From 9d3214d1fc85575dee0101a9253a0442df0253d0 Mon Sep 17 00:00:00 2001
From: luming <lu.lm@bitsun-inc.com>
Date: Tue, 19 Oct 2021 19:47:50 +0800
Subject: [PATCH] encode password.

---
 common/verify.go    | 6 +++++-
 controller/login.go | 6 +++++-
 ssh_manage.go       | 1 +
 static/js/main.js   | 2 +-
 4 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/common/verify.go b/common/verify.go
index 5d68691..6fe2d0b 100644
--- a/common/verify.go
+++ b/common/verify.go
@@ -1,6 +1,8 @@
 package common
 
 import (
+	"crypto/md5"
+	"fmt"
 	"log"
 	"regexp"
 	"ssh_manage/database"
@@ -27,7 +29,9 @@ func Verify(v verifyImpl) (is_verify bool) {
 		log.Println("Verify Err:", err.Error())
 		return
 	}
-	if code == user.Password {
+	md5 := md5.New()
+	password := fmt.Sprintf("%x", md5.Sum([]byte(code)))
+	if password == user.Password {
 		return true
 	} else if user.Password == "" {
 		return true
diff --git a/controller/login.go b/controller/login.go
index 9856997..ee8a67e 100644
--- a/controller/login.go
+++ b/controller/login.go
@@ -1,6 +1,8 @@
 package controller
 
 import (
+	"crypto/md5"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	"ssh_manage/common"
 	"ssh_manage/database"
@@ -23,7 +25,9 @@ func Login(c *gin.Context) {
 			var userinfo model.User
 			db := database.Get()
 			defer db.Close()
-			db.DB.Where(model.User{Phone: user.Phone,Password: user.Code}).FirstOrCreate(&userinfo)
+			md5 := md5.New()
+			password := fmt.Sprintf("%x", md5.Sum([]byte(user.Code)))
+			db.DB.Where(model.User{Phone: user.Phone,Password: password}).FirstOrCreate(&userinfo)
 			newToken, err := common.ReleaseToken(userinfo.ID)
 			if err == nil && userinfo.ID > 0 {
 				resp.Code = errcode.C_nil_err
diff --git a/ssh_manage.go b/ssh_manage.go
index e28635c..c385884 100644
--- a/ssh_manage.go
+++ b/ssh_manage.go
@@ -9,6 +9,7 @@ import (
 	"ssh_manage/controller"
 	"ssh_manage/controller/middleware"
 	_ "ssh_manage/database" //初始化Mysql/Redis连接池
+
 )
 
 var run_mode = config.Config.Web.Model
diff --git a/static/js/main.js b/static/js/main.js
index ce5be8a..5ff2c4f 100644
--- a/static/js/main.js
+++ b/static/js/main.js
@@ -34,7 +34,7 @@ login = function () {
         return false;
     }
     if (isNaN(code) || code.length < 4) {
-        errshow("验证码错误，请重试！");
+        errshow("密码过短，请重新输入！");
         return false;
     }
     http_send("/login", {phone: phone, code, code}, login_callback)