diff options
| author | Giteabot <teabot@gitea.io> | 2024-05-21 00:58:21 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-21 00:58:21 +0800 |
| commit | 55cb356b843474ffec4e9adea5b9803a4c33a09e (patch) | |
| tree | 16f5b0e665a15bc2b4bac1e2831816ce477a4a6a /models | |
| parent | 8a259e54c56774ca656eedede128362638874a22 (diff) | |
| download | gitea-55cb356b843474ffec4e9adea5b9803a4c33a09e.tar.gz gitea-55cb356b843474ffec4e9adea5b9803a4c33a09e.zip | |
Refactor sha1 and time-limited code (#31023) (#31030)
Backport #31023 by wxiaoguang
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'models')
| -rw-r--r-- | models/user/email_address.go | 5 | ||||
| -rw-r--r-- | models/user/user.go | 7 |
2 files changed, 4 insertions, 8 deletions
diff --git a/models/user/email_address.go b/models/user/email_address.go index 08771efe99..71b96c00be 100644 --- a/models/user/email_address.go +++ b/models/user/email_address.go @@ -10,6 +10,7 @@ import ( "net/mail" "regexp" "strings" + "time" "code.gitea.io/gitea/models/db" "code.gitea.io/gitea/modules/base" @@ -353,14 +354,12 @@ func ChangeInactivePrimaryEmail(ctx context.Context, uid int64, oldEmailAddr, ne // VerifyActiveEmailCode verifies active email code when active account func VerifyActiveEmailCode(ctx context.Context, code, email string) *EmailAddress { - minutes := setting.Service.ActiveCodeLives - if user := GetVerifyUser(ctx, code); user != nil { // time limit code prefix := code[:base.TimeLimitCodeLength] data := fmt.Sprintf("%d%s%s%s%s", user.ID, email, user.LowerName, user.Passwd, user.Rands) - if base.VerifyTimeLimitCode(data, minutes, prefix) { + if base.VerifyTimeLimitCode(time.Now(), data, setting.Service.ActiveCodeLives, prefix) { emailAddress := &EmailAddress{UID: user.ID, Email: email} if has, _ := db.GetEngine(ctx).Get(emailAddress); has { return emailAddress diff --git a/models/user/user.go b/models/user/user.go index a5a5b5bdf6..6848d1be95 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -304,7 +304,7 @@ func (u *User) OrganisationLink() string { func (u *User) GenerateEmailActivateCode(email string) string { code := base.CreateTimeLimitCode( fmt.Sprintf("%d%s%s%s%s", u.ID, email, u.LowerName, u.Passwd, u.Rands), - setting.Service.ActiveCodeLives, nil) + setting.Service.ActiveCodeLives, time.Now(), nil) // Add tail hex username code += hex.EncodeToString([]byte(u.LowerName)) @@ -791,14 +791,11 @@ func GetVerifyUser(ctx context.Context, code string) (user *User) { // VerifyUserActiveCode verifies active code when active account func VerifyUserActiveCode(ctx context.Context, code string) (user *User) { - minutes := setting.Service.ActiveCodeLives - if user = GetVerifyUser(ctx, code); user != nil { // time limit code prefix := code[:base.TimeLimitCodeLength] data := fmt.Sprintf("%d%s%s%s%s", user.ID, user.Email, user.LowerName, user.Passwd, user.Rands) - - if base.VerifyTimeLimitCode(data, minutes, prefix) { + if base.VerifyTimeLimitCode(time.Now(), data, setting.Service.ActiveCodeLives, prefix) { return user } } |