98 lines
1.9 KiB
Go
98 lines
1.9 KiB
Go
package http
|
|
|
|
import (
|
|
"github.com/gin-contrib/sessions"
|
|
"github.com/gin-gonic/gin"
|
|
|
|
"github.com/didi/nightingale/v5/config"
|
|
"github.com/didi/nightingale/v5/models"
|
|
)
|
|
|
|
type loginForm struct {
|
|
Username string `json:"username"`
|
|
Password string `json:"password"`
|
|
}
|
|
|
|
func loginPost(c *gin.Context) {
|
|
var f loginForm
|
|
bind(c, &f)
|
|
|
|
user, err1 := models.PassLogin(f.Username, f.Password)
|
|
if err1 == nil {
|
|
if user.Status == 1 {
|
|
renderMessage(c, "User disabled")
|
|
return
|
|
}
|
|
session := sessions.Default(c)
|
|
session.Set("username", f.Username)
|
|
session.Save()
|
|
renderData(c, user, nil)
|
|
return
|
|
}
|
|
|
|
// password login fail, try ldap
|
|
if config.Config.LDAP.Enable {
|
|
user, err2 := models.LdapLogin(f.Username, f.Password)
|
|
if err2 == nil {
|
|
if user.Status == 1 {
|
|
renderMessage(c, "User disabled")
|
|
return
|
|
}
|
|
session := sessions.Default(c)
|
|
session.Set("username", f.Username)
|
|
session.Save()
|
|
renderData(c, user, nil)
|
|
return
|
|
}
|
|
}
|
|
|
|
// password and ldap both fail
|
|
renderMessage(c, err1)
|
|
}
|
|
|
|
func logoutGet(c *gin.Context) {
|
|
session := sessions.Default(c)
|
|
session.Set("username", "")
|
|
session.Save()
|
|
renderMessage(c, nil)
|
|
}
|
|
|
|
func canDoOpByName(c *gin.Context) {
|
|
user, err := models.UserGetByUsername(queryStr(c, "name"))
|
|
dangerous(err)
|
|
|
|
if user == nil {
|
|
renderData(c, false, err)
|
|
return
|
|
}
|
|
|
|
can, err := user.CanDo(queryStr(c, "op"))
|
|
renderData(c, can, err)
|
|
}
|
|
|
|
func canDoOpByToken(c *gin.Context) {
|
|
userToken, err := models.UserTokenGet("token=?", queryStr(c, "token"))
|
|
dangerous(err)
|
|
|
|
if userToken == nil {
|
|
renderData(c, false, err)
|
|
return
|
|
}
|
|
|
|
user, err := models.UserGetByUsername(userToken.Username)
|
|
dangerous(err)
|
|
|
|
if user == nil {
|
|
renderData(c, false, err)
|
|
return
|
|
}
|
|
|
|
can, err := user.CanDo(queryStr(c, "op"))
|
|
renderData(c, can, err)
|
|
}
|
|
|
|
func getUserByName(c *gin.Context) {
|
|
user, err := models.UserGetByUsername(queryStr(c, "name"))
|
|
renderData(c, user, err)
|
|
}
|