From 12458d8f48c7bb8b013e4af88fda7569e0078d27 Mon Sep 17 00:00:00 2001 From: windpo Date: Tue, 7 Nov 2023 00:46:47 +0800 Subject: [PATCH] fix resetPWD --- model/common.go | 11 ++++++----- model/user.go | 4 ++-- service/user.go | 9 +++++++-- util/jwt.go | 13 ++++++++++--- 4 files changed, 25 insertions(+), 12 deletions(-) diff --git a/model/common.go b/model/common.go index c48426c..caf46eb 100644 --- a/model/common.go +++ b/model/common.go @@ -17,10 +17,10 @@ const ( LOGIN_TOKEN_IN_REDIS = "LOGIN" // For JWT - LOGIN_TOKEN_SUB = "loginToken" - LOGIN_TICKET_SUB = "loginTicket" - REGIST_TICKET_SUB = "registerTicket" - RESETPWD_TICKET_SUB = "resetPwdTicket" + LOGIN_TOKEN_SUB = "loginToken" + LOGIN_TICKET_SUB = "loginTicket" + REGIST_TICKET_SUB = "registerTicket" + RESETPWD_TICKET_SUB = "resetPwdTicket" ) var ( @@ -43,7 +43,8 @@ func LoginTicketKey(username string) string { func RegisterJWTSubKey(username string) string { return fmt.Sprintf("%s-%s", username, REGIST_TICKET_SUB) } -func ResetPwdJWTSubkey(username string) string { + +func ResetPwdJWTSubKey(username string) string { return fmt.Sprintf("%s-%s", username, RESETPWD_TICKET_SUB) } diff --git a/model/user.go b/model/user.go index 66c9e2d..bc5a921 100644 --- a/model/user.go +++ b/model/user.go @@ -80,9 +80,9 @@ func CheckPassword(username string, password string) (string, error) { return *user.Uid, err } -func ChangePassword(username string, password string) error { +func ChangePassword(uid string, password string) error { pwdEncrypted := util.ShaHashing(password) - err := Db.Model(&User{}).Where("uid = ?", username).Where("is_deleted = ?", false).Update("password", pwdEncrypted).Error + err := Db.Debug().Model(&User{}).Where("uid = ?", uid).Where("is_deleted = ?", false).Update("password", pwdEncrypted).Error if err != nil { return err } diff --git a/service/user.go b/service/user.go index bff72de..86cf779 100644 --- a/service/user.go +++ b/service/user.go @@ -84,7 +84,7 @@ func VerifyAccountResetPWD(ctx *gin.Context, username string) (string, error) { // User exist and try to reset password if user != nil { - ticket, err := util.GenerateTokenWithExp(ctx, model.ResetPwdJWTSubkey(username), model.RESETPWD_TICKET_EXP) + ticket, err := util.GenerateTokenWithExp(ctx, model.ResetPwdJWTSubKey(username), model.RESETPWD_TICKET_EXP) if err != nil { return "", err } @@ -177,7 +177,12 @@ func ResetPassword(username, newPassword string) error { if !CheckPasswordFormat(newPassword) { return result.PasswordIllegal } - cErr := model.ChangePassword(username, newPassword) + + split := regexp.MustCompile(`@`) + uid := split.Split(username, 2)[0] + uid = strings.ToLower(uid) + + cErr := model.ChangePassword(uid, newPassword) if cErr != nil { return cErr } diff --git a/util/jwt.go b/util/jwt.go index 2bea99f..3b6b2f7 100644 --- a/util/jwt.go +++ b/util/jwt.go @@ -6,6 +6,7 @@ import ( "context" "encoding/base64" "errors" + "github.com/NJUPT-SAST/sast-link-backend/log" "strings" "time" @@ -16,7 +17,10 @@ import ( "github.com/NJUPT-SAST/sast-link-backend/model/result" ) -var jwtSigningKey = config.Config.Sub("jwt").GetString("signing_key") +var ( + utilLogger = log.Log + jwtSigningKey = config.Config.Sub("jwt").GetString("signing_key") +) // GenerateToken // token expireTime : not set, do this with redis @@ -47,18 +51,21 @@ func GenerateTokenWithExp(ctx context.Context, username string, expireTime time. func ParseToken(token string) (*JWTAccessClaims, error) { tokenClaims, err := jwt.ParseWithClaims(token, &JWTAccessClaims{}, func(t *jwt.Token) (interface{}, error) { if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok { + utilLogger.Error(token + "-pasefail") return nil, result.AuthParseTokenFail } return []byte(jwtSigningKey), nil }) if err != nil { - return nil, result.AuthParseTokenFail.Wrap(err) + utilLogger.Error(token + "-pasefail-" + "msg:" + err.Error()) + return nil, result.AuthParseTokenFail } if claims, ok := tokenClaims.Claims.(*JWTAccessClaims); ok && tokenClaims.Valid { return claims, nil } else { - return nil, result.AuthParseTokenFail.Wrap(err) + utilLogger.Error(token + "-pasefail-" + "msg:" + err.Error()) + return nil, result.AuthParseTokenFail } }