2023-11-20 03:54:30 +00:00
|
|
|
|
package logic
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fusenapi/utils/basic"
|
|
|
|
|
"fusenapi/utils/email"
|
|
|
|
|
"fusenapi/utils/encryption_decryption"
|
2023-11-21 10:10:30 +00:00
|
|
|
|
"net/http"
|
2023-11-20 03:54:30 +00:00
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"context"
|
|
|
|
|
|
|
|
|
|
"fusenapi/server/ldap-admin/internal/svc"
|
|
|
|
|
"fusenapi/server/ldap-admin/internal/types"
|
|
|
|
|
|
|
|
|
|
"github.com/zeromicro/go-zero/core/logx"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type UpdateLdapUserPwdLogic struct {
|
|
|
|
|
logx.Logger
|
|
|
|
|
ctx context.Context
|
|
|
|
|
svcCtx *svc.ServiceContext
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func NewUpdateLdapUserPwdLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UpdateLdapUserPwdLogic {
|
|
|
|
|
return &UpdateLdapUserPwdLogic{
|
|
|
|
|
Logger: logx.WithContext(ctx),
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
svcCtx: svcCtx,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 处理进入前逻辑w,r
|
|
|
|
|
// func (l *UpdateLdapUserPwdLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
// }
|
|
|
|
|
|
2023-11-21 10:10:30 +00:00
|
|
|
|
func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, r *http.Request) (resp *basic.Response) {
|
2023-11-22 02:12:46 +00:00
|
|
|
|
|
2023-11-22 02:19:27 +00:00
|
|
|
|
if !l.svcCtx.Ldap.VerifyAuthority(r) {
|
2023-11-21 10:10:30 +00:00
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeUnAuth, "无权限,请联系管理员开通")
|
|
|
|
|
}
|
2023-11-20 03:54:30 +00:00
|
|
|
|
req.UserDN = strings.Trim(req.UserDN, " ")
|
|
|
|
|
req.NewPassword = strings.Trim(req.NewPassword, " ")
|
|
|
|
|
req.OldPassword = strings.Trim(req.OldPassword, " ")
|
|
|
|
|
if req.NewPassword == "" || req.OldPassword == "" {
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "新/旧密码都不允许为空")
|
|
|
|
|
}
|
|
|
|
|
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误,无效的用户DN")
|
|
|
|
|
}
|
|
|
|
|
cnEmail := strings.Split(req.UserDN, ",")[0][3:]
|
|
|
|
|
if !email.IsEmailValid(cnEmail) {
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
|
|
|
|
|
}
|
|
|
|
|
//查询个人信息
|
2023-11-22 02:12:46 +00:00
|
|
|
|
user, err := l.svcCtx.Ldap.GetLdapUserInfo(req.UserDN)
|
2023-11-20 03:54:30 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
logx.Error(err)
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
|
|
|
|
|
}
|
2023-11-21 02:38:11 +00:00
|
|
|
|
if len(user.Password) > 7 && user.Password[:7] == "{crypt}" {
|
|
|
|
|
//解密旧的密码
|
|
|
|
|
oldPwd, err := encryption_decryption.CBCDecrypt(user.Password[7:])
|
|
|
|
|
if err != nil {
|
|
|
|
|
logx.Error(err)
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "解密旧的密码出错")
|
|
|
|
|
}
|
|
|
|
|
//验证旧的密码
|
|
|
|
|
if oldPwd != req.OldPassword {
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "旧密码不对,请重新尝试")
|
|
|
|
|
}
|
2023-11-20 03:54:30 +00:00
|
|
|
|
}
|
|
|
|
|
//加密新的密码
|
|
|
|
|
newPwd, err := encryption_decryption.CBCEncrypt(req.NewPassword)
|
|
|
|
|
if err != nil {
|
|
|
|
|
logx.Error(err)
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
|
|
|
|
|
}
|
2023-11-22 02:12:46 +00:00
|
|
|
|
err = l.svcCtx.Ldap.Update(req.UserDN, map[string][]string{
|
2023-11-20 03:54:30 +00:00
|
|
|
|
"userPassword": {"{crypt}" + newPwd},
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
logx.Error(err)
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeServiceErr, "修改密码失败")
|
|
|
|
|
}
|
|
|
|
|
return resp.SetStatusWithMessage(basic.CodeOK, "修改密码成功")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
|
|
|
|
|
// func (l *UpdateLdapUserPwdLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
|
|
|
|
|
// // httpx.OkJsonCtx(r.Context(), w, resp)
|
|
|
|
|
// }
|