fusenapi/server/ldap-admin/internal/logic/updateldapuserpwdlogic.go
laodaming 06b826769b fix
2023-11-21 10:38:11 +08:00

90 lines
2.9 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package logic
import (
"fusenapi/utils/auth"
"fusenapi/utils/basic"
"fusenapi/utils/email"
"fusenapi/utils/encryption_decryption"
"fusenapi/utils/ldap_lib"
"strings"
"context"
"fusenapi/server/ldap-admin/internal/svc"
"fusenapi/server/ldap-admin/internal/types"
"github.com/zeromicro/go-zero/core/logx"
)
type UpdateLdapUserPwdLogic struct {
logx.Logger
ctx context.Context
svcCtx *svc.ServiceContext
}
func NewUpdateLdapUserPwdLogic(ctx context.Context, svcCtx *svc.ServiceContext) *UpdateLdapUserPwdLogic {
return &UpdateLdapUserPwdLogic{
Logger: logx.WithContext(ctx),
ctx: ctx,
svcCtx: svcCtx,
}
}
// 处理进入前逻辑w,r
// func (l *UpdateLdapUserPwdLogic) BeforeLogic(w http.ResponseWriter, r *http.Request) {
// }
func (l *UpdateLdapUserPwdLogic) UpdateLdapUserPwd(req *types.UpdateLdapUserPwdReq, userinfo *auth.UserInfo) (resp *basic.Response) {
req.UserDN = strings.Trim(req.UserDN, " ")
req.NewPassword = strings.Trim(req.NewPassword, " ")
req.OldPassword = strings.Trim(req.OldPassword, " ")
if req.NewPassword == "" || req.OldPassword == "" {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "新/旧密码都不允许为空")
}
if len(req.UserDN) <= 3 || req.UserDN[:3] != "cn=" {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "参数错误无效的用户DN")
}
cnEmail := strings.Split(req.UserDN, ",")[0][3:]
if !email.IsEmailValid(cnEmail) {
return resp.SetStatusWithMessage(basic.CodeRequestParamsErr, "错误的用户cn")
}
ldapServer := ldap_lib.NewLdap(l.svcCtx.Ldap, l.svcCtx.Config.Ldap.BaseDN, l.svcCtx.Config.Ldap.RootDN, l.svcCtx.Config.Ldap.PeopleGroupDN)
//查询个人信息
user, err := ldapServer.GetLdapUserInfo(req.UserDN)
if err != nil {
logx.Error(err)
return resp.SetStatusWithMessage(basic.CodeServiceErr, err.Error())
}
if len(user.Password) > 7 && user.Password[:7] == "{crypt}" {
//解密旧的密码
oldPwd, err := encryption_decryption.CBCDecrypt(user.Password[7:])
if err != nil {
logx.Error(err)
return resp.SetStatusWithMessage(basic.CodeServiceErr, "解密旧的密码出错")
}
//验证旧的密码
if oldPwd != req.OldPassword {
return resp.SetStatusWithMessage(basic.CodeServiceErr, "旧密码不对,请重新尝试")
}
}
//加密新的密码
newPwd, err := encryption_decryption.CBCEncrypt(req.NewPassword)
if err != nil {
logx.Error(err)
return resp.SetStatusWithMessage(basic.CodeServiceErr, "加密密码失败")
}
err = ldapServer.Update(req.UserDN, map[string][]string{
"userPassword": {"{crypt}" + newPwd},
})
if err != nil {
logx.Error(err)
return resp.SetStatusWithMessage(basic.CodeServiceErr, "修改密码失败")
}
return resp.SetStatusWithMessage(basic.CodeOK, "修改密码成功")
}
// 处理逻辑后 w,r 如:重定向, resp 必须重新处理
// func (l *UpdateLdapUserPwdLogic) AfterLogic(w http.ResponseWriter, r *http.Request, resp *basic.Response) {
// // httpx.OkJsonCtx(r.Context(), w, resp)
// }