mirror of
https://github.com/whyour/qinglong.git
synced 2026-07-01 04:40:38 +08:00
修改认证信息存储方式,避免认证信息异常
This commit is contained in:
+11
-13
@@ -4,18 +4,14 @@ import cors from 'cors';
|
||||
import routes from '../api';
|
||||
import config from '../config';
|
||||
import { UnauthorizedError, expressjwt } from 'express-jwt';
|
||||
import fs from 'fs/promises';
|
||||
import { getPlatform, getToken, safeJSONParse } from '../config/util';
|
||||
import Container from 'typedi';
|
||||
import OpenService from '../services/open';
|
||||
import { getPlatform, getToken } from '../config/util';
|
||||
import rewrite from 'express-urlrewrite';
|
||||
import UserService from '../services/user';
|
||||
import * as Sentry from '@sentry/node';
|
||||
import { EnvModel } from '../data/env';
|
||||
import { errors } from 'celebrate';
|
||||
import { createProxyMiddleware } from 'http-proxy-middleware';
|
||||
import { serveEnv } from '../config/serverEnv';
|
||||
import Logger from './logger';
|
||||
import { IKeyvStore, shareStore } from '../shared/store';
|
||||
|
||||
export default ({ app }: { app: Application }) => {
|
||||
app.set('trust proxy', 'loopback');
|
||||
@@ -58,8 +54,10 @@ export default ({ app }: { app: Application }) => {
|
||||
app.use(async (req, res, next) => {
|
||||
const headerToken = getToken(req);
|
||||
if (req.path.startsWith('/open/')) {
|
||||
const openService = Container.get(OpenService);
|
||||
const doc = await openService.findTokenByValue(headerToken);
|
||||
const apps = await shareStore.getApps();
|
||||
const doc = apps?.filter((x) =>
|
||||
x.tokens?.find((y) => y.value === headerToken),
|
||||
)?.[0];
|
||||
if (doc && doc.tokens && doc.tokens.length > 0) {
|
||||
const currentToken = doc.tokens.find((x) => x.value === headerToken);
|
||||
const keyMatch = req.path.match(/\/open\/([a-z]+)\/*/);
|
||||
@@ -83,9 +81,9 @@ export default ({ app }: { app: Application }) => {
|
||||
return next();
|
||||
}
|
||||
|
||||
const data = await fs.readFile(config.authConfigFile, 'utf8');
|
||||
if (data && headerToken) {
|
||||
const { token = '', tokens = {} } = safeJSONParse(data);
|
||||
const authInfo = await shareStore.getAuthInfo();
|
||||
if (authInfo && headerToken) {
|
||||
const { token = '', tokens = {} } = authInfo;
|
||||
if (headerToken === token || tokens[req.platform] === headerToken) {
|
||||
return next();
|
||||
}
|
||||
@@ -103,8 +101,8 @@ export default ({ app }: { app: Application }) => {
|
||||
if (!['/api/user/init', '/api/user/notification/init'].includes(req.path)) {
|
||||
return next();
|
||||
}
|
||||
const userService = Container.get(UserService);
|
||||
const authInfo = await userService.getUserInfo();
|
||||
const authInfo =
|
||||
(await shareStore.getAuthInfo()) || ({} as IKeyvStore['authInfo']);
|
||||
|
||||
let isInitialized = true;
|
||||
if (
|
||||
|
||||
@@ -12,7 +12,10 @@ import { initPosition } from '../data/env';
|
||||
import { AuthDataType, SystemModel } from '../data/system';
|
||||
import SystemService from '../services/system';
|
||||
import UserService from '../services/user';
|
||||
import { writeFile } from 'fs/promises';
|
||||
import { writeFile, readFile } from 'fs/promises';
|
||||
import { safeJSONParse } from '../config/util';
|
||||
import OpenService from '../services/open';
|
||||
import { shareStore } from '../shared/store';
|
||||
|
||||
export default async () => {
|
||||
const cronService = Container.get(CronService);
|
||||
@@ -20,10 +23,38 @@ export default async () => {
|
||||
const dependenceService = Container.get(DependenceService);
|
||||
const systemService = Container.get(SystemService);
|
||||
const userService = Container.get(UserService);
|
||||
const openService = Container.get(OpenService);
|
||||
|
||||
// 初始化增加系统配置
|
||||
await SystemModel.upsert({ type: AuthDataType.systemConfig });
|
||||
await SystemModel.upsert({ type: AuthDataType.notification });
|
||||
await SystemModel.upsert({ type: AuthDataType.authConfig });
|
||||
const authConfig = await SystemModel.findOne({
|
||||
where: { type: AuthDataType.authConfig },
|
||||
});
|
||||
if (!authConfig?.info) {
|
||||
let authInfo = {
|
||||
username: 'admin',
|
||||
password: 'admin',
|
||||
};
|
||||
try {
|
||||
const content = await readFile(config.authConfigFile, 'utf8');
|
||||
authInfo = safeJSONParse(content);
|
||||
} catch (error) {}
|
||||
if (authConfig?.id) {
|
||||
await SystemModel.update(
|
||||
{ info: authInfo },
|
||||
{
|
||||
where: { id: authConfig.id },
|
||||
},
|
||||
);
|
||||
} else {
|
||||
await SystemModel.create({
|
||||
info: authInfo,
|
||||
type: AuthDataType.authConfig,
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// 初始化通知配置
|
||||
const notifyConfig = await userService.getNotificationMode();
|
||||
@@ -169,4 +200,11 @@ export default async () => {
|
||||
// 初始化保存一次ck和定时任务数据
|
||||
await cronService.autosave_crontab();
|
||||
await envService.set_envs();
|
||||
|
||||
const authInfo = await userService.getAuthInfo();
|
||||
const apps = await openService.findApps();
|
||||
await shareStore.updateAuthInfo(authInfo);
|
||||
if (apps?.length) {
|
||||
await shareStore.updateApps(apps);
|
||||
}
|
||||
};
|
||||
|
||||
@@ -20,9 +20,7 @@ const bakPath = path.join(dataPath, 'bak/');
|
||||
const samplePath = path.join(rootPath, 'sample/');
|
||||
const tmpPath = path.join(logPath, '.tmp/');
|
||||
const confFile = path.join(configPath, 'config.sh');
|
||||
const authConfigFile = path.join(configPath, 'auth.json');
|
||||
const sampleConfigFile = path.join(samplePath, 'config.sample.sh');
|
||||
const sampleAuthFile = path.join(samplePath, 'auth.sample.json');
|
||||
const sampleTaskShellFile = path.join(samplePath, 'task.sample.sh');
|
||||
const sampleNotifyJsFile = path.join(samplePath, 'notify.js');
|
||||
const sampleNotifyPyFile = path.join(samplePath, 'notify.py');
|
||||
@@ -40,7 +38,6 @@ const sshdPath = path.join(dataPath, 'ssh.d');
|
||||
const systemLogPath = path.join(dataPath, 'syslog');
|
||||
|
||||
export default async () => {
|
||||
const authFileExist = await fileExist(authConfigFile);
|
||||
const confFileExist = await fileExist(confFile);
|
||||
const scriptDirExist = await fileExist(scriptPath);
|
||||
const preloadDirExist = await fileExist(preloadPath);
|
||||
@@ -100,9 +97,6 @@ export default async () => {
|
||||
}
|
||||
|
||||
// 初始化文件
|
||||
if (!authFileExist) {
|
||||
await fs.writeFile(authConfigFile, await fs.readFile(sampleAuthFile));
|
||||
}
|
||||
|
||||
if (!confFileExist) {
|
||||
await fs.writeFile(confFile, await fs.readFile(sampleConfigFile));
|
||||
|
||||
@@ -2,9 +2,8 @@ import sockJs from 'sockjs';
|
||||
import { Server } from 'http';
|
||||
import { Container } from 'typedi';
|
||||
import SockService from '../services/sock';
|
||||
import config from '../config/index';
|
||||
import fs from 'fs/promises';
|
||||
import { getPlatform, safeJSONParse } from '../config/util';
|
||||
import { getPlatform } from '../config/util';
|
||||
import { shareStore } from '../shared/store';
|
||||
|
||||
export default async ({ server }: { server: Server }) => {
|
||||
const echo = sockJs.createServer({ prefix: '/api/ws', log: () => {} });
|
||||
@@ -15,11 +14,11 @@ export default async ({ server }: { server: Server }) => {
|
||||
conn.close('404');
|
||||
}
|
||||
|
||||
const data = await fs.readFile(config.authConfigFile, 'utf8');
|
||||
const authInfo = await shareStore.getAuthInfo();
|
||||
const platform = getPlatform(conn.headers['user-agent'] || '') || 'desktop';
|
||||
const headerToken = conn.url.replace(`${conn.pathname}?token=`, '');
|
||||
if (data) {
|
||||
const { token = '', tokens = {} } = safeJSONParse(data);
|
||||
if (authInfo) {
|
||||
const { token = '', tokens = {} } = authInfo;
|
||||
if (headerToken === token || tokens[platform] === headerToken) {
|
||||
sockService.addClient(conn);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user