實作 https://github.com/cloudreve/Cloudreve/pull/765#discussion_r584313520

2021-03-01 13:32:21 +08:00 · 2021-03-01 13:32:21 +08:00 · f2476c5c39
commit f2476c5c39
parent 0c435650d8
4 changed files with 16 additions and 3 deletions
--- a/middleware/auth.go
+++ b/middleware/auth.go
@ -90,7 +90,7 @@ func WebDAVAuth() gin.HandlerFunc {
 			return
 		}

-		expectedUser, err := model.GetUserByEmail(username)
+		expectedUser, err := model.GetActiveUserByEmail(username)
 		if err != nil {
 			c.Status(http.StatusUnauthorized)
 			c.Abort()
--- a/models/user.go
+++ b/models/user.go
@ -144,6 +144,13 @@ func GetUserByEmail(email string) (User, error) {
 	return user, result.Error
 }

+// GetActiveUserByEmail 用Email获取可登录用户
+func GetActiveUserByEmail(email string) (User, error) {
+	var user User
+	result := DB.Set("gorm:auto_preload", true).Where("status = ? and email = ?", Active, email).First(&user)
+	return user, result.Error
+}
+
 // NewUser 返回一个新的空 User
 func NewUser() User {
 	options := UserOption{}
--- a/routers/controllers/user.go
+++ b/routers/controllers/user.go
@ -18,7 +18,7 @@ import (
 // StartLoginAuthn 开始注册WebAuthn登录
 func StartLoginAuthn(c *gin.Context) {
 	userName := c.Param("username")
-	expectedUser, err := model.GetUserByEmail(userName)
+	expectedUser, err := model.GetActiveUserByEmail(userName)
 	if err != nil {
 		c.JSON(200, serializer.Err(serializer.CodeNotFound, "用户不存在", err))
 		return
@ -52,7 +52,7 @@ func StartLoginAuthn(c *gin.Context) {
 // FinishLoginAuthn 完成注册WebAuthn登录
 func FinishLoginAuthn(c *gin.Context) {
 	userName := c.Param("username")
-	expectedUser, err := model.GetUserByEmail(userName)
+	expectedUser, err := model.GetActiveUserByEmail(userName)
 	if err != nil {
 		c.JSON(200, serializer.Err(serializer.CodeCredentialInvalid, "用户邮箱或密码错误", err))
 		return
--- a/service/user/login.go
+++ b/service/user/login.go
@ -94,6 +94,12 @@ func (service *UserResetEmailService) Reset(c *gin.Context) serializer.Response
 	// 查找用户
 	if user, err := model.GetUserByEmail(service.UserName); err == nil {

+		if user.Status == model.Baned || user.Status == model.OveruseBaned {
+			return serializer.Err(403, "该账号已被封禁", nil)
+		}
+		if user.Status == model.NotActivicated {
+			return serializer.Err(403, "该账号未激活", nil)
+		}
 		// 创建密码重设会话
 		secret := util.RandStringRunes(32)
 		cache.Set(fmt.Sprintf("user_reset_%d", user.ID), secret, 3600)