nightingale/http/router_auth.go

98 lines
1.9 KiB
Go

package http
import (
"github.com/gin-contrib/sessions"
"github.com/gin-gonic/gin"
"github.com/didi/nightingale/v5/config"
"github.com/didi/nightingale/v5/models"
)
type loginForm struct {
Username string `json:"username"`
Password string `json:"password"`
}
func loginPost(c *gin.Context) {
var f loginForm
bind(c, &f)
user, err1 := models.PassLogin(f.Username, f.Password)
if err1 == nil {
if user.Status == 1 {
renderMessage(c, "User disabled")
return
}
session := sessions.Default(c)
session.Set("username", f.Username)
session.Save()
renderData(c, user, nil)
return
}
// password login fail, try ldap
if config.Config.LDAP.Enable {
user, err2 := models.LdapLogin(f.Username, f.Password)
if err2 == nil {
if user.Status == 1 {
renderMessage(c, "User disabled")
return
}
session := sessions.Default(c)
session.Set("username", f.Username)
session.Save()
renderData(c, user, nil)
return
}
}
// password and ldap both fail
renderMessage(c, err1)
}
func logoutGet(c *gin.Context) {
session := sessions.Default(c)
session.Set("username", "")
session.Save()
renderMessage(c, nil)
}
func canDoOpByName(c *gin.Context) {
user, err := models.UserGetByUsername(queryStr(c, "name"))
dangerous(err)
if user == nil {
renderData(c, false, err)
return
}
can, err := user.CanDo(queryStr(c, "op"))
renderData(c, can, err)
}
func canDoOpByToken(c *gin.Context) {
userToken, err := models.UserTokenGet("token=?", queryStr(c, "token"))
dangerous(err)
if userToken == nil {
renderData(c, false, err)
return
}
user, err := models.UserGetByUsername(userToken.Username)
dangerous(err)
if user == nil {
renderData(c, false, err)
return
}
can, err := user.CanDo(queryStr(c, "op"))
renderData(c, can, err)
}
func getUserByName(c *gin.Context) {
user, err := models.UserGetByUsername(queryStr(c, "name"))
renderData(c, user, err)
}