POP3密码验证完成

5 months ago · 0deeb2c534
parent 78b932ec40
commit 0deeb2c534
5 changed files with 50 additions and 22 deletions
--- a/reset_db.sh
+++ b/reset_db.sh
@ -1,11 +1,11 @@
 #!/bin/bash
-echo "🔄 重置数据库..."
+echo "重置数据库..."
 docker-compose down -v
-echo "🚀 启动数据库（SQL会自动执行）..."
+echo "启动数据库（SQL会自动执行）..."
 docker-compose up -d
-echo "⏳ 等待数据库初始化（10秒）..."
+echo "等待数据库初始化（10秒）..."
 sleep 10
-echo "✅ 验证数据..."
+echo "验证数据..."
 docker-compose exec mysql mysql -umail_user -puser123 mail_server -e "SELECT id, username, is_admin FROM users; SELECT COUNT(*) as email_count FROM emails;"
-echo "✅ 完成！"
+echo "完成！"

--- a/scripts/create_tables.sql
+++ b/scripts/create_tables.sql
@ -51,8 +51,8 @@ CREATE TABLE server_logs (
 -- 插入测试用户
 -- 密码都是：123456
 INSERT INTO users (username, password_hash, is_admin, is_active) VALUES
-('admin@test.com', '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', 1, 1),
-('user1@test.com', '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', 0, 1);
+('admin@test.com', '$2y$10$jB21V61k9aLAyp5.5qBpV.L70Aq6.XrtJrvlNI28bOXeJboLBJwoq', 1, 1),
+('user1@test.com', '$2y$10$jB21V61k9aLAyp5.5qBpV.L70Aq6.XrtJrvlNI28bOXeJboLBJwoq', 0, 1);

 -- 插入测试邮件
 INSERT INTO emails (sender, recipient, subject, body) VALUES
--- a/src/protocol/Pop3Server.php
+++ b/src/protocol/Pop3Server.php
@ -14,7 +14,7 @@ class SimplePop3Server
    
    public function __construct($host = '0.0.0.0', $port = 110)
    {
-        echo "📬 POP3服务器启动在 {$host}:{$port}\n";
+        echo "POP3服务器启动在 {$host}:{$port}\n";
        echo "按 Ctrl+C 停止\n\n";
        
        $this->connectDB();
@ -29,9 +29,9 @@ class SimplePop3Server
                'user123'
            );
            $this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
-            echo "✅ 数据库连接成功\n";
+            echo "数据库连接成功\n";
        } catch (PDOException $e) {
-            echo "❌ 数据库连接失败: " . $e->getMessage() . "\n";
+            echo "数据库连接失败: " . $e->getMessage() . "\n";
            exit(1);
        }
    }
@ -67,13 +67,14 @@ class SimplePop3Server
                break;
            }
            
-            $command = strtoupper(trim($input));
-            echo "客户端: {$input}\n";
+            $input_trimmed = trim($input);
+            $command = strtoupper($input_trimmed);
+            echo "客户端: {$input_trimmed}\n";
            
            if ($state === 'AUTH') {
                // 认证阶段
                if (strpos($command, 'USER ') === 0) {
-                    $username = substr($command, 5);
+                    $username = trim(substr($input_trimmed, 5)); // 使用原始输入，保持大小写
                    if ($this->userExists($username)) {
                        $this->currentUser = $username;
                        $this->send($client, "+OK User found");
@ -82,10 +83,19 @@ class SimplePop3Server
                    }
                } elseif (strpos($command, 'PASS ') === 0) {
                    if ($this->currentUser) {
-                        // 简化：这里不验证密码，直接登录成功
-                        $this->loadUserEmails();
-                        $this->send($client, "+OK Logged in, {$this->userEmails['count']} messages");
-                        $state = 'TRANSACTION';
+                        // 提取密码
+                        $password = substr($input, 5); // 保留原始大小写
+                        $password = trim($password);
+                        
+                        // 验证密码
+                        if ($this->verifyPassword($this->currentUser, $password)) {
+                            $this->loadUserEmails();
+                            $this->send($client, "+OK Logged in, {$this->userEmails['count']} messages");
+                            $state = 'TRANSACTION';
+                        } else {
+                            $this->send($client, "-ERR Invalid password");
+                            $this->currentUser = null; // 重置用户状态
+                        }
                    } else {
                        $this->send($client, "-ERR USER first");
                    }
@ -137,11 +147,29 @@ class SimplePop3Server
    
    private function userExists($username)
    {
-        $stmt = $this->db->prepare("SELECT id FROM users WHERE username = ?");
+        $stmt = $this->db->prepare("SELECT id FROM users WHERE username = ? AND is_active = 1");
        $stmt->execute([$username]);
        return $stmt->rowCount() > 0;
    }
    
+    private function verifyPassword($username, $password)
+    {
+        try {
+            $stmt = $this->db->prepare("SELECT password_hash FROM users WHERE username = ? AND is_active = 1");
+            $stmt->execute([$username]);
+            $user = $stmt->fetch(PDO::FETCH_ASSOC);
+            
+            if ($user && isset($user['password_hash'])) {
+                return password_verify($password, $user['password_hash']);
+            }
+            
+            return false;
+        } catch (Exception $e) {
+            echo "密码验证错误: " . $e->getMessage() . "\n";
+            return false;
+        }
+    }
+    
    private function loadUserEmails()
    {
        $stmt = $this->db->prepare(
--- a/src/protocol/SmtpServer.php
+++ b/src/protocol/SmtpServer.php
@ -228,12 +228,12 @@ class SimpleSmtpServer
            
            $stmt->execute();
            
-            echo "📝 邮件保存成功：{$from} -> {$to}\n";
+            echo "邮件保存成功：{$from} -> {$to}\n";
            echo "   主题: {$subject}\n";
            echo "   长度: " . strlen($body) . " 字节\n";
            
        } catch (Exception $e) {
-            echo "❌ 保存邮件失败: " . $e->getMessage() . "\n";
+            echo "保存邮件失败: " . $e->getMessage() . "\n";
            error_log("邮件保存错误: " . $e->getMessage() . "\n" . $e->getTraceAsString());
        }
    }
--- a/test_smtp.sh
+++ b/test_smtp.sh
@ -1,5 +1,5 @@
 #!/bin/bash
-echo "📧 测试SMTP服务器..."
+echo "测试SMTP服务器..."

 # 启动服务器（后台运行）
 sudo php scripts/start_smtp.php &
@ -27,4 +27,4 @@ sleep 2


 kill $SERVER_PID 2>/dev/null
-echo "✅ 测试完成"
+echo "测试完成"