Merge branch 'feat/1.1.0/report' of github.com:answerdev/answer into feat/1.1.0/report

2023-05-26 18:21:21 +08:00 · 2023-05-26 18:21:21 +08:00 · 03fb591c45
parent cf8e08f501 cbaf50e691
commit 03fb591c45
4 changed files with 98 additions and 61 deletions
--- a/i18n/en_US.yaml
+++ b/i18n/en_US.yaml
@ -1,4 +1,5 @@
 # The following fields are used for back-end
+
 backend:
  base:
    success:
@ -221,6 +222,8 @@ backend:
      no_permission:
        other: No permission to Revision.
    user:
+      external_login_missing_user_id:
+        other: The third-party platform does not provide a unique UserID, so you cannot login, please contact the website administrator.
      external_login_unbinding_forbidden:
        other: Please set a login password for your account before you remove this login.
      email_or_password_wrong:
--- a/internal/base/reason/reason.go
+++ b/internal/base/reason/reason.go
@ -74,7 +74,12 @@ const (
 	SMTPConfigFromNameCannotBeEmail  = "error.smtp.config_from_name_cannot_be_email"
 	AdminCannotUpdateTheirPassword   = "error.admin.cannot_update_their_password"
 	AdminCannotModifySelfStatus      = "error.admin.cannot_modify_self_status"
-	UserExternalLoginUnbindingForbidden = "error.user.external_login_unbinding_forbidden"
 	UserAccessDenied                 = "error.user.access_denied"
 	UserPageAccessDenied             = "error.user.page_access_denied"
 )
+
+// user external login reasons
+const (
+	UserExternalLoginUnbindingForbidden = "error.user.external_login_unbinding_forbidden"
+	UserExternalLoginMissingUserID      = "error.user.external_login_missing_user_id"
+)
--- a/internal/service/user_external_login/user_center_login_service.go
+++ b/internal/service/user_external_login/user_center_login_service.go
@ -49,6 +49,12 @@ func NewUserCenterLoginService(
 func (us *UserCenterLoginService) ExternalLogin(
 	ctx context.Context, userCenter plugin.UserCenter, basicUserInfo *plugin.UserCenterBasicUserInfo) (
 	resp *schema.UserExternalLoginResp, err error) {
+	if len(basicUserInfo.ExternalID) == 0 {
+		return &schema.UserExternalLoginResp{
+			ErrTitle: translator.Tr(handler.GetLangByCtx(ctx), reason.UserAccessDenied),
+			ErrMsg:   translator.Tr(handler.GetLangByCtx(ctx), reason.UserExternalLoginMissingUserID),
+		}, nil
+	}

 	if len(basicUserInfo.Email) > 0 {
 		// check whether site allow register or not
--- a/internal/service/user_external_login/user_external_login_service.go
+++ b/internal/service/user_external_login/user_external_login_service.go
@ -6,13 +6,16 @@ import (
 	"fmt"
 	"time"

+	"github.com/answerdev/answer/internal/base/handler"
 	"github.com/answerdev/answer/internal/base/reason"
+	"github.com/answerdev/answer/internal/base/translator"
 	"github.com/answerdev/answer/internal/entity"
 	"github.com/answerdev/answer/internal/schema"
 	"github.com/answerdev/answer/internal/service/activity"
 	"github.com/answerdev/answer/internal/service/export"
 	"github.com/answerdev/answer/internal/service/siteinfo_common"
 	usercommon "github.com/answerdev/answer/internal/service/user_common"
+	"github.com/answerdev/answer/pkg/checker"
 	"github.com/answerdev/answer/pkg/random"
 	"github.com/answerdev/answer/pkg/token"
 	"github.com/answerdev/answer/plugin"
@ -64,6 +67,13 @@ func NewUserExternalLoginService(
 func (us *UserExternalLoginService) ExternalLogin(
 	ctx context.Context, externalUserInfo *schema.ExternalLoginUserInfoCache) (
 	resp *schema.UserExternalLoginResp, err error) {
+	if len(externalUserInfo.ExternalID) == 0 {
+		return &schema.UserExternalLoginResp{
+			ErrTitle: translator.Tr(handler.GetLangByCtx(ctx), reason.UserAccessDenied),
+			ErrMsg:   translator.Tr(handler.GetLangByCtx(ctx), reason.UserExternalLoginMissingUserID),
+		}, nil
+	}
+
 	oldExternalLoginUserInfo, exist, err := us.userExternalLoginRepo.GetByExternalID(ctx,
 		externalUserInfo.Provider, externalUserInfo.ExternalID)
 	if err != nil {
@ -99,6 +109,19 @@ func (us *UserExternalLoginService) ExternalLogin(
 		return &schema.UserExternalLoginResp{BindingKey: bindingKey}, nil
 	}

+	// check whether site allow register or not
+	siteInfo, err := us.siteInfoCommonService.GetSiteLogin(ctx)
+	if err != nil {
+		return nil, err
+	}
+	if !checker.EmailInAllowEmailDomain(externalUserInfo.Email, siteInfo.AllowEmailDomains) {
+		log.Debugf("email domain not allowed: %s", externalUserInfo.Email)
+		return &schema.UserExternalLoginResp{
+			ErrTitle: translator.Tr(handler.GetLangByCtx(ctx), reason.UserAccessDenied),
+			ErrMsg:   translator.Tr(handler.GetLangByCtx(ctx), reason.EmailIllegalDomainError),
+		}, nil
+	}
+
 	oldUserInfo, exist, err := us.userRepo.GetByEmail(ctx, externalUserInfo.Email)
 	if err != nil {
 		return nil, err