Buriburizaemon/nezha_domains
1
0
Fork 0
mirror of https://github.com/Buriburizaem0n/nezha_domains.git synced 2026-02-04 04:30:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: oauth2 redirect url not consistent (#930)

Browse Source 
* fix: oauth2 redirect url not consistent

* only use one redirect uri

* feat: allow to disable password authentication

* generate translation template

* update error

* redirect

* query
This commit is contained in:
UUBulb
2024-12-31 22:29:29 +08:00
committed by GitHub
parent 953fa153cc
commit 553f8e58d4
10 changed files with 272 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/dashboard/controller/jwt.go
View File

@@ -89,6 +89,7 @@ func authenticator() func(c *gin.Context) (interface{}, error) {
var user model.User
realip := c.GetString(model.CtxKeyRealIPStr)
if err := singleton.DB.Select("id", "password").Where("username = ?", loginVals.Username).First(&user).Error; err != nil {
if err == gorm.ErrRecordNotFound {
model.BlockIP(singleton.DB, realip, model.WAFBlockReasonTypeLoginFail, model.BlockIDUnknownUser)
@@ -96,6 +97,11 @@ func authenticator() func(c *gin.Context) (interface{}, error) {
return nil, jwt.ErrFailedAuthentication
}
if user.RejectPassword {
model.BlockIP(singleton.DB, realip, model.WAFBlockReasonTypeLoginFail, int64(user.ID))
return nil, jwt.ErrFailedAuthentication
}
if err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(loginVals.Password)); err != nil {
model.BlockIP(singleton.DB, realip, model.WAFBlockReasonTypeLoginFail, int64(user.ID))
return nil, jwt.ErrFailedAuthentication