2022-09-08 10:47:15 +00:00
|
|
|
package service
|
|
|
|
|
|
|
|
import (
|
|
|
|
"strconv"
|
|
|
|
|
2022-10-17 08:32:31 +00:00
|
|
|
"github.com/1Panel-dev/1Panel/backend/app/dto"
|
|
|
|
"github.com/1Panel-dev/1Panel/backend/constant"
|
|
|
|
"github.com/1Panel-dev/1Panel/backend/global"
|
|
|
|
"github.com/1Panel-dev/1Panel/backend/utils/encrypt"
|
|
|
|
"github.com/1Panel-dev/1Panel/backend/utils/jwt"
|
2023-03-10 08:47:30 +00:00
|
|
|
"github.com/1Panel-dev/1Panel/backend/utils/mfa"
|
2022-09-08 10:47:15 +00:00
|
|
|
"github.com/gin-gonic/gin"
|
2023-03-11 11:55:37 +00:00
|
|
|
"github.com/google/uuid"
|
2022-09-08 10:47:15 +00:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
)
|
|
|
|
|
|
|
|
type AuthService struct{}
|
|
|
|
|
|
|
|
type IAuthService interface {
|
2023-06-01 02:14:11 +00:00
|
|
|
CheckIsSafety(code string) (string, error)
|
2022-09-15 09:15:03 +00:00
|
|
|
VerifyCode(code string) (bool, error)
|
2022-09-08 10:47:15 +00:00
|
|
|
Login(c *gin.Context, info dto.Login) (*dto.UserLoginInfo, error)
|
|
|
|
LogOut(c *gin.Context) error
|
2023-03-28 10:00:06 +00:00
|
|
|
MFALogin(c *gin.Context, info dto.MFALogin) (*dto.UserLoginInfo, error)
|
2022-09-08 10:47:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func NewIAuthService() IAuthService {
|
|
|
|
return &AuthService{}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (u *AuthService) Login(c *gin.Context, info dto.Login) (*dto.UserLoginInfo, error) {
|
|
|
|
nameSetting, err := settingRepo.Get(settingRepo.WithByKey("UserName"))
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.WithMessage(constant.ErrRecordNotFound, err.Error())
|
|
|
|
}
|
2023-05-30 07:30:57 +00:00
|
|
|
passwordSetting, err := settingRepo.Get(settingRepo.WithByKey("Password"))
|
2022-09-08 10:47:15 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, errors.WithMessage(constant.ErrRecordNotFound, err.Error())
|
|
|
|
}
|
2023-05-30 07:30:57 +00:00
|
|
|
pass, err := encrypt.StringDecrypt(passwordSetting.Value)
|
2022-09-08 10:47:15 +00:00
|
|
|
if err != nil {
|
2022-12-02 10:52:43 +00:00
|
|
|
return nil, constant.ErrAuth
|
2022-09-08 10:47:15 +00:00
|
|
|
}
|
2023-03-01 06:05:55 +00:00
|
|
|
if info.Password != pass || nameSetting.Value != info.Name {
|
2022-12-02 10:52:43 +00:00
|
|
|
return nil, constant.ErrAuth
|
2022-09-08 10:47:15 +00:00
|
|
|
}
|
2022-09-15 10:43:41 +00:00
|
|
|
mfa, err := settingRepo.Get(settingRepo.WithByKey("MFAStatus"))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
if mfa.Value == "enable" {
|
2023-03-10 08:47:30 +00:00
|
|
|
return &dto.UserLoginInfo{Name: nameSetting.Value, MfaStatus: mfa.Value}, nil
|
2022-09-15 10:43:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return u.generateSession(c, info.Name, info.AuthMethod)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (u *AuthService) MFALogin(c *gin.Context, info dto.MFALogin) (*dto.UserLoginInfo, error) {
|
|
|
|
nameSetting, err := settingRepo.Get(settingRepo.WithByKey("UserName"))
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.WithMessage(constant.ErrRecordNotFound, err.Error())
|
|
|
|
}
|
2023-05-30 07:30:57 +00:00
|
|
|
passwordSetting, err := settingRepo.Get(settingRepo.WithByKey("Password"))
|
2022-09-15 10:43:41 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, errors.WithMessage(constant.ErrRecordNotFound, err.Error())
|
|
|
|
}
|
2023-05-30 07:30:57 +00:00
|
|
|
pass, err := encrypt.StringDecrypt(passwordSetting.Value)
|
2022-09-15 10:43:41 +00:00
|
|
|
if err != nil {
|
2023-03-23 12:34:33 +00:00
|
|
|
return nil, err
|
2022-09-15 10:43:41 +00:00
|
|
|
}
|
2023-03-23 12:34:33 +00:00
|
|
|
if info.Password != pass || nameSetting.Value != info.Name {
|
2023-03-10 08:47:30 +00:00
|
|
|
return nil, constant.ErrAuth
|
|
|
|
}
|
|
|
|
|
|
|
|
mfaSecret, err := settingRepo.Get(settingRepo.WithByKey("MFASecret"))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
success := mfa.ValidCode(info.Code, mfaSecret.Value)
|
|
|
|
if !success {
|
2022-12-02 10:52:43 +00:00
|
|
|
return nil, constant.ErrAuth
|
2022-09-15 10:43:41 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return u.generateSession(c, info.Name, info.AuthMethod)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (u *AuthService) generateSession(c *gin.Context, name, authMethod string) (*dto.UserLoginInfo, error) {
|
2022-09-08 10:47:15 +00:00
|
|
|
setting, err := settingRepo.Get(settingRepo.WithByKey("SessionTimeout"))
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
lifeTime, err := strconv.Atoi(setting.Value)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2022-09-15 10:43:41 +00:00
|
|
|
if authMethod == constant.AuthMethodJWT {
|
2022-09-08 10:47:15 +00:00
|
|
|
j := jwt.NewJWT()
|
|
|
|
claims := j.CreateClaims(jwt.BaseClaims{
|
2022-09-15 10:43:41 +00:00
|
|
|
Name: name,
|
2023-03-29 07:34:13 +00:00
|
|
|
})
|
2022-09-08 10:47:15 +00:00
|
|
|
token, err := j.CreateToken(claims)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-09-15 10:43:41 +00:00
|
|
|
return &dto.UserLoginInfo{Name: name, Token: token}, nil
|
2022-09-08 10:47:15 +00:00
|
|
|
}
|
|
|
|
sID, _ := c.Cookie(constant.SessionName)
|
|
|
|
sessionUser, err := global.SESSION.Get(sID)
|
|
|
|
if err != nil {
|
2023-03-11 11:55:37 +00:00
|
|
|
sID = uuid.New().String()
|
2023-05-29 09:32:55 +00:00
|
|
|
c.SetCookie(constant.SessionName, sID, 0, "", "", false, false)
|
2022-09-08 10:47:15 +00:00
|
|
|
err := global.SESSION.Set(sID, sessionUser, lifeTime)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-09-15 10:43:41 +00:00
|
|
|
return &dto.UserLoginInfo{Name: name}, nil
|
2022-09-08 10:47:15 +00:00
|
|
|
}
|
|
|
|
if err := global.SESSION.Set(sID, sessionUser, lifeTime); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2022-09-15 10:43:41 +00:00
|
|
|
return &dto.UserLoginInfo{Name: name}, nil
|
2022-09-08 10:47:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (u *AuthService) LogOut(c *gin.Context) error {
|
|
|
|
sID, _ := c.Cookie(constant.SessionName)
|
|
|
|
if sID != "" {
|
|
|
|
c.SetCookie(constant.SessionName, sID, -1, "", "", false, false)
|
|
|
|
err := global.SESSION.Delete(sID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2022-09-15 09:15:03 +00:00
|
|
|
|
|
|
|
func (u *AuthService) VerifyCode(code string) (bool, error) {
|
|
|
|
setting, err := settingRepo.Get(settingRepo.WithByKey("SecurityEntrance"))
|
|
|
|
if err != nil {
|
|
|
|
return false, err
|
|
|
|
}
|
|
|
|
return setting.Value == code, nil
|
|
|
|
}
|
|
|
|
|
2023-06-01 02:14:11 +00:00
|
|
|
func (u *AuthService) CheckIsSafety(code string) (string, error) {
|
2023-04-27 14:44:16 +00:00
|
|
|
status, err := settingRepo.Get(settingRepo.WithByKey("SecurityEntrance"))
|
2022-09-15 09:15:03 +00:00
|
|
|
if err != nil {
|
2023-06-01 02:14:11 +00:00
|
|
|
return "", err
|
2022-09-15 09:15:03 +00:00
|
|
|
}
|
2023-04-27 14:44:16 +00:00
|
|
|
if len(status.Value) == 0 {
|
2023-06-01 02:14:11 +00:00
|
|
|
return "disable", nil
|
2022-09-15 09:15:03 +00:00
|
|
|
}
|
2023-06-01 02:14:11 +00:00
|
|
|
if status.Value == code {
|
|
|
|
return "pass", nil
|
|
|
|
}
|
|
|
|
return "unpass", nil
|
2022-09-15 09:15:03 +00:00
|
|
|
}
|