x/icebergs
1
0
Fork 1
mirror of https://shylinux.com/x/icebergs synced 2025-05-04 20:37:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

add some

Browse Source
This commit is contained in:
shylinux 2023-08-16 23:38:20 +08:00
parent b7840792b2
commit d9477ee60b
7 changed files with 83 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
base/web/serve.go
View File

@ -177,6 +177,7 @@ func init() {
cli.NodeInfo(m, ice.Info.Pathname, WORKER)
gdb.Watch(m, SERVE_START)
aaa.White(m, nfs.REQUIRE)
aaa.White(m, LOGIN)
}},
DOMAIN: {Hand: func(m *ice.Message, arg ...string) {
kit.If(len(arg) > 0, func() { ice.Info.Domain, ice.Info.Localhost = arg[0], false })

1
base/web/spide.go
View File

@ -209,6 +209,7 @@ const (
SPIDE_JSON = "json"
SPIDE_RES = "content_data"
Basic = "Basic"
Bearer = "Bearer"
Authorization = "Authorization"
ContentType = "Content-Type"

75
base/web/token.go
View File

@ -1,26 +1,89 @@
package web
import (
"encoding/base64"
"strings"
ice "shylinux.com/x/icebergs"
"shylinux.com/x/icebergs/base/aaa"
"shylinux.com/x/icebergs/base/lex"
"shylinux.com/x/icebergs/base/mdb"
"shylinux.com/x/icebergs/base/nfs"
"shylinux.com/x/icebergs/base/tcp"
kit "shylinux.com/x/toolkits"
)
const TOKEN = "token"
func init() {
const (
GEN = "gen"
SET = "set"
CONFIRM = "confirm"
FILE = ".git-credentials"
LOCAL = "http://localhost:9020"
)
Index.MergeCommands(ice.Commands{
TOKEN: {Name: "token hash auto create prunes", Help: "令牌", Actions: ice.MergeActions(ice.Actions{
mdb.INPUTS: {Hand: func(m *ice.Message, arg ...string) {
switch mdb.HashInputs(m, arg); arg[0] {
case mdb.TYPE:
m.Push(arg[0], SERVER, WORKER)
TOKEN: {Name: "token username auto prunes", Help: "令牌", Actions: ice.MergeActions(ice.Actions{
GEN: {Hand: func(m *ice.Message, arg ...string) {
m.Echo("请授权 %s 代码权限\n", m.Option(tcp.HOST)).EchoButton(CONFIRM)
}},
CONFIRM: {Hand: func(m *ice.Message, arg ...string) {
msg := m.Cmd("", m.Option(ice.MSG_USERNAME))
if msg.Append(mdb.TIME) < m.Time() {
msg = m.Cmd("", mdb.CREATE, aaa.USERNAME, m.Option(ice.MSG_USERNAME), TOKEN, kit.Hashs(mdb.UNIQ)).Cmd("", m.Option(ice.MSG_USERNAME))
}
m.ProcessReplace(kit.MergeURL2(m.Option(tcp.HOST), ChatCmdPath(m.PrefixKey(), SET), TOKEN, strings.Replace(UserHost(m), "://", kit.Format("://%s:%s@", m.Option(ice.MSG_USERNAME), msg.Append(TOKEN)), 1)))
}},
SET: {Hand: func(m *ice.Message, arg ...string) {
host, list := ice.Map{kit.ParseURL(m.Option(TOKEN)).Host: true}, []string{m.Option(TOKEN)}
m.Cmd(nfs.CAT, kit.HomePath(FILE), func(line string) {
line = strings.ReplaceAll(line, "%3a", ":")
kit.IfNoKey(host, kit.ParseURL(line).Host, func(p string) { list = append(list, line) })
}).Cmd(nfs.SAVE, kit.HomePath(FILE), strings.Join(list, lex.NL)+lex.NL)
m.ProcessClose()
}},
}, mdb.HashAction(mdb.EXPIRE, mdb.MONTH, mdb.SHORT, mdb.UNIQ, mdb.FIELD, "time,hash,type,name,text")), Hand: func(m *ice.Message, arg ...string) {
if mdb.HashSelect(m, arg...); len(arg) > 0 {
m.Cmdy("web.code.publish", "contexts", kit.Dict(TOKEN, arg[0]))
return
u := kit.ParseURL(m.Option(ice.MSG_USERWEB))
p := tcp.PublishLocalhost(m, kit.Format("%s://%s:%s@%s", u.Scheme, m.Append(aaa.USERNAME), m.Append(TOKEN), u.Host))
m.EchoScript(p).EchoScript(kit.Format("echo '%s' >>~/.git-credentials", p))
}
}},
})
Index.MergeCommands(ice.Commands{
"/check": {Hand: func(m *ice.Message, arg ...string) {
kit.For(m.R.Header, func(key string, value []string) { m.Debug("what %v %v", key, value) })
if BasicSess(m); m.Option(ice.MSG_USERNAME) == "" {
BasicCheck(m, "请输入账号密码")
}
}},
"/login": {Hand: func(m *ice.Message, arg ...string) { RenderMain(m) }},
"/auths": {Hand: func(m *ice.Message, arg ...string) {
kit.If(m.R.URL.Query().Get(ice.MSG_SESSID), func(p string) { RenderCookie(m, m.Option(ice.MSG_SESSID, p)) })
RenderRedirect(m, m.R.URL.Query().Get("redirect_uri"))
}},
})
}
func BasicSess(m *ice.Message) {
m.Options(ice.MSG_USERWEB, _serve_domain(m))
m.Options(ice.MSG_SESSID, kit.Select(m.Option(ice.MSG_SESSID), m.Option(CookieName(m.Option(ice.MSG_USERWEB)))))
aaa.SessCheck(m, m.Option(ice.MSG_SESSID))
}
func BasicCheck(m *ice.Message, realm string) bool {
switch ls := kit.Split(m.R.Header.Get(Authorization)); kit.Select("", ls, 0) {
case Basic:
if buf, err := base64.StdEncoding.DecodeString(kit.Select("", ls, 1)); !m.Warn(err) {
if ls := strings.SplitN(string(buf), ":", 2); !m.Warn(len(ls) < 2) {
if msg := m.Cmd(TOKEN, ls[1]); !m.Warn(msg.Time() > msg.Append(mdb.TIME)) {
return true
}
}
}
}
m.W.Header().Add("WWW-Authenticate", kit.Format(`Basic realm="%s"`, realm))
m.RenderStatusUnauthorized()
return false
}

10
core/chat/pod.go
View File

@ -27,13 +27,15 @@ func init() {
m.RenderDownload(path.Join(ice.USR_LOCAL_WORK, arg[0], ice.USR_PUBLISH, kit.Keys(ice.ICE, m.Option(cli.GOOS), m.Option(cli.GOARCH))))
} else if m.IsCliUA() {
m.RenderDownload(path.Join(ice.USR_LOCAL_WORK, arg[0], ice.BIN_ICE_BIN))
} else if len(arg) == 1 {
} else {
if m.Cmd(web.SPACE, arg[0]).Length() == 0 && nfs.Exists(m, path.Join(ice.USR_LOCAL_WORK, arg[0])) {
m.Cmd(web.DREAM, cli.START, kit.Dict(mdb.NAME, arg[0]))
}
m.Cmdy(web.SPACE, arg[0], web.SPACE, ice.MAIN, kit.Dict(nfs.VERSION, web.RenderVersion(m)))
} else if arg[1] == CMD {
web.RenderPodCmd(m, arg[0], arg[2], arg[3:])
if len(arg) == 1 {
m.Cmdy(web.SPACE, arg[0], web.SPACE, ice.MAIN, kit.Dict(nfs.VERSION, web.RenderVersion(m)))
} else if arg[1] == CMD {
web.RenderPodCmd(m, arg[0], arg[2], arg[3:])
}
}
}},
})

25
misc/git/service.go
View File

@ -4,7 +4,6 @@ import (
"compress/flate"
"compress/gzip"
"context"
"encoding/base64"
"fmt"
"io"
"os"
@ -32,21 +31,6 @@ import (
kit "shylinux.com/x/toolkits"
)
func _service_login(m *ice.Message) error {
if ice.Info.Localhost && tcp.IsLocalHost(m, m.Option(ice.MSG_USERIP)) {
return nil
} else if auth := strings.SplitN(m.R.Header.Get(web.Authorization), lex.SP, 2); strings.ToLower(auth[0]) != "basic" {
return fmt.Errorf("Authentication type error")
} else if data, err := base64.StdEncoding.DecodeString(auth[1]); err != nil {
return err
} else if auth := strings.SplitN(string(data), nfs.DF, 2); m.Cmdv(Prefix(TOKEN), auth[0], TOKEN) != auth[1] {
return fmt.Errorf("username or password error")
} else if aaa.UserRole(m, auth[0]) == aaa.VOID {
return fmt.Errorf("userrole has no right")
} else {
return nil
}
}
func _service_path(m *ice.Message, p string, arg ...string) string {
return kit.Path(ice.USR_LOCAL_REPOS, kit.TrimExt(p, GIT), path.Join(arg...))
}
@ -147,17 +131,16 @@ func init() {
}
switch repos, service := _service_param(m, arg...); service {
case RECEIVE_PACK:
if err := _service_login(m); m.Warn(err, ice.ErrNotLogin) {
web.RenderHeader(m.W, "WWW-Authenticate", `Basic realm="git server"`)
if !web.BasicCheck(m, "git server") {
return
} else if !nfs.Exists(m, repos) {
}
if !nfs.Exists(m, repos) {
m.Cmd(Prefix(SERVICE), mdb.CREATE, mdb.NAME, path.Base(repos))
}
case UPLOAD_PACK:
if mdb.Conf(m, Prefix(SERVICE), kit.Keym(aaa.AUTH)) == aaa.PRIVATE {
if err := _service_login(m); m.Warn(err, ice.ErrNotLogin) {
web.RenderHeader(m.W, "WWW-Authenticate", `Basic realm="git server"`)
if !web.BasicCheck(m, "git server") {
return
}
}

4
misc/git/status.go
View File

@ -139,10 +139,10 @@ func init() {
m.Cmd(nfs.DEFS, kit.HomePath(".gitconfig"), nfs.Template(m, "gitconfig", m.Option(aaa.USERNAME), m.Option(aaa.EMAIL)))
mdb.Config(m, aaa.USERNAME, m.Option(aaa.USERNAME))
mdb.Config(m, aaa.EMAIL, m.Option(aaa.EMAIL))
kit.If(m.Option(TOKEN), func() { m.Cmd(TOKEN, "set") })
kit.If(m.Option(web.TOKEN), func() { m.Cmd(web.TOKEN, "set") })
}},
OAUTH: {Help: "授权", Hand: func(m *ice.Message, arg ...string) {
m.ProcessOpen(kit.MergeURL2(kit.Select(ice.Info.Make.Domain, m.Cmdx(REPOS, "remoteURL")), web.ChatCmdPath(Prefix(TOKEN), "gen"), tcp.HOST, m.Option(ice.MSG_USERWEB)))
m.ProcessOpen(kit.MergeURL2(kit.Select(ice.Info.Make.Domain, m.Cmdx(REPOS, "remoteURL")), web.ChatCmdPath(web.TOKEN, "gen"), tcp.HOST, m.Option(ice.MSG_USERWEB)))
}},
INSTEADOF: {Name: "insteadof remote", Help: "代理", Hand: func(m *ice.Message, arg ...string) {
m.Cmdy(REPOS, INSTEADOF, arg)

52
misc/git/token.go
View File

@ -1,53 +1 @@
package git
import (
"strings"
ice "shylinux.com/x/icebergs"
"shylinux.com/x/icebergs/base/aaa"
"shylinux.com/x/icebergs/base/lex"
"shylinux.com/x/icebergs/base/mdb"
"shylinux.com/x/icebergs/base/nfs"
"shylinux.com/x/icebergs/base/tcp"
"shylinux.com/x/icebergs/base/web"
kit "shylinux.com/x/toolkits"
)
const TOKEN = "token"
func init() {
const (
GEN = "gen"
SET = "set"
FILE = ".git-credentials"
LOCAL = "http://localhost:9020"
)
Index.MergeCommands(ice.Commands{
TOKEN: {Name: "token username auto prunes", Help: "令牌", Actions: ice.MergeActions(ice.Actions{
GEN: {Hand: func(m *ice.Message, arg ...string) {
m.Echo("请授权 %s 代码权限\n", m.Option(tcp.HOST)).EchoButton("confirm")
}},
"confirm": {Hand: func(m *ice.Message, arg ...string) {
msg := m.Cmd("", m.Option(ice.MSG_USERNAME))
if msg.Append(mdb.TIME) < m.Time() {
msg = m.Cmd("", mdb.CREATE, aaa.USERNAME, m.Option(ice.MSG_USERNAME), TOKEN, kit.Hashs(mdb.UNIQ)).Cmd("", m.Option(ice.MSG_USERNAME))
}
m.ProcessReplace(kit.MergeURL2(m.Option(tcp.HOST), web.ChatCmdPath(m.PrefixKey(), SET), TOKEN, strings.Replace(web.UserHost(m), "://", kit.Format("://%s:%s@", m.Option(ice.MSG_USERNAME), msg.Append(TOKEN)), 1)))
}},
SET: {Hand: func(m *ice.Message, arg ...string) {
host, list := ice.Map{kit.ParseURL(m.Option(TOKEN)).Host: true}, []string{m.Option(TOKEN)}
m.Cmd(nfs.CAT, kit.HomePath(FILE), func(line string) {
line = strings.ReplaceAll(line, "%3a", ":")
kit.IfNoKey(host, kit.ParseURL(line).Host, func(p string) { list = append(list, line) })
}).Cmd(nfs.SAVE, kit.HomePath(FILE), strings.Join(list, lex.NL)+lex.NL)
m.ProcessClose()
}},
}, mdb.HashAction(mdb.EXPIRE, mdb.MONTH, mdb.SHORT, aaa.USERNAME, mdb.FIELD, "time,username,token")), Hand: func(m *ice.Message, arg ...string) {
if mdb.HashSelect(m, arg...); len(arg) > 0 {
u := kit.ParseURL(m.Option(ice.MSG_USERWEB))
p := tcp.PublishLocalhost(m, kit.Format("%s://%s:%s@%s", u.Scheme, m.Append(aaa.USERNAME), m.Append(TOKEN), u.Host))
m.EchoScript(p).EchoScript(kit.Format("echo '%s' >>~/.git-credentials", p))
}
}},
})
}