[update] update auth code

643df6d2 · Eric · 0e98e8f5 · 643df6d2 · 643df6d2 · 643df6d2
Commit 643df6d2 authored Nov 08, 2019 by Eric
Hide whitespace changes
Inline Side-by-side

Showing with 46 additions and 47 deletions

client.go pkg/common/client.go +10 -7

session.go pkg/handler/session.go +1 -1

urls.go pkg/service/urls.go +1 -1

users.go pkg/service/users.go +34 -38

No files found.
--- a/pkg/common/client.go
+++ b/pkg/common/client.go
@@ -165,7 +165,7 @@ func (c *Client) Do(method, url string, data, res interface{}, params ...map[str
 	}
 	defer resp.Body.Close()
 	body, err := ioutil.ReadAll(resp.Body)
-	if resp.StatusCode >= 500 {
+	if resp.StatusCode >= 400 {
 		msg := fmt.Sprintf("%s %s failed, get code: %d, %s", req.Method, req.URL, resp.StatusCode, body)
 		err = errors.New(msg)
 		return
@@ -177,12 +177,15 @@ func (c *Client) Do(method, url string, data, res interface{}, params ...map[str
 		return
 	}
 	// Unmarshal response body to result struct
-	if res != nil && strings.Contains(resp.Header.Get("Content-Type"), "application/json") {
-		err = json.Unmarshal(body, res)
-		if err != nil {
-			msg := fmt.Sprintf("%s %s failed, unmarshal '%s' response failed: %s", req.Method, req.URL, body[:12], err)
-			err = errors.New(msg)
-			return
+	if res != nil {
+		switch {
+		case strings.Contains(resp.Header.Get("Content-Type"), "application/json"):
+			err = json.Unmarshal(body, res)
+			if err != nil {
+				msg := fmt.Sprintf("%s %s failed, unmarshal '%s' response failed: %s", req.Method, req.URL, body[:12], err)
+				err = errors.New(msg)
+				return
+			}
 		}
 	}
 	return

--- a/pkg/handler/session.go
+++ b/pkg/handler/session.go
@@ -21,7 +21,7 @@ import (

 func SessionHandler(sess ssh.Session) {
 	user, ok := sess.Context().Value(model.ContextKeyUser).(*model.User)
-	if !ok && user == nil {
+	if !ok || user.ID == "" {
 		logger.Errorf("SSH User %s not found, exit.", sess.User())
 		return
 	}

--- a/pkg/service/urls.go
+++ b/pkg/service/urls.go
@@ -42,5 +42,5 @@ const (
 // 1.5.5
 const (
 	UserTokenAuthURL = "/api/v1/authentication/tokens/" // 用户登录验证
-	UserConfirmAuthURL = "/api/v1/authentication/order/auth/"
+	UserConfirmAuthURL = "/api/v1/authentication/login-confirm-ticket/status/"
 )
--- a/pkg/service/users.go
+++ b/pkg/service/users.go
@@ -70,24 +70,15 @@ func (u *SessionClient) Authenticate(ctx context.Context) (user model.User, auth
 		logger.Errorf("User %s Authenticate err: %s", u.option.Username, err)
 		return
 	}
-	fmt.Printf("%v\n", resp)
 	if resp.Err != "" {
 		switch resp.Err {
-		case ErrLoginConfirmRequired:
+		case ErrLoginConfirmWait:
 			if !u.checkConfirm(ctx) {
 				logger.Errorf("User %s login confirm required err", u.option.Username)
 				return
 			}
-
 			logger.Infof("User %s login confirm required success", u.option.Username)
-			authStatus = AuthSuccess
-		case ErrLoginConfirmWait:
-			if !u.checkConfirm(ctx) {
-				logger.Errorf("User %s login confirm Wait check err", u.option.Username)
-				return
-			}
-			logger.Infof("User %s login confirm wait check success", u.option.Username)
-			authStatus = AuthSuccess
+			return u.Authenticate(ctx)
 		case ErrMFARequired:
 			for _, item := range resp.Data.Choices {
 				u.authOptions[item] = AuthOptions{
@@ -97,6 +88,8 @@ func (u *SessionClient) Authenticate(ctx context.Context) (user model.User, auth
 			}
 			logger.Infof("User %s login need MFA", u.option.Username)
 			authStatus = AuthMFARequired
+		default:
+			logger.Errorf("User %s login err: %s", u.option.Username, resp.Err)
 		}
 		return
 	}
@@ -138,36 +131,39 @@ func (u *SessionClient) CheckUserOTP(ctx context.Context, code string) (user mod

 func (u *SessionClient) checkConfirm(ctx context.Context) (ok bool) {
 	var err error
-	for {
-		select {
-		case <-ctx.Done():
-			logger.Errorf("User %s cancel confirm request", u.option.Username)
-			return ok
-		case <-time.After(5 * time.Second):
-			var resp authResponse
-			_, err = u.client.Get(UserConfirmAuthURL, &resp)
-			if err != nil {
-				logger.Errorf("User %s check confirm err: %s", u.option.Username, err)
-				return
-			}
-			if resp.Err != "" {
-				switch resp.Err {
-				case ErrLoginConfirmWait:
-					logger.Infof("User %s still wait confirm", u.option.Username)
-					continue
-				case ErrLoginConfirmRejected:
-				default:
-				}
-				logger.Infof("User %s confirm rejected %s", u.option.Username, resp.Err)
-				return
-			}
-			if resp.Msg == "ok" {
-				logger.Infof("User %s confirm accepted", u.option.Username)
-				return true
+	select {
+	case <-ctx.Done():
+		_, err = u.client.Delete(UserConfirmAuthURL, nil)
+		if err != nil {
+			logger.Errorf("User %s cancel confirmation err: %s", u.option.Username, err)
+			return
+		}
+		logger.Infof("User %s cancel confirm request", u.option.Username)
+	case <-time.After(5 * time.Second):
+		var resp authResponse
+		_, err = u.client.Get(UserConfirmAuthURL, &resp)
+		if err != nil {
+			logger.Errorf("User %s check confirm err: %s", u.option.Username, err)
+			return
+		}
+		if resp.Err != "" {
+			switch resp.Err {
+			case ErrLoginConfirmWait:
+				logger.Infof("User %s still wait confirm", u.option.Username)
+				return u.checkConfirm(ctx)
+			case ErrLoginConfirmRejected:
+				logger.Infof("User %s confirmation was rejected by admin", u.option.Username)
+			default:
+				logger.Infof("User %s confirmation was rejected by err: %s", u.option.Username, resp.Err)
 			}
-
+			return
+		}
+		if resp.Msg == "ok" {
+			logger.Infof("User %s confirmation was accepted", u.option.Username)
+			return true
 		}
 	}
+	return
 }

 func GetUserDetail(userID string) (user *model.User) {