go-pkg/wireguard-dashboard
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 55 Wiki Activity

🎨优化token生成以及加强验证
Some checks reported errors
continuous-integration/drone/tag Build was killed
Details

Browse Source
This commit is contained in:
coward 2024-06-18 15:20:17 +08:00
parent 1950150f42
commit 3e112cb672
6 changed files with 45 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
component/captcha_store.go
View File

@ -3,6 +3,7 @@ package component
import ( import (
"context" "context"
"fmt" "fmt"
"os"
"strings" "strings"
"time" "time"
"wireguard-dashboard/client" "wireguard-dashboard/client"
@ -49,8 +50,8 @@ func (CaptchaStore) Get(id string, clear bool) string {
// @param clear // @param clear
// @return bool // @return bool
func (c CaptchaStore) Verify(id, answer string, clear bool) bool { func (c CaptchaStore) Verify(id, answer string, clear bool) bool {
//if os.Getenv("GIN_MODE") != "release" { if os.Getenv("GIN_MODE") != "release" {
// return true return true
//} }
return strings.ToUpper(answer) == strings.ToUpper(c.Get(id, clear)) return strings.ToUpper(answer) == strings.ToUpper(c.Get(id, clear))
} }

10
component/jwt.go
View File

@ -6,17 +6,19 @@ import (
"fmt" "fmt"
"gitee.ltd/lxh/logger/log" "gitee.ltd/lxh/logger/log"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
"github.com/google/uuid"
"strings" "strings"
"time" "time"
"wireguard-dashboard/client" "wireguard-dashboard/client"
"wireguard-dashboard/config"
"wireguard-dashboard/constant" "wireguard-dashboard/constant"
) )
const Secret = "IK8MSs76Pb2VJxleTDadf1Wzu3h9QROLv0XtmnCUErYgBG5wAyjk4cioqFZHNpZG" const Secret = "IK8MSs76Pb2VJxleTDadf1Wzu3h9QROLv0XtmnCUErYgBG5wAyjk4cioqFZHNpZG"
type JwtClaims struct { type JwtClaims struct {
ID string `json:"id"` ID string `json:"id"`
jwt.RegisteredClaims `json:"-"` jwt.RegisteredClaims
} }
func JWT() JwtClaims { func JWT() JwtClaims {
@ -36,10 +38,12 @@ func (j JwtClaims) GenerateToken(userId string) (token string, expireTime *jwt.N
claims := JwtClaims{ claims := JwtClaims{
ID: userId, ID: userId,
RegisteredClaims: jwt.RegisteredClaims{ RegisteredClaims: jwt.RegisteredClaims{
Subject: "wireguard-dashboard", Issuer: config.Config.Http.Endpoint, // 颁发站点
Subject: "wg-dashboard",
ExpiresAt: expireTime, ExpiresAt: expireTime,
NotBefore: notBefore, NotBefore: notBefore,
IssuedAt: issuedAt, IssuedAt: issuedAt,
ID: uuid.NewString(),
}, },
} }

3
config/http.go
View File

@ -1,5 +1,6 @@
package config package config
type http struct { type http struct {
Port uint `yaml:"port"` Port uint `yaml:"port"`
Endpoint string `yaml:"endpoint"`
} }

7
middleware/authorization.go
View File

@ -28,6 +28,13 @@ func Authorization() gin.HandlerFunc {
return return
} }
// 如果token的颁发者与请求的站点不一致则直接给它狗日的丢出去
if userClaims.Issuer != utils.GetHost(c.Request.Header.Get("Referer")) {
utils.GinResponse(c).AuthorizationFailed()
c.Abort()
return
}
// 查询用户 // 查询用户
user, err := repository.User().GetUserById(userClaims.ID) user, err := repository.User().GetUserById(userClaims.ID)
if err != nil { if err != nil {

16
utils/url.go Normal file
View File

@ -0,0 +1,16 @@
package utils
import "net/url"
// GetHost
// @description: 获取指定地址的host
// @param addr
// @return string
func GetHost(addr string) string {
uu, err := url.Parse(addr)
if err != nil {
return ""
}
return uu.Host
}

9
web-src/src/utils/http/index.ts
View File

@ -163,6 +163,15 @@ class PureHttp {
resolve(response); resolve(response);
}) })
.catch(error => { .catch(error => {
// 401直接跳转回去
if (error.response.status === 401) {
router.replace({
path: "/login",
query: {
redirect: router.currentRoute.value.fullPath
}
});
}
if (error.response === null || error.response === undefined) { if (error.response === null || error.response === undefined) {
message(error.message, { type: "error" }); message(error.message, { type: "error" });
} else { } else {