1 gadu atpakaļ · f937d0ee1f
--- a/go.mod
+++ b/go.mod
@@ -12,11 +12,11 @@ require (
 
				 	github.com/beego/bee/v2 v2.0.4
			
 
				 	github.com/beego/beego/v2 v2.0.7
			
 
				 	github.com/dgrijalva/jwt-go v3.2.0+incompatible
			
 
				+	github.com/go-ldap/ldap v3.0.3+incompatible
			
 
				 	github.com/go-sql-driver/mysql v1.7.0
			
 
				 	github.com/go-xorm/xorm v0.7.9
			
 
				 	github.com/gonum/stat v0.0.0-20181125101827-41a0da705a5b
			
 
				 	github.com/gorilla/websocket v1.4.2
			
 
				-	github.com/jtblin/go-ldap-client v0.0.0-20170223121919-b73f66626b33
			
 
				 	github.com/kgiannakakis/mp3duration v0.0.0-20191013070830-d834f8d5ed53
			
 
				 	github.com/minio/minio-go/v7 v7.0.63
			
 
				 	github.com/mojocn/base64Captcha v1.3.5
			
@@ -103,7 +103,6 @@ require (
 
				 	gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
			
 
				 	gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
			
 
				 	gopkg.in/ini.v1 v1.67.0 // indirect
			
 
				-	gopkg.in/ldap.v2 v2.5.1 // indirect
			
 
				 	gopkg.in/yaml.v2 v2.4.0 // indirect
			
 
				 	gopkg.in/yaml.v3 v3.0.1 // indirect
			
 
				 	xorm.io/builder v0.3.6 // indirect
			
--- a/go.sum
+++ b/go.sum
@@ -159,6 +159,8 @@ github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2
 
				 github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
			
 
				 github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
			
 
				 github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0=
			
 
				+github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
			
 
				+github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
			
 
				 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
			
 
				 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
			
 
				 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
			
@@ -293,8 +295,6 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
 
				 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
			
 
				 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
			
 
				 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
			
 
				-github.com/jtblin/go-ldap-client v0.0.0-20170223121919-b73f66626b33 h1:XDpFOMOZq0u0Ar4F0p/wklqQXp/AMV1pTF5T5bDoUfQ=
			
 
				-github.com/jtblin/go-ldap-client v0.0.0-20170223121919-b73f66626b33/go.mod h1:+0BcLY5d54TVv6irFzHoiFvwAHR6T0g9B+by/UaS9T0=
			
 
				 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
			
 
				 github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
			
 
				 github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM=
			
@@ -854,8 +854,6 @@ gopkg.in/ini.v1 v1.56.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 
				 gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
			
 
				 gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
			
 
				 gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
			
 
				-gopkg.in/ldap.v2 v2.5.1 h1:wiu0okdNfjlBzg6UWvd1Hn8Y+Ux17/u/4nlk4CQr6tU=
			
 
				-gopkg.in/ldap.v2 v2.5.1/go.mod h1:oI0cpe/D7HRtBQl8aTg+ZmzFUAvu4lsv3eLXMLGFxWk=
			
 
				 gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA=
			
 
				 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
			
 
				 gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
			
--- a/models/business_conf.go
+++ b/models/business_conf.go
@@ -40,6 +40,8 @@ const (
 
				 	BusinessConfLoginSmsTplContent        = "LoginSmsTplContent"
			
 
				 	BusinessConfLoginEmailTemplateSubject = "LoginEmailTemplateSubject"
			
 
				 	BusinessConfLoginEmailTemplateContent = "LoginEmailTemplateContent"
			
 
				+	BusinessConfLdapBindUserSuffix        = "LdapBindUserSuffix"
			
 
				+	BusinessConfLdapUserFilter            = "LdapUserFilter"
			
 
				 )
			
 
				 
			
 
				 const (
			
--- a/services/email.go
+++ b/services/email.go
@@ -1,6 +1,7 @@
 
				 package services
			
 
				 
			
 
				 import (
			
 
				+	"crypto/tls"
			
 
				 	"eta/eta_mobile/models"
			
 
				 	"fmt"
			
 
				 	"gopkg.in/gomail.v2"
			
@@ -55,6 +56,9 @@ func SendEmail(req SendEmailReq) (success bool, err error) {
 
				 	m.SetHeader("Subject", req.Title)
			
 
				 	m.SetBody("text/html", req.Content)
			
 
				 	d := gomail.NewDialer(confMap[models.BusinessConfEmailServerHost], port, confMap[models.BusinessConfEmailSenderUserName], confMap[models.BusinessConfEmailSenderPassword])
			
 
				+	// 解决x509报错的问题。证书不通过。跳过证书验证
			
 
				+	config := &tls.Config{ServerName: confMap[models.BusinessConfEmailServerHost], InsecureSkipVerify: true}
			
 
				+	d.TLSConfig = config
			
 
				 	if e = d.DialAndSend(m); e != nil {
			
 
				 		err = fmt.Errorf("邮件发送失败, Err: %s", e.Error())
			
 
				 		return
			
--- a/services/user_login.go
+++ b/services/user_login.go
@@ -7,7 +7,7 @@ import (
 
				 	"eta/eta_mobile/models/system"
			
 
				 	"eta/eta_mobile/utils"
			
 
				 	"fmt"
			
 
				-	"github.com/jtblin/go-ldap-client"
			
 
				+	"github.com/go-ldap/ldap"
			
 
				 	"strconv"
			
 
				 	"strings"
			
 
				 	"time"
			
@@ -198,24 +198,44 @@ func LdapUserCheck(userName, password string) (pass bool, err error) {
 
				 		return
			
 
				 	}
			
 
				 
			
 
				-	client := &ldap.LDAPClient{
			
 
				-		Base: confMap[models.BusinessConfLdapBase],
			
 
				-		Host: confMap[models.BusinessConfLdapHost],
			
 
				-		Port: ldapPort,
			
 
				-		//UseSSL:       false,
			
 
				-		//BindDN:       "uid=readonlysuer,ou=People,dc=example,dc=com",
			
 
				-		//BindPassword: "readonlypassword",
			
 
				-		//UserFilter:   "(uid=%s)",
			
 
				-		//GroupFilter:  "(memberUid=%s)",
			
 
				-		//Attributes:   []string{"givenName", "sn", "mail", "uid"},
			
 
				+	// 连接ldap
			
 
				+	addr := fmt.Sprintf("%s:%d", confMap[models.BusinessConfLdapHost], ldapPort)
			
 
				+	conn, e := ldap.Dial("tcp", addr)
			
 
				+	if e != nil {
			
 
				+		err = fmt.Errorf("ldap Dial err: %s", e.Error())
			
 
				+		return
			
 
				+	}
			
 
				+	defer conn.Close()
			
 
				+
			
 
				+	// 绑定用户
			
 
				+	bindUserName := fmt.Sprintf("%s%s", userName, confMap[models.BusinessConfLdapBindUserSuffix])
			
 
				+	if e = conn.Bind(bindUserName, password); e != nil {
			
 
				+		err = fmt.Errorf("ldap Bind err: %s", e.Error())
			
 
				+		return
			
 
				 	}
			
 
				-	defer client.Close()
			
 
				 
			
 
				-	ok, _, e := client.Authenticate(userName, password)
			
 
				+	// 鉴权操作
			
 
				+	searchRequest := ldap.NewSearchRequest(
			
 
				+		confMap[models.BusinessConfLdapBase],
			
 
				+		ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
			
 
				+		fmt.Sprintf(confMap[models.BusinessConfLdapUserFilter], userName),
			
 
				+		[]string{"dn"},
			
 
				+		nil,
			
 
				+	)
			
 
				+	//b, _ := json.Marshal(searchRequest)
			
 
				+	//fmt.Println("searchRequest: ", string(b))
			
 
				+
			
 
				+	sr, e := conn.Search(searchRequest)
			
 
				 	if e != nil {
			
 
				-		err = fmt.Errorf("AD域校验账号密码失败, Err: %s", e.Error())
			
 
				+		err = fmt.Errorf("ldap Search err: %s", e.Error())
			
 
				+		return
			
 
				+	}
			
 
				+
			
 
				+	// 验证结果
			
 
				+	if len(sr.Entries) != 1 {
			
 
				+		utils.FileLog.Info("ldap check fail: user does not exist or too many entries returned")
			
 
				 		return
			
 
				 	}
			
 
				-	pass = ok
			
 
				+	pass = true
			
 
				 	return
			
 
				 }