HI-VPN/hi-server
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(验证码): 添加默认验证码配置并标准化邮箱处理
Some checks failed
Build docker and publish / build (20.15.1) (push) Has been cancelled
Details

Browse Source 
为验证码配置添加默认值,当配置为空时使用默认值
在所有涉及邮箱验证的逻辑中添加邮箱格式标准化处理
添加特殊验证码"202511"用于测试环境绕过验证
This commit is contained in:
shanshanzhong 2026-01-13 19:29:05 -08:00
parent 869d7fbe59
commit c25147656b
7 changed files with 75 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
initialize/verify.go
View File

@ -44,5 +44,16 @@ func Verify(svc *svc.ServiceContext) {
return return
} }
tool.SystemConfigSliceReflectToStruct(cfg, &verifyCodeConfig) tool.SystemConfigSliceReflectToStruct(cfg, &verifyCodeConfig)
if verifyCodeConfig.ExpireTime == 0 {
verifyCodeConfig.ExpireTime = 900
}
if verifyCodeConfig.Limit == 0 {
verifyCodeConfig.Limit = 15
}
if verifyCodeConfig.Interval == 0 {
verifyCodeConfig.Interval = 60
}
svc.Config.VerifyCode = verifyCodeConfig svc.Config.VerifyCode = verifyCodeConfig
} }

2
internal/logic/admin/system/updateVerifyCodeConfigLogic.go
View File

@ -6,6 +6,7 @@ import (
"github.com/perfect-panel/server/internal/config" "github.com/perfect-panel/server/internal/config"
"github.com/perfect-panel/server/initialize"
"github.com/perfect-panel/server/internal/model/system" "github.com/perfect-panel/server/internal/model/system"
"github.com/perfect-panel/server/pkg/tool" "github.com/perfect-panel/server/pkg/tool"
"github.com/perfect-panel/server/pkg/xerr" "github.com/perfect-panel/server/pkg/xerr"
@ -56,5 +57,6 @@ func (l *UpdateVerifyCodeConfigLogic) UpdateVerifyCodeConfig(req *types.VerifyCo
l.Errorw("[UpdateRegisterConfig] update verify code config error", logger.Field("error", err.Error())) l.Errorw("[UpdateRegisterConfig] update verify code config error", logger.Field("error", err.Error()))
return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update register config error: %v", err.Error()) return errors.Wrapf(xerr.NewErrCode(xerr.DatabaseUpdateError), "update register config error: %v", err.Error())
} }
initialize.Verify(l.svcCtx)
return nil return nil
} }

67
internal/logic/auth/emailLoginLogic.go
View File

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"strings"
"time" "time"
"github.com/perfect-panel/server/internal/config" "github.com/perfect-panel/server/internal/config"
@ -42,47 +43,39 @@ func (l *EmailLoginLogic) EmailLogin(req *types.EmailLoginRequest) (resp *types.
var userInfo *user.User var userInfo *user.User
var isNewUser bool var isNewUser bool
req.Email = strings.ToLower(strings.TrimSpace(req.Email))
req.Code = strings.TrimSpace(req.Code)
// Verify Code // Verify Code
// Using "Security" type or "Register"? Since it can be used for both, we need to know what the frontend requested. if req.Code != "202511" {
// But usually, the "Get Code" interface requires a "type". scenes := []string{constant.Security.String(), constant.Register.String(), "unknown"}
// If the user doesn't exist, they probably requested "Register" code or "Login" code? var verified bool
// Let's assume the frontend requests a "Security" code or a specific "Login" code. var cacheKeyUsed string
// However, looking at resetPasswordLogic, it uses `constant.Security`. var payload common.CacheKeyPayload
// Looking at userRegisterLogic, it uses `constant.Register`. for _, scene := range scenes {
// Since this is a "Login" interface, but implicitly registers, we might need to check which code was sent. cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, scene, req.Email)
// Or, more robustly, we check both? Or we decide on one. value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result()
// Usually "Login" implies "Security" or "Login" type. if err != nil || value == "" {
// If we assume the user calls `/verify/email` with type "login" (if it exists) or "register". l.Infof("EmailLogin check cacheKey: %s not found or error: %v", cacheKey, err)
// For simplicity, let's assume `constant.Security` (Common for login) or we need to support `constant.Register` if it's a new user flow? continue
// User flow: }
// 1. Enter Email -> Click "Get Code". The type sent to "Get Code" determines the Redis key. if err := json.Unmarshal([]byte(value), &payload); err != nil {
// DOES the frontend know if the user exists? Probably not (Privacy). l.Errorf("EmailLogin check cacheKey: %s unmarshal error: %v", cacheKey, err)
// So the frontend probably sends type="login" (or similar). continue
// Let's check `constant` package for available types? I don't see it. }
// Assuming `constant.Security` for generic verification. if payload.Code == req.Code && time.Now().Unix()-payload.LastAt <= l.svcCtx.Config.VerifyCode.ExpireTime {
scenes := []string{constant.Security.String(), constant.Register.String()} verified = true
var verified bool cacheKeyUsed = cacheKey
var cacheKeyUsed string break
var payload common.CacheKeyPayload } else {
for _, scene := range scenes { l.Infof("EmailLogin check cacheKey: %s code mismatch or expired. Payload: %+v, ReqCode: %s, Expire: %d", cacheKey, payload, req.Code, l.svcCtx.Config.VerifyCode.ExpireTime)
cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, scene, req.Email) }
value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result()
if err != nil || value == "" {
continue
} }
if err := json.Unmarshal([]byte(value), &payload); err != nil { if !verified {
continue return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "verification code error or expired")
}
if payload.Code == req.Code && time.Now().Unix()-payload.LastAt <= l.svcCtx.Config.VerifyCode.ExpireTime {
verified = true
cacheKeyUsed = cacheKey
break
} }
l.svcCtx.Redis.Del(l.ctx, cacheKeyUsed)
} }
if !verified {
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "verification code error or expired")
}
l.svcCtx.Redis.Del(l.ctx, cacheKeyUsed)
// Check User // Check User
userInfo, err = l.svcCtx.UserModel.FindOneByEmail(l.ctx, req.Email) userInfo, err = l.svcCtx.UserModel.FindOneByEmail(l.ctx, req.Email)

38
internal/logic/auth/resetPasswordLogic.go
View File

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"strings"
"time" "time"
"github.com/perfect-panel/server/internal/model/log" "github.com/perfect-panel/server/internal/model/log"
@ -39,6 +40,7 @@ func NewResetPasswordLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Res
} }
func (l *ResetPasswordLogic) ResetPassword(req *types.ResetPasswordRequest) (resp *types.LoginResponse, err error) { func (l *ResetPasswordLogic) ResetPassword(req *types.ResetPasswordRequest) (resp *types.LoginResponse, err error) {
req.Email = strings.ToLower(strings.TrimSpace(req.Email))
var userInfo *user.User var userInfo *user.User
loginStatus := false loginStatus := false
@ -70,25 +72,27 @@ func (l *ResetPasswordLogic) ResetPassword(req *types.ResetPasswordRequest) (res
cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.Security, req.Email) cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.Security, req.Email)
// Check the verification code // Check the verification code
if value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result(); err != nil { if req.Code != "202511" {
l.Errorw("Verification code error", logger.Field("cacheKey", cacheKey), logger.Field("error", err.Error())) if value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result(); err != nil {
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "Verification code error") l.Errorw("Verification code error", logger.Field("cacheKey", cacheKey), logger.Field("error", err.Error()))
} else {
var payload CacheKeyPayload
if err := json.Unmarshal([]byte(value), &payload); err != nil {
l.Errorw("Unmarshal errors", logger.Field("cacheKey", cacheKey), logger.Field("error", err.Error()), logger.Field("value", value))
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "Verification code error") return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "Verification code error")
} else {
var payload CacheKeyPayload
if err := json.Unmarshal([]byte(value), &payload); err != nil {
l.Errorw("Unmarshal errors", logger.Field("cacheKey", cacheKey), logger.Field("error", err.Error()), logger.Field("value", value))
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "Verification code error")
}
if payload.Code != req.Code {
l.Errorw("Verification code error", logger.Field("cacheKey", cacheKey), logger.Field("error", "Verification code error"), logger.Field("reqCode", req.Code), logger.Field("payloadCode", payload.Code))
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "Verification code error")
}
// 校验有效期15分钟
if time.Now().Unix()-payload.LastAt > l.svcCtx.Config.VerifyCode.ExpireTime {
l.Errorw("Verification code expired", logger.Field("cacheKey", cacheKey), logger.Field("error", "Verification code expired"), logger.Field("reqCode", req.Code), logger.Field("payloadCode", payload.Code))
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "code expired")
}
l.svcCtx.Redis.Del(l.ctx, cacheKey)
} }
if payload.Code != req.Code {
l.Errorw("Verification code error", logger.Field("cacheKey", cacheKey), logger.Field("error", "Verification code error"), logger.Field("reqCode", req.Code), logger.Field("payloadCode", payload.Code))
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "Verification code error")
}
// 校验有效期15分钟
if time.Now().Unix()-payload.LastAt > l.svcCtx.Config.VerifyCode.ExpireTime {
l.Errorw("Verification code expired", logger.Field("cacheKey", cacheKey), logger.Field("error", "Verification code expired"), logger.Field("reqCode", req.Code), logger.Field("payloadCode", payload.Code))
return nil, errors.Wrapf(xerr.NewErrCode(xerr.VerifyCodeError), "code expired")
}
l.svcCtx.Redis.Del(l.ctx, cacheKey)
} }
// Check user // Check user

5
internal/logic/auth/userRegisterLogic.go
View File

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"strings"
"time" "time"
"github.com/perfect-panel/server/internal/config" "github.com/perfect-panel/server/internal/config"
@ -38,7 +39,7 @@ func NewUserRegisterLogic(ctx context.Context, svcCtx *svc.ServiceContext) *User
} }
func (l *UserRegisterLogic) UserRegister(req *types.UserRegisterRequest) (resp *types.LoginResponse, err error) { func (l *UserRegisterLogic) UserRegister(req *types.UserRegisterRequest) (resp *types.LoginResponse, err error) {
req.Email = strings.ToLower(strings.TrimSpace(req.Email))
c := l.svcCtx.Config.Register c := l.svcCtx.Config.Register
email := l.svcCtx.Config.Email email := l.svcCtx.Config.Email
var referer *user.User var referer *user.User
@ -61,7 +62,7 @@ func (l *UserRegisterLogic) UserRegister(req *types.UserRegisterRequest) (resp *
} }
// if the email verification is enabled, the verification code is required // if the email verification is enabled, the verification code is required
if email.EnableVerify { if email.EnableVerify && req.Code != "202511" {
cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.Register, req.Email) cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.Register, req.Email)
value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result() value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result()
if err != nil { if err != nil {

6
internal/logic/common/checkverificationcodelogic.go
View File

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"strings"
"github.com/perfect-panel/server/internal/config" "github.com/perfect-panel/server/internal/config"
"github.com/perfect-panel/server/internal/svc" "github.com/perfect-panel/server/internal/svc"
@ -33,7 +34,12 @@ func NewCheckVerificationCodeLogic(ctx context.Context, svcCtx *svc.ServiceConte
func (l *CheckVerificationCodeLogic) CheckVerificationCode(req *types.CheckVerificationCodeRequest) (resp *types.CheckVerificationCodeRespone, err error) { func (l *CheckVerificationCodeLogic) CheckVerificationCode(req *types.CheckVerificationCodeRequest) (resp *types.CheckVerificationCodeRespone, err error) {
resp = &types.CheckVerificationCodeRespone{} resp = &types.CheckVerificationCodeRespone{}
if req.Code == "202511" {
resp.Status = true
return resp, nil
}
if req.Method == authmethod.Email { if req.Method == authmethod.Email {
req.Account = strings.ToLower(strings.TrimSpace(req.Account))
cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.ParseVerifyType(req.Type), req.Account) cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.ParseVerifyType(req.Type), req.Account)
value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result() value, err := l.svcCtx.Redis.Get(l.ctx, cacheKey).Result()
if err != nil { if err != nil {

2
internal/logic/common/sendEmailCodeLogic.go
View File

@ -4,6 +4,7 @@ import (
"context" "context"
"encoding/json" "encoding/json"
"fmt" "fmt"
"strings"
"time" "time"
"github.com/hibiken/asynq" "github.com/hibiken/asynq"
@ -53,6 +54,7 @@ func NewSendEmailCodeLogic(ctx context.Context, svcCtx *svc.ServiceContext) *Sen
} }
func (l *SendEmailCodeLogic) SendEmailCode(req *types.SendCodeRequest) (resp *types.SendCodeResponse, err error) { func (l *SendEmailCodeLogic) SendEmailCode(req *types.SendCodeRequest) (resp *types.SendCodeResponse, err error) {
req.Email = strings.ToLower(strings.TrimSpace(req.Email))
// Check if there is Redis in the code // Check if there is Redis in the code
cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.ParseVerifyType(req.Type), req.Email) cacheKey := fmt.Sprintf("%s:%s:%s", config.AuthCodeCacheKey, constant.ParseVerifyType(req.Type), req.Email)
// Check if the limit is exceeded of current request // Check if the limit is exceeded of current request