mirror of https://github.com/allinssl/allinssl
Merge remote-tracking branch 'origin/1.0.1' into 1.0.1
wantoper
commit
3bfce79e11
|
|
@ -24,7 +24,7 @@ func Sign(c *gin.Context) {
|
||||||
}
|
}
|
||||||
form.Username = strings.TrimSpace(form.Username)
|
form.Username = strings.TrimSpace(form.Username)
|
||||||
form.Code = strings.TrimSpace(form.Code)
|
form.Code = strings.TrimSpace(form.Code)
|
||||||
|
|
||||||
// 从数据库拿用户
|
// 从数据库拿用户
|
||||||
s, err := public.NewSqlite("data/data.db", "")
|
s, err := public.NewSqlite("data/data.db", "")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -41,10 +41,10 @@ func Sign(c *gin.Context) {
|
||||||
public.FailMsg(c, err.Error())
|
public.FailMsg(c, err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
session := sessions.Default(c)
|
session := sessions.Default(c)
|
||||||
now := time.Now()
|
now := time.Now()
|
||||||
|
|
||||||
loginErrCount := session.Get("__loginErrCount")
|
loginErrCount := session.Get("__loginErrCount")
|
||||||
loginErrEnd := session.Get("__loginErrEnd")
|
loginErrEnd := session.Get("__loginErrEnd")
|
||||||
ErrCount := 0
|
ErrCount := 0
|
||||||
|
|
@ -57,9 +57,9 @@ func Sign(c *gin.Context) {
|
||||||
if __loginErrEnd, ok := loginErrEnd.(time.Time); ok {
|
if __loginErrEnd, ok := loginErrEnd.(time.Time); ok {
|
||||||
ErrEnd = __loginErrEnd
|
ErrEnd = __loginErrEnd
|
||||||
}
|
}
|
||||||
|
|
||||||
// fmt.Println(ErrCount, ErrEnd)
|
// fmt.Println(ErrCount, ErrEnd)
|
||||||
|
|
||||||
// 判断登录错误次数
|
// 判断登录错误次数
|
||||||
switch {
|
switch {
|
||||||
case ErrCount >= 5:
|
case ErrCount >= 5:
|
||||||
|
|
@ -91,7 +91,7 @@ func Sign(c *gin.Context) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// 判断用户是否存在
|
// 判断用户是否存在
|
||||||
if len(res) == 0 {
|
if len(res) == 0 {
|
||||||
session.Set("__loginErrCount", ErrCount+1)
|
session.Set("__loginErrCount", ErrCount+1)
|
||||||
|
|
@ -117,7 +117,7 @@ func Sign(c *gin.Context) {
|
||||||
keyMd5 := md5.Sum([]byte(passwd))
|
keyMd5 := md5.Sum([]byte(passwd))
|
||||||
passwdMd5 := hex.EncodeToString(keyMd5[:])
|
passwdMd5 := hex.EncodeToString(keyMd5[:])
|
||||||
// fmt.Println(passwdMd5)
|
// fmt.Println(passwdMd5)
|
||||||
|
|
||||||
if res[0]["password"] != passwdMd5 {
|
if res[0]["password"] != passwdMd5 {
|
||||||
session.Set("__loginErrCount", ErrCount+1)
|
session.Set("__loginErrCount", ErrCount+1)
|
||||||
session.Set("__loginErrEnd", now)
|
session.Set("__loginErrEnd", now)
|
||||||
|
|
@ -128,12 +128,12 @@ func Sign(c *gin.Context) {
|
||||||
public.FailMsg(c, "密码错误")
|
public.FailMsg(c, "密码错误")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// session := sessions.Default(c)
|
// session := sessions.Default(c)
|
||||||
session.Set("__loginErrCount", 0)
|
session.Set("__loginErrCount", 0)
|
||||||
session.Delete("__loginErrEnd")
|
session.Delete("__loginErrEnd")
|
||||||
session.Set("login", true)
|
session.Set("login", true)
|
||||||
session.Set("__login_key", public.GetSettingIgnoreError("login_key"))
|
session.Set("__login_key", public.LoginKey)
|
||||||
_ = session.Save()
|
_ = session.Save()
|
||||||
// c.JSON(http.StatusOK, public.ResOK(0, nil, "登录成功"))
|
// c.JSON(http.StatusOK, public.ResOK(0, nil, "登录成功"))
|
||||||
// 设置cookie
|
// 设置cookie
|
||||||
|
|
@ -145,7 +145,7 @@ func Sign(c *gin.Context) {
|
||||||
func GetCode(c *gin.Context) {
|
func GetCode(c *gin.Context) {
|
||||||
_, bs64, code, _ := public.GenerateCode()
|
_, bs64, code, _ := public.GenerateCode()
|
||||||
session := sessions.Default(c)
|
session := sessions.Default(c)
|
||||||
|
|
||||||
session.Set("_verifyCode", code)
|
session.Set("_verifyCode", code)
|
||||||
_ = session.Save()
|
_ = session.Save()
|
||||||
public.SuccessData(c, bs64, 0)
|
public.SuccessData(c, bs64, 0)
|
||||||
|
|
|
||||||
|
|
@ -131,7 +131,7 @@ func Save(setting *Setting) error {
|
||||||
return nil
|
return nil
|
||||||
} else {
|
} else {
|
||||||
if reload {
|
if reload {
|
||||||
s.Where("key = 'login_key'", []interface{}{}).Update(map[string]interface{}{"value": public.GenerateUUID()})
|
public.LoginKey = public.GenerateUUID()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
|
|
||||||
|
|
@ -26,7 +26,7 @@ func SessionAuthMiddleware() gin.HandlerFunc {
|
||||||
if checkApiKey(c) {
|
if checkApiKey(c) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
routePath := c.Request.URL.Path
|
routePath := c.Request.URL.Path
|
||||||
method := c.Request.Method
|
method := c.Request.Method
|
||||||
paths := strings.Split(strings.TrimPrefix(routePath, "/"), "/")
|
paths := strings.Split(strings.TrimPrefix(routePath, "/"), "/")
|
||||||
|
|
@ -34,7 +34,7 @@ func SessionAuthMiddleware() gin.HandlerFunc {
|
||||||
now := time.Now()
|
now := time.Now()
|
||||||
gob.Register(time.Time{})
|
gob.Register(time.Time{})
|
||||||
last := session.Get("lastRequestTime")
|
last := session.Get("lastRequestTime")
|
||||||
|
|
||||||
if routePath == public.Secure {
|
if routePath == public.Secure {
|
||||||
if session.Get("secure") == nil {
|
if session.Get("secure") == nil {
|
||||||
// 访问安全入口,设置 session
|
// 访问安全入口,设置 session
|
||||||
|
|
@ -97,13 +97,13 @@ func SessionAuthMiddleware() gin.HandlerFunc {
|
||||||
c.Abort()
|
c.Abort()
|
||||||
return
|
return
|
||||||
} else {
|
} else {
|
||||||
if session.Get("__login_key") != public.GetSettingIgnoreError("login_key") {
|
if session.Get("__login_key") != public.LoginKey {
|
||||||
// session.Set("secure", true)
|
// session.Set("secure", true)
|
||||||
session.Set("login", nil)
|
session.Set("login", nil)
|
||||||
session.Save()
|
session.Save()
|
||||||
// c.JSON(http.StatusUnauthorized, gin.H{"message": "登录信息发生变化,请重新登录"})
|
// c.JSON(http.StatusUnauthorized, gin.H{"message": "登录信息发生变化,请重新登录"})
|
||||||
c.Redirect(http.StatusFound, "/login")
|
c.Redirect(http.StatusFound, "/login")
|
||||||
// c.Abort()
|
c.Abort()
|
||||||
} else {
|
} else {
|
||||||
// 访问正常,更新最后请求时间
|
// 访问正常,更新最后请求时间
|
||||||
session.Set("lastRequestTime", now)
|
session.Set("lastRequestTime", now)
|
||||||
|
|
@ -169,7 +169,7 @@ func checkApiKey(c *gin.Context) bool {
|
||||||
func generateSignature(timestamp, apiKey string) string {
|
func generateSignature(timestamp, apiKey string) string {
|
||||||
keyMd5 := md5.Sum([]byte(apiKey))
|
keyMd5 := md5.Sum([]byte(apiKey))
|
||||||
keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:]))
|
keyMd5Hex := strings.ToLower(hex.EncodeToString(keyMd5[:]))
|
||||||
|
|
||||||
signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex))
|
signMd5 := md5.Sum([]byte(timestamp + keyMd5Hex))
|
||||||
signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:]))
|
signMd5Hex := strings.ToLower(hex.EncodeToString(signMd5[:]))
|
||||||
return signMd5Hex
|
return signMd5Hex
|
||||||
|
|
|
||||||
|
|
@ -178,7 +178,7 @@ func init() {
|
||||||
);
|
);
|
||||||
|
|
||||||
`)
|
`)
|
||||||
insertDefaultData(db, "users", "INSERT INTO users (id, username, password, salt) VALUES (1, 'xxxx', 'xxxxxxx', '&*ghs^&%dag');")
|
insertDefaultData(db, "users", "INSERT INTO users (id, username, password, salt) VALUES (1, 'admin', 'xxxxxxx', '&*ghs^&%dag');")
|
||||||
insertDefaultData(db, "access_type", `
|
insertDefaultData(db, "access_type", `
|
||||||
INSERT INTO access_type (name, type) VALUES ('aliyun', 'dns');
|
INSERT INTO access_type (name, type) VALUES ('aliyun', 'dns');
|
||||||
INSERT INTO access_type (name, type) VALUES ('tencentcloud', 'dns');
|
INSERT INTO access_type (name, type) VALUES ('tencentcloud', 'dns');
|
||||||
|
|
@ -201,10 +201,9 @@ func init() {
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'workflow_log_path', 'logs/workflows/', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'workflow_log_path', 'logs/workflows/', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'timeout', '3600', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'timeout', '3600', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'https', '0', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'https', '0', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ( 'login_key', '%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('session_key', '%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('session_key', '%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('secure', '/%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('secure', '/%s', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);
|
||||||
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('port', '%d', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);`, uuidStr, uuidStr, randomStr, port)
|
INSERT INTO settings (key, value, create_time, update_time, active, type) VALUES ('port', '%d', '2025-04-15 15:58', '2025-04-15 15:58', 1, null);`, uuidStr, randomStr, port)
|
||||||
|
|
||||||
insertDefaultData(db, "settings", Isql)
|
insertDefaultData(db, "settings", Isql)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -6,11 +6,12 @@ var Port = GetSettingIgnoreError("port")
|
||||||
var Secure = GetSettingIgnoreError("secure")
|
var Secure = GetSettingIgnoreError("secure")
|
||||||
var SessionKey = GetSettingIgnoreError("session_key")
|
var SessionKey = GetSettingIgnoreError("session_key")
|
||||||
var LogPath = GetSettingIgnoreError("log_path")
|
var LogPath = GetSettingIgnoreError("log_path")
|
||||||
|
var LoginKey = GenerateUUID()
|
||||||
var TimeOut = func() int {
|
var TimeOut = func() int {
|
||||||
settingStr := GetSettingIgnoreError("timeout")
|
settingStr := GetSettingIgnoreError("timeout")
|
||||||
setting, err := strconv.Atoi(settingStr)
|
setting, err := strconv.Atoi(settingStr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return 300
|
return 3600
|
||||||
}
|
}
|
||||||
return setting
|
return setting
|
||||||
}()
|
}()
|
||||||
|
|
@ -25,7 +26,7 @@ func ReloadConfig() {
|
||||||
settingStr := GetSettingIgnoreError("timeout")
|
settingStr := GetSettingIgnoreError("timeout")
|
||||||
setting, err := strconv.Atoi(settingStr)
|
setting, err := strconv.Atoi(settingStr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
TimeOut = 300
|
TimeOut = 3600
|
||||||
} else {
|
} else {
|
||||||
TimeOut = setting
|
TimeOut = setting
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -121,7 +121,8 @@ func main() {
|
||||||
fmt.Println(err)
|
fmt.Println(err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
public.UpdateSetting("login_key", public.GenerateUUID())
|
envVars["web"] = "restart"
|
||||||
|
err = control()
|
||||||
fmt.Println("用户名设置成功:", input)
|
fmt.Println("用户名设置成功:", input)
|
||||||
case "6":
|
case "6":
|
||||||
var input string
|
var input string
|
||||||
|
|
@ -164,8 +165,8 @@ func main() {
|
||||||
fmt.Println(err)
|
fmt.Println(err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
public.UpdateSetting("login_key", public.GenerateUUID())
|
envVars["web"] = "restart"
|
||||||
|
err = control()
|
||||||
fmt.Println("密码设置成功:", input)
|
fmt.Println("密码设置成功:", input)
|
||||||
case "7":
|
case "7":
|
||||||
var input string
|
var input string
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue