Merge branch 'develop'

jamiesun · jamiesun · commit 41affac47594 · 2024-05-17T13:55:55.000+08:00
diff --git a/assets/buildinfo.txt b/assets/buildinfo.txt
@@ -1,8 +1,8 @@
-BuildVersion=latest v1.0.1 2024-03-08 22:18:44
+BuildVersion=latest v1.0.1 2024-05-17 13:55:23
 ReleaseVersion=v1.0.1
-BuildTime=2024-03-08 22:18:44
+BuildTime=2024-05-17 13:55:23
 BuildName=teamsacs
-CommitID=91e6fe7f72395b71c27ca63fc139cd279036c65e
-CommitDate=Sat, 24 Jun 2023 10:52:35 +0800
+CommitID=b88275d9e89e5495f6df8a71dc55156812804588
+CommitDate=Fri, 8 Mar 2024 22:19:02 +0800
 CommitUser=jamiesun.net@gmail.com
-CommitSubject= :
+CommitSubject= : release publish
diff --git a/controllers/index/index.go b/controllers/index/index.go
@@ -2,6 +2,7 @@ package index
 
 import (
 	"encoding/json"
+	"fmt"
 	"net/http"
 	"strings"
 	"time"
@@ -16,14 +17,24 @@ import (
 	"github.com/labstack/echo/v4"
 )
 
+const (
+	LoginPasswdErr = "wrong password"
+	LoginUserErr   = "user does not exist"
+	LoginDbErr     = "database connection failed"
+	LoginInputErr  = "username and password cannot be empty"
+	LoginExpired   = "User not logged in or login expired"
+)
+
+var LoginErrors = []string{LoginPasswdErr, LoginUserErr, LoginDbErr, LoginInputErr, LoginExpired}
+
 func InitRouter() {
 
 	// 系统首页
 	webserver.GET("/", func(c echo.Context) error {
 		sess, _ := session.Get(webserver.UserSession, c)
 		username := sess.Values[webserver.UserSessionName]
 		if username == nil || username == "" {
-			return c.Redirect(http.StatusTemporaryRedirect, "/login?errmsg=User not logged in or login expired")
+			return c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("/login?errmsg=%s", LoginExpired))
 		}
 		return c.Render(http.StatusOK, "index", map[string]interface{}{})
 	})
@@ -73,6 +84,10 @@ func InitRouter() {
 	// 登录页面
 	webserver.GET("/login", func(c echo.Context) error {
 		errmsg := c.QueryParam("errmsg")
+		// errmsg must in LoginErrors
+		if !common.InSlice(errmsg, LoginErrors) {
+			errmsg = ""
+		}
 		return c.Render(http.StatusOK, "login", map[string]interface{}{
 			"errmsg":    errmsg,
 			"LoginLogo": "/static/images/login-logo.png",
@@ -102,19 +117,19 @@ func InitRouter() {
 		username := c.FormValue("username")
 		password := c.FormValue("password")
 		if username == "" || password == "" {
-			return c.Redirect(http.StatusMovedPermanently, "/login?errmsg=Username and password cannot be empty")
+			return c.Redirect(http.StatusMovedPermanently, fmt.Sprintf("/login?errmsg=%s", LoginInputErr))
 		}
 		var user models.SysOpr
 		err := app.GDB().Where("username=?", username).First(&user).Error
 		if err != nil {
 			if strings.Contains(err.Error(), "dial error") {
-				return c.Redirect(http.StatusMovedPermanently, "/login?errmsg=Database connection failed")
+				return c.Redirect(http.StatusMovedPermanently, fmt.Sprintf("/login?errmsg=%s", LoginDbErr))
 			}
-			return c.Redirect(http.StatusMovedPermanently, "/login?errmsg=User does not exist")
+			return c.Redirect(http.StatusMovedPermanently, fmt.Sprintf("/login?errmsg=%s", LoginUserErr))
 		}
 
 		if common.Sha256HashWithSalt(password, common.SecretSalt) != user.Password {
-			return c.Redirect(http.StatusMovedPermanently, "/login?errmsg=wrong password")
+			return c.Redirect(http.StatusMovedPermanently, fmt.Sprintf("/login?errmsg=%s", LoginPasswdErr))
 		}
 
 		sess, _ := session.Get(webserver.UserSession, c)
