Andreas/siyuan
1
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2025-12-16 22:50:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

🎨 改进多工作空间鉴权

Browse source
This commit is contained in:
Liang Ding 2023-01-10 22:25:02 +08:00
parent 59bd919b0c
commit 4e9e111ee7
No known key found for this signature in database
GPG key ID: 136F30F901A2231D
4 changed files with 33 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

3
kernel/api/system.go
View file

@ -208,7 +208,8 @@ func setAccessAuthCode(c *gin.Context) {
model.Conf.Save() model.Conf.Save()
session := util.GetSession(c) session := util.GetSession(c)
session.AccessAuthCode = aac workspaceSession := util.GetWorkspaceSession(session)
workspaceSession.AccessAuthCode = aac
session.Save(c) session.Save(c)
go func() { go func() {
time.Sleep(200 * time.Millisecond) time.Sleep(200 * time.Millisecond)

17
kernel/model/session.go
View file

@ -63,6 +63,7 @@ func LoginAuth(c *gin.Context) {
var inputCaptcha string var inputCaptcha string
session := util.GetSession(c) session := util.GetSession(c)
workspaceSession := util.GetWorkspaceSession(session)
if util.NeedCaptcha() { if util.NeedCaptcha() {
captchaArg := arg["captcha"] captchaArg := arg["captcha"]
if nil == captchaArg { if nil == captchaArg {
@ -77,7 +78,7 @@ func LoginAuth(c *gin.Context) {
return return
} }
if strings.ToLower(session.Captcha) != strings.ToLower(inputCaptcha) { if strings.ToLower(workspaceSession.Captcha) != strings.ToLower(inputCaptcha) {
ret.Code = 1 ret.Code = 1
ret.Msg = Conf.Language(22) ret.Msg = Conf.Language(22)
return return
@ -90,7 +91,7 @@ func LoginAuth(c *gin.Context) {
ret.Msg = Conf.Language(83) ret.Msg = Conf.Language(83)
util.WrongAuthCount++ util.WrongAuthCount++
session.Captcha = gulu.Rand.String(7) workspaceSession.Captcha = gulu.Rand.String(7)
if util.NeedCaptcha() { if util.NeedCaptcha() {
ret.Code = 1 // 需要渲染验证码 ret.Code = 1 // 需要渲染验证码
} }
@ -103,9 +104,9 @@ func LoginAuth(c *gin.Context) {
return return
} }
session.AccessAuthCode = authCode workspaceSession.AccessAuthCode = authCode
util.WrongAuthCount = 0 util.WrongAuthCount = 0
session.Captcha = gulu.Rand.String(7) workspaceSession.Captcha = gulu.Rand.String(7)
if err := session.Save(c); nil != err { if err := session.Save(c); nil != err {
logging.LogErrorf("save session failed: " + err.Error()) logging.LogErrorf("save session failed: " + err.Error())
c.Status(500) c.Status(500)
@ -126,7 +127,8 @@ func GetCaptcha(c *gin.Context) {
} }
session := util.GetSession(c) session := util.GetSession(c)
session.Captcha = img.Text workspaceSession := util.GetWorkspaceSession(session)
workspaceSession.Captcha = img.Text
if err = session.Save(c); nil != err { if err = session.Save(c); nil != err {
logging.LogErrorf("save session failed: " + err.Error()) logging.LogErrorf("save session failed: " + err.Error())
c.Status(500) c.Status(500)
@ -186,7 +188,8 @@ func CheckAuth(c *gin.Context) {
// 通过 Cookie // 通过 Cookie
session := util.GetSession(c) session := util.GetSession(c)
if session.AccessAuthCode == Conf.AccessAuthCode { workspaceSession := util.GetWorkspaceSession(session)
if workspaceSession.AccessAuthCode == Conf.AccessAuthCode {
c.Next() c.Next()
return return
} }
@ -211,7 +214,7 @@ func CheckAuth(c *gin.Context) {
return return
} }
if session.AccessAuthCode != Conf.AccessAuthCode { if workspaceSession.AccessAuthCode != Conf.AccessAuthCode {
userAgentHeader := c.GetHeader("User-Agent") userAgentHeader := c.GetHeader("User-Agent")
if strings.HasPrefix(userAgentHeader, "SiYuan/") || strings.HasPrefix(userAgentHeader, "Mozilla/") { if strings.HasPrefix(userAgentHeader, "SiYuan/") || strings.HasPrefix(userAgentHeader, "Mozilla/") {
if "GET" != c.Request.Method { if "GET" != c.Request.Method {

7
kernel/server/serve.go
View file

@ -364,13 +364,14 @@ func serveWebSocket(ginServer *gin.Engine) {
if nil == val { if nil == val {
authOk = false authOk = false
} else { } else {
sess := map[string]interface{}{} sess := &util.SessionData{}
err = gulu.JSON.UnmarshalJSON([]byte(val.(string)), &sess) err = gulu.JSON.UnmarshalJSON([]byte(val.(string)), sess)
if nil != err { if nil != err {
authOk = false authOk = false
logging.LogErrorf("unmarshal cookie failed: %s", err) logging.LogErrorf("unmarshal cookie failed: %s", err)
} else { } else {
authOk = sess["AccessAuthCode"].(string) == model.Conf.AccessAuthCode workspaceSess := util.GetWorkspaceSession(sess)
authOk = workspaceSess.AccessAuthCode == model.Conf.AccessAuthCode
} }
} }
} }

17
kernel/util/session.go
View file

@ -30,6 +30,10 @@ func NeedCaptcha() bool {
// SessionData represents the session. // SessionData represents the session.
type SessionData struct { type SessionData struct {
Workspaces map[string]*WorkspaceSession // <WorkspacePath, WorkspaceSession>
}
type WorkspaceSession struct {
AccessAuthCode string AccessAuthCode string
Captcha string Captcha string
} }
@ -63,3 +67,16 @@ func GetSession(c *gin.Context) *SessionData {
c.Set("session", ret) c.Set("session", ret)
return ret return ret
} }
func GetWorkspaceSession(session *SessionData) (ret *WorkspaceSession) {
ret = &WorkspaceSession{}
if nil == session.Workspaces {
session.Workspaces = map[string]*WorkspaceSession{}
}
ret = session.Workspaces[WorkspaceDir]
if nil == ret {
ret = &WorkspaceSession{}
session.Workspaces[WorkspaceDir] = ret
}
return
}