opt aaa.session

Change-Id: I4d50aa354b1f06e9ef971a7233513e82ae081fec

src/contexts/aaa/aaa.go

@@ -112,11 +112,12 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
 		"nuser": &ctx.Cache{Name: "nuser", Value: "0", Help: "用户数量"},
 	},
 	Configs: map[string]*ctx.Config{
-		"session": &ctx.Config{Name: "session", Value: map[string]interface{}{}, Help: "私钥文件"},
-		"expire":  &ctx.Config{Name: "expire(s)", Value: "72000", Help: "会话超时"},
-		"cert":    &ctx.Config{Name: "cert", Value: "etc/pem/cert.pem", Help: "证书文件"},
-		"pub":     &ctx.Config{Name: "pub", Value: "etc/pem/pub.pem", Help: "公钥文件"},
-		"key":     &ctx.Config{Name: "key", Value: "etc/pem/key.pem", Help: "私钥文件"},
+		"secrete_key": &ctx.Config{Name: "secrete_key", Value: map[string]interface{}{"password": 1, "uuid": 1}, Help: "私钥文件"},
+		"session":     &ctx.Config{Name: "session", Value: map[string]interface{}{}, Help: "私钥文件"},
+		"expire":      &ctx.Config{Name: "expire(s)", Value: "72000", Help: "会话超时"},
+		"cert":        &ctx.Config{Name: "cert", Value: "etc/pem/cert.pem", Help: "证书文件"},
+		"pub":         &ctx.Config{Name: "pub", Value: "etc/pem/pub.pem", Help: "公钥文件"},
+		"key":         &ctx.Config{Name: "key", Value: "etc/pem/key.pem", Help: "私钥文件"},
 	},
 	Commands: map[string]*ctx.Command{
 		"session": &ctx.Command{Name: "session create", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) {
@@ -201,7 +202,12 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
 						return
 					}
 
-					h := Hash("%s%s: %s", condition, arg[i], arg[i+1])
+					value := arg[i+1]
+					if m.Confv("secrete_key", arg[i]) != nil {
+						value = Hash("%s", value)
+					}
+
+					h := Hash("%s%s: %s", condition, arg[i], value)
 					if sess := m.Confv("session", h); sess == nil {
 						// 节点认证
 						if arg[i] == "password" {
@@ -215,7 +221,7 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
 						}
 
 						// 创建节点
-						m.Confv("session", h, map[string]interface{}{"create_time": time.Now().Unix(), "type": arg[i], "meta": arg[i+1]})
+						m.Confv("session", h, map[string]interface{}{"create_time": time.Now().Unix(), "type": arg[i], "meta": value})
 						chain = append(chain, map[string]string{"node": h, "hash": p, "level": "0", "type": t})
 					}
 

src/contexts/web/web.go

@@ -98,7 +98,9 @@ func (web *WEB) HandleCmd(m *ctx.Message, key string, cmd *ctx.Command) {
 			msg.Option("index_url", r.Header.Get("index_url"))
 
 			msg.Option("remote_addr", r.RemoteAddr)
-			if ip := r.Header.Get("X-Real-Ip"); ip != "" {
+			if ip := r.Header.Get("X-Forwarded-For"); ip != "" {
+				msg.Option("remote_ip", ip)
+			} else if ip := r.Header.Get("X-Real-Ip"); ip != "" {
 				msg.Option("remote_ip", ip)
 			} else {
 				msg.Option("remote_ip", strings.Split(r.RemoteAddr, ":"))
@@ -140,12 +142,12 @@ func (web *WEB) HandleCmd(m *ctx.Message, key string, cmd *ctx.Command) {
 				}
 
 				msg.Option("username", cas.Username(r))
-				msg.Option("password", cas.Username(r))
 				for k, v := range cas.Attributes(r) {
 					for _, val := range v {
 						msg.Add("option", k, val)
 					}
 				}
+				msg.Option("uuid", msg.Option(m.Conf("cas_uuid")))
 			}
 
 			msg.Log("cmd", "%s [] %v", key, msg.Meta["option"])
@@ -342,6 +344,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
 		"login_right": &ctx.Config{Name: "login_right", Value: "1", Help: "登录认证"},
 		"login_lark":  &ctx.Config{Name: "login_lark", Value: "false", Help: "会话认证"},
 		"cas_url":     &ctx.Config{Name: "cas_url", Value: "", Help: "单点登录"},
+		"cas_uuid":    &ctx.Config{Name: "cas_uuid", Value: "__tea_sdk__user_unique_id", Help: "单点登录"},
 
 		"toolkit": &ctx.Config{Name: "toolkit", Value: map[string]interface{}{
 			"time": map[string]interface{}{
@@ -905,14 +908,20 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
 				http.SetCookie(w, &http.Cookie{Name: "sessid", Value: sessid, Path: "/"})
 			}
 
-			if m.Options("username") && m.Options("password") {
+			if m.Options("username") && m.Options("uuid") {
+				if !m.Sess("aaa").Cmd("session", sessid, "ship", "username", m.Option("username"), "uuid", m.Option("uuid")).Results(0) {
+					return
+				}
+			} else if m.Options("username") && m.Options("password") {
 				if !m.Sess("aaa").Cmd("session", sessid, "ship", "username", m.Option("username"), "password", m.Option("password")).Results(0) {
 					return
 				}
 			}
 
 			for _, user := range m.Sess("aaa").Cmd("session", sessid, "ship", "username").Meta["meta"] {
-				if m.Sess("aaa").Cmd("session", sessid, "ship", "username", user, "password").Results(0) {
+				if m.Sess("aaa").Cmd("session", sessid, "ship", "username", user, "uuid").Results(0) {
+					m.Add("append", "username", user)
+				} else if m.Sess("aaa").Cmd("session", sessid, "ship", "username", user, "password").Results(0) {
 					m.Add("append", "username", user)
 				}
 			}
@@ -1061,7 +1070,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
 				}
 				if !right {
 					if lark := m.Find("web.chat.lark"); lark != nil && m.Confs("login_lark") {
-						right = ctx.Right(lark.Cmd("auth", m.Option("username"), "check", m.Option("cmd")).Result(0))
+						right = ctx.Right(lark.Cmd("auth", username, "check", m.Option("cmd")).Result(0))
 					}
 				}
 
@@ -1069,7 +1078,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
 				bench_share := ""
 				bench, ok := m.Confv("bench", m.Option("bench")).(map[string]interface{})
 				if order == "" {
-					if username == "" {
+					if !right && username == "" {
 						group, order, right = "login", "", true
 					} else {
 						if right && !m.Confs("bench_disable") {

usr/librarys/code.js

@@ -212,7 +212,7 @@ function send_command(form, cb) {
         data[key] = form.dataset[key]
     }
     for (var i = 0; i < form.length; i++) {
-        if form[i].name {
+        if (form[i].name) {
             data[form[i].name] = form[i].value
         }
     }