From 8071de4d723c37c3d2616fb421347246f1e16464 Mon Sep 17 00:00:00 2001 From: xmdhs Date: Sat, 25 Nov 2023 18:01:24 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=BB=95=E8=BF=87=E6=B3=A8?= =?UTF-8?q?=E5=86=8C=E9=82=AE=E7=AE=B1=E9=99=90=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- frontend/src/Route.tsx | 2 +- frontend/src/views/Forgot.tsx | 2 +- service/email/email.go | 12 ++++++------ service/user.go | 6 +++--- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/frontend/src/Route.tsx b/frontend/src/Route.tsx index 6ff6962..83a2f18 100644 --- a/frontend/src/Route.tsx +++ b/frontend/src/Route.tsx @@ -27,7 +27,7 @@ function Root() { } /> } /> } /> - } /> + } /> } /> }> diff --git a/frontend/src/views/Forgot.tsx b/frontend/src/views/Forgot.tsx index f78d79e..65ad9ec 100644 --- a/frontend/src/views/Forgot.tsx +++ b/frontend/src/views/Forgot.tsx @@ -18,7 +18,7 @@ import { useNavigate } from 'react-router-dom'; export default function Forgot() { const [err, setErr] = useState("") - useTitle("找回密码") + useTitle("重设密码") const [passerr, setPasserr] = useState("") const [pass, setPass] = useState({ pass1: "", diff --git a/service/email/email.go b/service/email/email.go index d3e5d80..b512ca0 100644 --- a/service/email/email.go +++ b/service/email/email.go @@ -113,7 +113,7 @@ func (e EmailService) SendVerifyUrl(ctx context.Context, email string, interval return fmt.Errorf("SendVerifyUrl: %w", err) } - code, err := newJwtToken(e.pri, email) + code, err := newJwtToken(e.pri, email, issuer+path) if err != nil { return fmt.Errorf("SendVerifyUrl: %w", err) } @@ -159,7 +159,7 @@ var ( ErrTokenInvalid = errors.New("token 无效") ) -func (e EmailService) VerifyJwt(email, jwtStr string) error { +func (e EmailService) VerifyJwt(email, jwtStr, path string) error { token, err := jwt.ParseWithClaims(jwtStr, &jwt.RegisteredClaims{}, func(t *jwt.Token) (interface{}, error) { return &e.pri.PublicKey, nil }) @@ -168,20 +168,20 @@ func (e EmailService) VerifyJwt(email, jwtStr string) error { } sub, _ := token.Claims.GetSubject() iss, _ := token.Claims.GetIssuer() - if !token.Valid || sub != email || iss != issuer { + if !token.Valid || sub != email || iss+path != issuer { return fmt.Errorf("VerifyJwt: %w", ErrTokenInvalid) } return nil } -const issuer = "authlib-skin email verification" +const issuer = "email" -func newJwtToken(jwtKey *rsa.PrivateKey, email string) (string, error) { +func newJwtToken(jwtKey *rsa.PrivateKey, email, iss string) (string, error) { token := jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.RegisteredClaims{ ExpiresAt: jwt.NewNumericDate(time.Now().Add(1 * 24 * time.Hour)), IssuedAt: jwt.NewNumericDate(time.Now()), Subject: email, - Issuer: issuer, + Issuer: iss, }) jwts, err := token.SignedString(jwtKey) if err != nil { diff --git a/service/user.go b/service/user.go index 247439e..ab943f7 100644 --- a/service/user.go +++ b/service/user.go @@ -60,7 +60,7 @@ func (w *UserService) Reg(ctx context.Context, u model.UserReg, ipPrefix, ip str } if w.config.Email.Enable { - err := w.emailService.VerifyJwt(u.Email, u.EmailJwt) + err := w.emailService.VerifyJwt(u.Email, u.EmailJwt, "/register") if err != nil { return model.LoginRep{}, fmt.Errorf("Reg: %w", err) } @@ -263,7 +263,7 @@ func (w *UserService) SendChangePasswordEmail(ctx context.Context, email, Captch if c == 0 { return fmt.Errorf("SendChangePasswordEmail: %w", ErrUsername) } - err = w.emailService.SendVerifyUrl(ctx, email, 60, host, "找回密码邮箱验证", "点击下方链接更改你的密码,1 天内有效", "/forgot") + err = w.emailService.SendVerifyUrl(ctx, email, 60, host, "重设密码", "点击下方链接更改你的密码,1 天内有效", "/forgot") if err != nil { return fmt.Errorf("SendChangePasswordEmail: %w", err) } @@ -271,7 +271,7 @@ func (w *UserService) SendChangePasswordEmail(ctx context.Context, email, Captch } func (w *UserService) ForgotPassword(ctx context.Context, email, passWord, emailJwt string) error { - err := w.emailService.VerifyJwt(email, emailJwt) + err := w.emailService.VerifyJwt(email, emailJwt, "/forgot") if err != nil { return fmt.Errorf("ForgotPassword: %w", err) }