fix: 拦截中间件数据改为实时获取 (#1213)

2023-06-01 10:38:11 +08:00 · 2023-06-01 10:38:11 +08:00 · eb55e16465
parent bb48964cca
commit eb55e16465
8 changed files with 47 additions and 48 deletions
--- a/backend/app/service/setting.go
+++ b/backend/app/service/setting.go
@ -114,10 +114,6 @@ func (u *SettingService) Update(key, value string) error {
 		if err := settingRepo.Update("ExpirationTime", time.Now().AddDate(0, 0, timeout).Format("2006-01-02 15:04:05")); err != nil {
 			return err
 		}
-	case "BindDomain":
-		global.CONF.System.BindDomain = value
-	case "AllowIPs":
-		global.CONF.System.AllowIPs = value
 	case "TimeZone":
 		go func() {
 			_, err := cmd.Exec("systemctl restart 1panel.service")
--- a/backend/configs/system.go
+++ b/backend/configs/system.go
@ -1,26 +1,24 @@
 package configs

 type System struct {
-	Port       string `mapstructure:"port"`
-	SSL        string `mapstructure:"ssl"`
-	DbFile     string `mapstructure:"db_file"`
-	DbPath     string `mapstructure:"db_path"`
-	LogPath    string `mapstructure:"log_path"`
-	DataDir    string `mapstructure:"data_dir"`
-	TmpDir     string `mapstructure:"tmp_dir"`
-	Cache      string `mapstructure:"cache"`
-	Backup     string `mapstructure:"backup"`
-	EncryptKey string `mapstructure:"encrypt_key"`
-	BaseDir    string `mapstructure:"base_dir"`
-	Mode       string `mapstructure:"mode"`
-	RepoUrl    string `mapstructure:"repo_url"`
-	Version    string `mapstructure:"version"`
-	Username   string `mapstructure:"username"`
-	Password   string `mapstructure:"password"`
-	Entrance   string `mapstructure:"entrance"`
-	IsDemo     bool   `mapstructure:"is_demo"`
-	AppRepo    string `mapstructure:"app_repo"`
+	Port           string `mapstructure:"port"`
+	SSL            string `mapstructure:"ssl"`
+	DbFile         string `mapstructure:"db_file"`
+	DbPath         string `mapstructure:"db_path"`
+	LogPath        string `mapstructure:"log_path"`
+	DataDir        string `mapstructure:"data_dir"`
+	TmpDir         string `mapstructure:"tmp_dir"`
+	Cache          string `mapstructure:"cache"`
+	Backup         string `mapstructure:"backup"`
+	EncryptKey     string `mapstructure:"encrypt_key"`
+	BaseDir        string `mapstructure:"base_dir"`
+	Mode           string `mapstructure:"mode"`
+	RepoUrl        string `mapstructure:"repo_url"`
+	Version        string `mapstructure:"version"`
+	Username       string `mapstructure:"username"`
+	Password       string `mapstructure:"password"`
+	Entrance       string `mapstructure:"entrance"`
+	IsDemo         bool   `mapstructure:"is_demo"`
+	AppRepo        string `mapstructure:"app_repo"`
 	ChangeUserInfo bool   `mapstructure:"change_user_info"`
-	AllowIPs       string `mapstructure:"allow_ips"`
-	BindDomain     string `mapstructure:"bind_domain"`
 }
--- a/backend/init/hook/hook.go
+++ b/backend/init/hook/hook.go
@ -26,18 +26,6 @@ func Init() {
 	}
 	global.CONF.System.SSL = sslSetting.Value

-	ipsSetting, err := settingRepo.Get(settingRepo.WithByKey("AllowIPs"))
-	if err != nil {
-		global.LOG.Errorf("load allow ips from setting failed, err: %v", err)
-	}
-	global.CONF.System.AllowIPs = ipsSetting.Value
-
-	domainSetting, err := settingRepo.Get(settingRepo.WithByKey("BindDomain"))
-	if err != nil {
-		global.LOG.Errorf("load bind domain from setting failed, err: %v", err)
-	}
-	global.CONF.System.BindDomain = domainSetting.Value
-
 	if _, err := settingRepo.Get(settingRepo.WithByKey("SystemStatus")); err != nil {
 		_ = settingRepo.Create("SystemStatus", "Free")
 	}
--- a/backend/middleware/bind_domain.go
+++ b/backend/middleware/bind_domain.go
@ -5,14 +5,20 @@ import (
 	"strings"

 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/repo"
 	"github.com/1Panel-dev/1Panel/backend/constant"
-	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/gin-gonic/gin"
 )

 func BindDomain() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if len(global.CONF.System.BindDomain) == 0 {
+		settingRepo := repo.NewISettingRepo()
+		status, err := settingRepo.Get(settingRepo.WithByKey("BindDomain"))
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrDomain, constant.ErrTypeInternalServer, err)
+			return
+		}
+		if len(status.Value) == 0 {
 			c.Next()
 			return
 		}
@ -22,7 +28,7 @@ func BindDomain() gin.HandlerFunc {
 			domains = parts[0]
 		}

-		if domains != global.CONF.System.BindDomain {
+		if domains != status.Value {
 			helper.ErrorWithDetail(c, constant.CodeErrDomain, constant.ErrTypeInternalServer, errors.New("domain not allowed"))
 			return
 		}
--- a/backend/middleware/ip_limit.go
+++ b/backend/middleware/ip_limit.go
@ -5,19 +5,26 @@ import (
 	"strings"

 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
+	"github.com/1Panel-dev/1Panel/backend/app/repo"
 	"github.com/1Panel-dev/1Panel/backend/constant"
-	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/gin-gonic/gin"
 )

 func WhiteAllow() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if len(global.CONF.System.AllowIPs) == 0 {
+		settingRepo := repo.NewISettingRepo()
+		status, err := settingRepo.Get(settingRepo.WithByKey("AllowIPs"))
+		if err != nil {
+			helper.ErrorWithDetail(c, constant.CodeErrIP, constant.ErrTypeInternalServer, err)
+			return
+		}
+
+		if len(status.Value) == 0 {
 			c.Next()
 			return
 		}
 		clientIP := c.ClientIP()
-		for _, ip := range strings.Split(global.CONF.System.AllowIPs, ",") {
+		for _, ip := range strings.Split(status.Value, ",") {
 			if len(ip) != 0 && ip == clientIP {
 				c.Next()
 				return
--- a/frontend/src/lang/modules/en.ts
+++ b/frontend/src/lang/modules/en.ts
@ -1003,7 +1003,7 @@ const message = {
            'After setting the authorized IP address, only the IP address in the setting can access the 1Panel service. Do you want to continue?',
        allowIPsHelper1: 'If the authorized IP address is empty, the authorized IP address is canceled',
        allowIPEgs:
-            'If multiple ip authorizations exist, newlines need to be displayed. For example, \n172.16.10.111 \n172.16.10.111',
+            'If multiple ip authorizations exist, newlines need to be displayed. For example, \n172.16.10.111 \n172.16.10.112',
        mfa: 'MFA',
        mfaAlert:
            'MFA password is generated based on the current time. Please ensure that the server time is synchronized.',
--- a/frontend/src/lang/modules/zh.ts
+++ b/frontend/src/lang/modules/zh.ts
@ -1016,7 +1016,7 @@ const message = {
        allowIPsHelper: '设置授权 IP 后，仅有设置中的 IP 可以访问 1Panel 服务',
        allowIPsWarnning: '设置授权 IP 后，仅有设置中的 IP 可以访问 1Panel 服务，是否继续？',
        allowIPsHelper1: '授权 IP 为空时，则取消授权 IP',
-        allowIPEgs: '当存在多个授权 IP 时，需要换行显示，例： \n172.16.10.111 \n172.16.10.111',
+        allowIPEgs: '当存在多个授权 IP 时，需要换行显示，例： \n172.16.10.111 \n172.16.10.112',
        mfa: '两步验证',
        mfaAlert: '两步验证密码是基于当前时间生成，请确保服务器时间已同步',
        mfaHelper: '开启后会验证手机应用验证码',
--- a/frontend/src/views/login/entrance/index.vue
+++ b/frontend/src/views/login/entrance/index.vue
@ -56,11 +56,15 @@ const mySafetyCode = defineProps({

 const getStatus = async () => {
    isErr.value = true;
-    const res = await checkIsSafety(mySafetyCode.code);
+    let code = mySafetyCode.code;
+    if (code === 'err-ip' || code === 'err-domain') {
+        code = globalStore.entrance;
+    }
+    const res = await checkIsSafety(code);
    isErr.value = false;
    globalStore.entrance = '';
    if (res.data === 'disable') {
-        if (mySafetyCode.code === '') {
+        if (code === '') {
            isNotFound.value = false;
        } else {
            isNotFound.value = true;
@ -73,7 +77,7 @@ const getStatus = async () => {
        return;
    }
    if (res.data === 'pass') {
-        globalStore.entrance = mySafetyCode.code;
+        globalStore.entrance = code;
    }
 };