @@ func CheckUserByUid(uid string) (bool, error) {
 
 func UserInfo(username string) (*User, error) {
 	var user = User{Uid: &username}
-	if err := Db.Where("email = ?", username).Where("is_deleted = ?", false).First(&user).Error; err != nil {
-		return nil, fmt.Errorf("%v: User [%s] Not Exist\n", err, username)
+	matched, err2 := regexp.MatchString("@", username)
+	if err2 != nil {
+		userLogger.Infof("regexp matchiong error")
+		return nil, err2
+	}
+	var err error = nil
+	if matched {
+		err = Db.Where("email = ?", username).Where("is_deleted = ?", false).First(&user).Error
+	} else {
+		err = Db.Where("uid = ?", username).Where("is_deleted = ?", false).First(&user).Error
+	}
+	if err != nil {
+		if errors.Is(err, gorm.ErrRecordNotFound) {
+			userLogger.Infof("User [%s] Not Exist\n", username)
+			return nil, err
+		}
 	}
-
 	return &user, nil
 }
 

diff --git a/service/user.go b/service/user.go
@@ -59,6 +59,11 @@ func VerifyAccount(ctx *gin.Context, username, flag string) (string, error) {
 }
 
 func VerifyAccountResetPWD(ctx *gin.Context, username string) (string, error) {
+	// verify if the user email correct
+	matched, _ := regexp.MatchString("^[a-zA-Z][0-9]{8}@njupt.edu.cn$", username)
+	if !matched {
+		return "", result.UserEmailError
+	}
 	// check if the user is exist
 	exist, err := model.CheckUserByEmail(username)
 	if err != nil {
@@ -78,11 +83,15 @@ func VerifyAccountResetPWD(ctx *gin.Context, username string) (string, error) {
 		// user not exist	and can`t resetPWD
 		return "", result.UserNotExist
 	}
-
 }
 
 // This function is used to verify the user's email is exist or not when register
 func VerifyAccountRegister(ctx *gin.Context, username string) (string, error) {
+	// verify if the user email correct
+	matched, _ := regexp.MatchString("^[a-zA-Z][0-9]{8}@njupt.edu.cn$", username)
+	if !matched {
+		return "", result.UserEmailError
+	}
 	// check if the user is exist
 	exist, err := model.CheckUserByEmail(username)
 	if err != nil {