x/ContextOS
1
0
Fork 1
mirror of https://shylinux.com/x/ContextOS synced 2025-04-26 09:14:06 +08:00
Code Issues Packages Projects Releases Wiki Activity

opt aaa.session

Browse Source 
Change-Id: I4d50aa354b1f06e9ef971a7233513e82ae081fec
This commit is contained in:
shaoying 2018-12-27 23:50:59 +08:00
parent b3f37bb2a7
commit 611fc9efc7
3 changed files with 29 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/contexts/aaa/aaa.go
View File

@ -112,11 +112,12 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
"nuser": &ctx.Cache{Name: "nuser", Value: "0", Help: "用户数量"}, "nuser": &ctx.Cache{Name: "nuser", Value: "0", Help: "用户数量"},
}, },
Configs: map[string]*ctx.Config{ Configs: map[string]*ctx.Config{
"session": &ctx.Config{Name: "session", Value: map[string]interface{}{}, Help: "私钥文件"}, "secrete_key": &ctx.Config{Name: "secrete_key", Value: map[string]interface{}{"password": 1, "uuid": 1}, Help: "私钥文件"},
"expire": &ctx.Config{Name: "expire(s)", Value: "72000", Help: "会话超时"}, "session": &ctx.Config{Name: "session", Value: map[string]interface{}{}, Help: "私钥文件"},
"cert": &ctx.Config{Name: "cert", Value: "etc/pem/cert.pem", Help: "证书文件"}, "expire": &ctx.Config{Name: "expire(s)", Value: "72000", Help: "会话超时"},
"pub": &ctx.Config{Name: "pub", Value: "etc/pem/pub.pem", Help: "公钥文件"}, "cert": &ctx.Config{Name: "cert", Value: "etc/pem/cert.pem", Help: "证书文件"},
"key": &ctx.Config{Name: "key", Value: "etc/pem/key.pem", Help: "私钥文件"}, "pub": &ctx.Config{Name: "pub", Value: "etc/pem/pub.pem", Help: "公钥文件"},
"key": &ctx.Config{Name: "key", Value: "etc/pem/key.pem", Help: "私钥文件"},
}, },
Commands: map[string]*ctx.Command{ Commands: map[string]*ctx.Command{
"session": &ctx.Command{Name: "session create", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) { "session": &ctx.Command{Name: "session create", Hand: func(m *ctx.Message, c *ctx.Context, key string, arg ...string) {
@ -201,7 +202,12 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
return return
} }
h := Hash("%s%s: %s", condition, arg[i], arg[i+1]) value := arg[i+1]
if m.Confv("secrete_key", arg[i]) != nil {
value = Hash("%s", value)
}
h := Hash("%s%s: %s", condition, arg[i], value)
if sess := m.Confv("session", h); sess == nil { if sess := m.Confv("session", h); sess == nil {
// 节点认证 // 节点认证
if arg[i] == "password" { if arg[i] == "password" {
@ -215,7 +221,7 @@ var Index = &ctx.Context{Name: "aaa", Help: "认证中心",
} }
// 创建节点 // 创建节点
m.Confv("session", h, map[string]interface{}{"create_time": time.Now().Unix(), "type": arg[i], "meta": arg[i+1]}) m.Confv("session", h, map[string]interface{}{"create_time": time.Now().Unix(), "type": arg[i], "meta": value})
chain = append(chain, map[string]string{"node": h, "hash": p, "level": "0", "type": t}) chain = append(chain, map[string]string{"node": h, "hash": p, "level": "0", "type": t})
} }

21
src/contexts/web/web.go
View File

@ -98,7 +98,9 @@ func (web *WEB) HandleCmd(m *ctx.Message, key string, cmd *ctx.Command) {
msg.Option("index_url", r.Header.Get("index_url")) msg.Option("index_url", r.Header.Get("index_url"))
msg.Option("remote_addr", r.RemoteAddr) msg.Option("remote_addr", r.RemoteAddr)
if ip := r.Header.Get("X-Real-Ip"); ip != "" { if ip := r.Header.Get("X-Forwarded-For"); ip != "" {
msg.Option("remote_ip", ip)
} else if ip := r.Header.Get("X-Real-Ip"); ip != "" {
msg.Option("remote_ip", ip) msg.Option("remote_ip", ip)
} else { } else {
msg.Option("remote_ip", strings.Split(r.RemoteAddr, ":")) msg.Option("remote_ip", strings.Split(r.RemoteAddr, ":"))
@ -140,12 +142,12 @@ func (web *WEB) HandleCmd(m *ctx.Message, key string, cmd *ctx.Command) {
} }
msg.Option("username", cas.Username(r)) msg.Option("username", cas.Username(r))
msg.Option("password", cas.Username(r))
for k, v := range cas.Attributes(r) { for k, v := range cas.Attributes(r) {
for _, val := range v { for _, val := range v {
msg.Add("option", k, val) msg.Add("option", k, val)
} }
} }
msg.Option("uuid", msg.Option(m.Conf("cas_uuid")))
} }
msg.Log("cmd", "%s [] %v", key, msg.Meta["option"]) msg.Log("cmd", "%s [] %v", key, msg.Meta["option"])
@ -342,6 +344,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
"login_right": &ctx.Config{Name: "login_right", Value: "1", Help: "登录认证"}, "login_right": &ctx.Config{Name: "login_right", Value: "1", Help: "登录认证"},
"login_lark": &ctx.Config{Name: "login_lark", Value: "false", Help: "会话认证"}, "login_lark": &ctx.Config{Name: "login_lark", Value: "false", Help: "会话认证"},
"cas_url": &ctx.Config{Name: "cas_url", Value: "", Help: "单点登录"}, "cas_url": &ctx.Config{Name: "cas_url", Value: "", Help: "单点登录"},
"cas_uuid": &ctx.Config{Name: "cas_uuid", Value: "__tea_sdk__user_unique_id", Help: "单点登录"},
"toolkit": &ctx.Config{Name: "toolkit", Value: map[string]interface{}{ "toolkit": &ctx.Config{Name: "toolkit", Value: map[string]interface{}{
"time": map[string]interface{}{ "time": map[string]interface{}{
@ -905,14 +908,20 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
http.SetCookie(w, &http.Cookie{Name: "sessid", Value: sessid, Path: "/"}) http.SetCookie(w, &http.Cookie{Name: "sessid", Value: sessid, Path: "/"})
} }
if m.Options("username") && m.Options("password") { if m.Options("username") && m.Options("uuid") {
if !m.Sess("aaa").Cmd("session", sessid, "ship", "username", m.Option("username"), "uuid", m.Option("uuid")).Results(0) {
return
}
} else if m.Options("username") && m.Options("password") {
if !m.Sess("aaa").Cmd("session", sessid, "ship", "username", m.Option("username"), "password", m.Option("password")).Results(0) { if !m.Sess("aaa").Cmd("session", sessid, "ship", "username", m.Option("username"), "password", m.Option("password")).Results(0) {
return return
} }
} }
for _, user := range m.Sess("aaa").Cmd("session", sessid, "ship", "username").Meta["meta"] { for _, user := range m.Sess("aaa").Cmd("session", sessid, "ship", "username").Meta["meta"] {
if m.Sess("aaa").Cmd("session", sessid, "ship", "username", user, "password").Results(0) { if m.Sess("aaa").Cmd("session", sessid, "ship", "username", user, "uuid").Results(0) {
m.Add("append", "username", user)
} else if m.Sess("aaa").Cmd("session", sessid, "ship", "username", user, "password").Results(0) {
m.Add("append", "username", user) m.Add("append", "username", user)
} }
} }
@ -1061,7 +1070,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
} }
if !right { if !right {
if lark := m.Find("web.chat.lark"); lark != nil && m.Confs("login_lark") { if lark := m.Find("web.chat.lark"); lark != nil && m.Confs("login_lark") {
right = ctx.Right(lark.Cmd("auth", m.Option("username"), "check", m.Option("cmd")).Result(0)) right = ctx.Right(lark.Cmd("auth", username, "check", m.Option("cmd")).Result(0))
} }
} }
@ -1069,7 +1078,7 @@ var Index = &ctx.Context{Name: "web", Help: "应用中心",
bench_share := "" bench_share := ""
bench, ok := m.Confv("bench", m.Option("bench")).(map[string]interface{}) bench, ok := m.Confv("bench", m.Option("bench")).(map[string]interface{})
if order == "" { if order == "" {
if username == "" { if !right && username == "" {
group, order, right = "login", "", true group, order, right = "login", "", true
} else { } else {
if right && !m.Confs("bench_disable") { if right && !m.Confs("bench_disable") {

2
usr/librarys/code.js
View File

@ -212,7 +212,7 @@ function send_command(form, cb) {
data[key] = form.dataset[key] data[key] = form.dataset[key]
} }
for (var i = 0; i < form.length; i++) { for (var i = 0; i < form.length; i++) {
if form[i].name { if (form[i].name) {
data[form[i].name] = form[i].value data[form[i].name] = form[i].value
} }
} }