[Update] 修改service

1184db28 · ibuler · b9a7b49b · 1184db28 · 1184db28 · 1184db28
Commit 1184db28 authored May 09, 2019 by ibuler
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 17 deletions

Gopkg.lock Gopkg.lock +3 -2

server.go pkg/auth/server.go +2 -10

urls.go pkg/service/urls.go +2 -1

users.go pkg/service/users.go +4 -4

No files found.
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -154,7 +154,7 @@

 [[projects]]
  branch = "master"
-  digest = "1:d275874accb1537f7bd7ac28985aeb1ddc32b22884e5f57b68c32591437f822b"
+  digest = "1:940277eb8ecf4938e0760fecd917bdc24d45d78c22b32b83267682c3409075d2"
  name = "golang.org/x/crypto"
  packages = [
    "curve25519",
@@ -167,7 +167,7 @@
    "ssh/terminal",
  ]
  pruneopts = "UT"
-  revision = "ef0d1a6f5b87067803518089d4cbc349777a56bd"
+  revision = "a7099eef26a7fdc97f3ac5f5b2b61f9f136dd16f"
  source = "github.com/ibuler/crypto"

 [[projects]]
@@ -200,6 +200,7 @@
    "github.com/kr/pty",
    "github.com/leonelquinteros/gotext",
    "github.com/olekukonko/tablewriter",
+    "github.com/pkg/errors",
    "github.com/pkg/sftp",
    "github.com/satori/go.uuid",
    "github.com/sirupsen/logrus",

--- a/pkg/auth/server.go
+++ b/pkg/auth/server.go
@@ -56,7 +56,7 @@ func CheckMFA(ctx ssh.Context, challenger gossh.KeyboardInteractiveChallenge) ss
 	if err != nil {
 		return ssh.AuthFailed
 	}
-	if len(answers) != 0 {
+	if len(answers) != 1 {
 		return ssh.AuthFailed
 	}
 	mfaCode := answers[0]
@@ -77,13 +77,5 @@ func CheckMFA(ctx ssh.Context, challenger gossh.KeyboardInteractiveChallenge) ss
 }

 func CheckUserNeedMFA(ctx ssh.Context) (methods []string) {
-	username := ctx.User()
-	user, err := service.GetUserByUsername(username)
-	if err != nil {
-		return
-	}
-	if user.OTPLevel > 0 {
-		return []string{"keyboard-interactive"}
-	}
-	return
+	return []string{"keyboard-interactive"}
 }
--- a/pkg/service/urls.go
+++ b/pkg/service/urls.go
@@ -3,7 +3,8 @@ package service
 const (
 	UserAuthURL    = "/api/users/v1/auth/"     // post 验证用户登陆
 	UserProfileURL = "/api/users/v1/profile/"  // 获取当前用户的基本信息
-	UserUserURL    = "/api/users/v1/users/%s/" // 获取用户信息
+	UserListUrl    = "/api/users/v1/users/"    // 用户列表地址
+	UserDetailURL  = "/api/users/v1/users/%s/" // 获取用户信息
 	UserAuthOTPURL = "/api/users/v1/otp/auth/" // 验证OTP

 	SystemUserAssetAuthURL   = "/api/assets/v1/system-user/%s/asset/%s/auth-info/" // 该系统用户对某资产的授权

--- a/pkg/service/users.go
+++ b/pkg/service/users.go
@@ -31,7 +31,7 @@ func Authenticate(username, password, publicKey, remoteAddr, loginType string) (
 }

 func GetUserProfile(userId string) (user *model.User) {
-	Url := fmt.Sprintf(UserUserURL, userId)
+	Url := fmt.Sprintf(UserDetailURL, userId)
 	err := authClient.Get(Url, user)
 	if err != nil {
 		logger.Error(err)
@@ -41,13 +41,13 @@ func GetUserProfile(userId string) (user *model.User) {

 func GetProfile() (user *model.User, err error) {
 	err = authClient.Get(UserProfileURL, &user)
-	return
+	return user, err
 }

 func GetUserByUsername(username string) (user *model.User, err error) {
 	var users []*model.User
 	payload := map[string]string{"username": username}
-	err = authClient.Get(UserUserURL, &users, payload)
+	err = authClient.Get(UserListUrl, &users, payload)
 	if err != nil {
 		return
 	}
@@ -64,7 +64,7 @@ func CheckUserOTP(seed, code string) (resp *AuthResp, err error) {
 		"seed":     seed,
 		"otp_code": code,
 	}
-	err = client.Post(UserAuthOTPURL, data, resp)
+	err = client.Post(UserAuthOTPURL, data, &resp)
 	if err != nil {
 		return
 	}