1Panel-dev/1Panel
1
1
Fork 0
mirror of https://github.com/1Panel-dev/1Panel.git synced 2026-01-04 22:25:04 +08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: 增加 session、加密、等设置

Browse source
This commit is contained in:
ssongliu 2022-08-08 22:59:30 +08:00
parent 88d741df20
commit 1632a58792
46 changed files with 706 additions and 414 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
backend/app.yaml
View file

@ -1,32 +1,45 @@
system:
port: 9999
db_type: 'mysql'
db_type: mysql
jwt:
signing_key: "1panelKey"
header_name: Authorization
signing_key: 1panelKey
expires_time: 604800 #过期时间
# buffer_time: 86400 #缓冲时间 缓冲时间内会获取新的token刷新令牌
issuer: "1Panel"
buffer_time: 86400 #缓冲时间 缓冲时间内会获取新的token刷新令牌
issuer: 1Panel
session:
session_key: 1panel-session
session_name: psession
expires_time: 604800
captcha:
enable: true
source: "1234567890QWERTYUIOPLKJHGFDSAZXCVBNMqwertyuioplkjhgfdsazxcvbnm"
length: 4
noise-count: 0
img-width: 120
img-height: 50
mysql:
path: 'localhost'
port: '3306'
db_name: '1Panel'
username: 'root'
password: 'KubeOperator123@mysql'
path: localhost
port: 3306
db_name: 1Panel
username: root
password: KubeOperator123@mysql
max_idle_conns: 10
max_open_conns: 100
sqlite:
path: "/opt/1Panel/data/db"
db_file: "1Panel.db"
path: /opt/1Panel/data/db
db_file: 1Panel.db
log:
level: "info"
path: "/opt/1Panel/log"
log_name: "1Panel"
log_suffix: ".log"
level: info
path: /opt/1Panel/log
log_name: 1Panel
log_suffix: .log
log_size: 50 #日志文件大小,单位是 MB
log_backup: 10 #最大过期日志保留个数
log_data: 7 #保留过期文件最大时间,单位 天
@ -44,4 +57,8 @@ cors:
allow-headers: content-type
allow-methods: GET, POST
expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
allow-credentials: true # 布尔值
allow-credentials: true # 布尔值
# 加密设置
encrypt:
key: 1Panel123@2022!

51
backend/app/api/v1/helper/helper.go Normal file
View file

@ -0,0 +1,51 @@
package helper
import (
"net/http"
"strconv"
"github.com/1Panel-dev/1Panel/app/dto"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/i18n"
"github.com/gin-gonic/gin"
)
func GeneratePaginationFromReq(c *gin.Context) (dto.PageInfo, bool) {
p, ok1 := c.GetQuery("page")
ps, ok2 := c.GetQuery("pageSize")
if !(ok1 && ok2) {
return dto.PageInfo{Page: 1, PageSize: 10}, false
}
page, err := strconv.Atoi(p)
if err != nil {
return dto.PageInfo{Page: 1, PageSize: 10}, false
}
pageSize, err := strconv.Atoi(ps)
if err != nil {
return dto.PageInfo{Page: 1, PageSize: 10}, false
}
return dto.PageInfo{Page: page, PageSize: pageSize}, false
}
func ErrorWithDetail(ctx *gin.Context, code int, msgKey string, err error) {
res := dto.Response{
Code: code,
Msg: i18n.GetMsgWithMap(msgKey, map[string]interface{}{"detail": err}),
}
ctx.JSON(http.StatusOK, res)
ctx.Abort()
}
func SuccessWithData(ctx *gin.Context, data interface{}) {
if data == nil {
data = gin.H{}
}
res := dto.Response{
Code: constant.CodeSuccess,
Data: data,
}
ctx.JSON(http.StatusOK, res)
ctx.Abort()
}

124
backend/app/api/v1/user.go
View file

@ -1,67 +1,80 @@
package v1
import (
"github.com/1Panel-dev/1Panel/constant/errres"
"strconv"
"errors"
"github.com/1Panel-dev/1Panel/app/api/v1/helper"
"github.com/1Panel-dev/1Panel/app/dto"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/global"
"github.com/1Panel-dev/1Panel/utils/captcha"
"github.com/gin-gonic/gin"
)
type BaseApi struct{}
func (b *BaseApi) Login(c *gin.Context) {
var req dto.Login
if err := c.ShouldBindJSON(&req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqBody, err)
return
}
if err := global.VALID.Struct(req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamValid, err)
return
}
if err := captcha.VerifyCode(req.CaptchaID, req.Captcha); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqBody, errors.New("captcha code error"))
return
}
user, err := userService.Login(c, req)
if err != nil {
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
helper.SuccessWithData(c, user)
}
func (b *BaseApi) Captcha(c *gin.Context) {
captcha, err := captcha.CreateCaptcha()
if err != nil {
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
}
helper.SuccessWithData(c, captcha)
}
func (b *BaseApi) Register(c *gin.Context) {
var req dto.UserCreate
_ = c.ShouldBindJSON(&req)
res := dto.NewResult(c)
if err := global.Validator.Struct(req); err != nil {
res.ErrorWithDetail(errres.InvalidParam, err.Error())
if err := c.ShouldBindJSON(&req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqBody, err)
return
}
if err := global.VALID.Struct(req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamValid, err)
return
}
if err := userService.Register(req); err != nil {
dto.NewResult(c).ErrorCode(500, err.Error())
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
res.Success()
helper.SuccessWithData(c, nil)
}
func (b *BaseApi) GetUserList(c *gin.Context) {
// 这里到时候一起拦截一下
p, ok1 := c.GetQuery("page")
ps, ok2 := c.GetQuery("pageSize")
res := dto.NewResult(c)
if !(ok1 && ok2) {
res.Error(errres.InvalidParam)
return
}
page, err := strconv.Atoi(p)
if err != nil {
global.Logger.Error("获取失败!", err)
dto.NewResult(c).ErrorCode(500, err.Error())
return
}
pageSize, err := strconv.Atoi(ps)
if err != nil {
global.Logger.Error("获取失败!", err)
dto.NewResult(c).ErrorCode(500, err.Error())
pagenation, isOK := helper.GeneratePaginationFromReq(c)
if !isOK {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqQuery, constant.ErrPageParam)
return
}
total, list, err := userService.Page(page, pageSize)
total, list, err := userService.Page(pagenation.Page, pagenation.PageSize)
if err != nil {
global.Logger.Error("获取失败!", err)
dto.NewResult(c).ErrorCode(500, err.Error())
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
res.SuccessWithData(dto.PageResult{
helper.SuccessWithData(c, dto.PageResult{
Items: list,
Total: total,
})
@ -69,54 +82,53 @@ func (b *BaseApi) GetUserList(c *gin.Context) {
func (b *BaseApi) DeleteUser(c *gin.Context) {
var req dto.OperationWithName
_ = c.ShouldBindJSON(&req)
res := dto.NewResult(c)
if err := c.ShouldBindJSON(&req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqBody, err)
return
}
if err := global.VALID.Struct(req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamValid, err)
return
}
if err := global.Validator.Struct(req); err != nil {
res.Error(errres.InvalidParam)
return
}
if err := userService.Delete(req.Name); err != nil {
global.Logger.Error("删除失败!", err)
dto.NewResult(c).ErrorCode(500, err.Error())
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
dto.NewResult(c).Success()
helper.SuccessWithData(c, nil)
}
func (b *BaseApi) UpdateUser(c *gin.Context) {
var req dto.UserUpdate
_ = c.ShouldBindJSON(&req)
res := dto.NewResult(c)
if err := global.Validator.Struct(req); err != nil {
res.Error(errres.InvalidParam)
if err := c.ShouldBindJSON(&req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqBody, err)
return
}
if err := global.VALID.Struct(req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamValid, err)
return
}
upMap := make(map[string]interface{})
upMap["email"] = req.Email
if err := userService.Update(upMap); err != nil {
global.Logger.Error("更新失败!", err)
dto.NewResult(c).ErrorCode(500, err.Error())
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
dto.NewResult(c).Success()
helper.SuccessWithData(c, nil)
}
func (b *BaseApi) GetUserInfo(c *gin.Context) {
name, ok := c.Params.Get("name")
res := dto.NewResult(c)
if !ok {
res.Error(errres.InvalidParam)
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeParamInReqQuery, errors.New("error name"))
return
}
user, err := userService.Get(name)
if err != nil {
global.Logger.Error("更新失败!", err)
dto.NewResult(c).ErrorCode(500, err.Error())
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
dto.NewResult(c).SuccessWithData(user)
helper.SuccessWithData(c, user)
}

8
backend/app/dto/common_req.go
View file

@ -13,3 +13,11 @@ type OperationWithNameAndType struct {
Name string `json:"name" validate:"required"`
Type string `json:"type" validate:"required"`
}
type Login struct {
Name string `json:"name" validate:"name,required"`
Password string `json:"password" validate:"required"`
Captcha string `json:"captcha"`
CaptchaID string `json:"captchaID"`
AuthMethod string `json:"authMethod"`
}

76
backend/app/dto/common_res.go
View file

@ -1,82 +1,12 @@
package dto
import (
"github.com/1Panel-dev/1Panel/i18n"
"net/http"
"github.com/gin-gonic/gin"
)
type PageResult struct {
Total int64 `json:"total"`
Items interface{} `json:"items"`
}
type ResDef struct {
Code int
MsgID string
}
type Response struct {
Code int `json:"code"` //提示代码
Msg string `json:"msg"` //提示信息
Data interface{} `json:"data"` //出错
}
type Result struct {
Ctx *gin.Context
}
func NewResult(ctx *gin.Context) *Result {
return &Result{Ctx: ctx}
}
func NewError(code int, msg string) ResDef {
return ResDef{
Code: code,
MsgID: msg,
}
}
func (r *Result) Success() {
r.Ctx.JSON(http.StatusOK, map[string]interface{}{})
r.Ctx.Abort()
}
func (r *Result) Error(re ResDef) {
res := Response{
Code: re.Code,
Msg: i18n.GetMsg(re.MsgID),
}
r.Ctx.JSON(http.StatusOK, res)
r.Ctx.Abort()
}
func (r *Result) ErrorWithDetail(re ResDef, err string) {
res := Response{
Code: re.Code,
Msg: i18n.GetMsgWithMap(re.MsgID, map[string]interface{}{"detail": err}),
}
r.Ctx.JSON(http.StatusOK, res)
r.Ctx.Abort()
}
func (r *Result) SuccessWithData(data interface{}) {
if data == nil {
data = gin.H{}
}
res := Response{}
res.Code = 0
res.Msg = ""
res.Data = data
r.Ctx.JSON(http.StatusOK, res)
}
func (r *Result) ErrorCode(code int, msg string) {
res := Response{}
res.Code = code
res.Msg = msg
res.Data = gin.H{}
r.Ctx.JSON(http.StatusOK, res)
r.Ctx.Abort()
Code int `json:"code"`
Msg string `json:"msg"`
Data interface{} `json:"data"`
}

13
backend/app/dto/jwt.go
View file

@ -1,13 +0,0 @@
package dto
import "github.com/golang-jwt/jwt/v4"
type JwtRequest struct {
BaseClaims
BufferTime int64
jwt.RegisteredClaims
}
type BaseClaims struct {
Username string
}

16
backend/app/dto/user.go
View file

@ -2,8 +2,6 @@ package dto
import (
"time"
"github.com/1Panel-dev/1Panel/app/model"
)
type UserCreate struct {
@ -12,6 +10,11 @@ type UserCreate struct {
Email string `json:"email" validate:"required,email"`
}
type CaptchaResponse struct {
CaptchaID string `json:"captchaID"`
ImagePath string `json:"imagePath"`
}
type UserUpdate struct {
Email string `json:"email" validate:"required,email"`
}
@ -22,10 +25,7 @@ type UserBack struct {
CreatedAt time.Time `json:"createdAt"`
}
func (u UserCreate) UserCreateToMo() model.User {
return model.User{
Name: u.Name,
Password: u.Password,
Email: u.Email,
}
type UserLoginInfo struct {
Name string `json:"name"`
Token string `json:"token"`
}

0
backend/app/model/log.go → backend/app/model/operate_log.go
View file

74
backend/app/service/user.go
View file

@ -5,7 +5,12 @@ import (
"github.com/1Panel-dev/1Panel/app/dto"
"github.com/1Panel-dev/1Panel/app/model"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/global"
"github.com/1Panel-dev/1Panel/utils/encrypt"
"github.com/1Panel-dev/1Panel/utils/jwt"
"github.com/gin-gonic/gin"
"github.com/jinzhu/copier"
"gorm.io/gorm"
)
@ -16,7 +21,7 @@ type IUserService interface {
Get(name string) (*dto.UserBack, error)
Page(page, size int) (int64, interface{}, error)
Register(userDto dto.UserCreate) error
Login(info *model.User) (*dto.UserBack, error)
Login(c *gin.Context, info dto.Login) (*dto.UserLoginInfo, error)
Delete(name string) error
Save(req model.User) error
Update(upMap map[string]interface{}) error
@ -31,49 +36,76 @@ func (u *UserService) Get(name string) (*dto.UserBack, error) {
if err != nil {
return nil, err
}
dtoUser := &dto.UserBack{
Name: user.Name,
Email: user.Email,
CreatedAt: user.CreatedAt,
var dtoUser dto.UserBack
if err := copier.Copy(&dtoUser, &user); err != nil {
return nil, constant.ErrCopyTransform
}
return dtoUser, nil
return &dtoUser, err
}
func (u *UserService) Page(page, size int) (int64, interface{}, error) {
total, users, err := userRepo.Page(page, size)
var dtoUsers []dto.UserBack
for _, user := range users {
dtoUsers = append(dtoUsers, dto.UserBack{
Name: user.Name,
Email: user.Email,
CreatedAt: user.CreatedAt,
})
var item dto.UserBack
if err := copier.Copy(&item, &user); err != nil {
return 0, nil, constant.ErrCopyTransform
}
dtoUsers = append(dtoUsers, item)
}
return total, dtoUsers, err
}
func (u *UserService) Register(userDto dto.UserCreate) error {
user := userDto.UserCreateToMo()
var user model.User
if err := copier.Copy(&user, &userDto); err != nil {
return constant.ErrCopyTransform
}
if !errors.Is(global.DB.Where("name = ?", user.Name).First(&user).Error, gorm.ErrRecordNotFound) {
return errors.New("用户名已注册")
return constant.ErrRecordExist
}
return userRepo.Create(&user)
}
func (u *UserService) Login(info *model.User) (*dto.UserBack, error) {
func (u *UserService) Login(c *gin.Context, info dto.Login) (*dto.UserLoginInfo, error) {
user, err := userRepo.Get(commonRepo.WithByName(info.Name))
if err != nil {
return nil, err
}
if user.Password != info.Password {
return nil, errors.New("登录失败")
pass, err := encrypt.StringDecrypt(user.Password)
if err != nil {
return nil, err
}
dtoUser := &dto.UserBack{
Name: user.Name,
Email: user.Email,
CreatedAt: user.CreatedAt,
if info.Password != pass {
return nil, errors.New("login failed")
}
return dtoUser, err
if info.AuthMethod == constant.AuthMethodJWT {
j := jwt.NewJWT()
claims := j.CreateClaims(jwt.BaseClaims{
ID: user.ID,
Name: user.Name,
})
token, err := j.CreateToken(claims)
if err != nil {
return nil, err
}
return &dto.UserLoginInfo{Name: user.Name, Token: token}, err
}
sID, _ := c.Cookie(global.CONF.Session.SessionName)
if sID != "" {
c.SetCookie(global.CONF.Session.SessionName, "", -1, "", "", false, false)
}
session, err := global.SESSION.New(c.Request, global.CONF.Session.SessionName)
if err != nil {
return nil, err
}
session.Values[global.CONF.Session.SessionUserKey] = user
if err := global.SESSION.Save(c.Request, c.Writer, session); err != nil {
return nil, err
}
return &dto.UserLoginInfo{Name: user.Name}, err
}
func (u *UserService) Delete(name string) error {

10
backend/configs/captcha.go Normal file
View file

@ -0,0 +1,10 @@
package configs
type Captcha struct {
Enable bool `mapstructure:"enable" json:"enable" yaml:"enable"`
Source string `mapstructure:"source" json:"source" yaml:"source"`
Length int `mapstructure:"length" json:"length" yaml:"length"`
NoiseCount int `mapstructure:"noise-count" json:"noise-count" yaml:"noise-count"`
ImgWidth int `mapstructure:"img-width" json:"img-width" yaml:"img-width"`
ImgHeight int `mapstructure:"img-height" json:"img-height" yaml:"img-height"`
}

3
backend/configs/config.go
View file

@ -6,5 +6,8 @@ type ServerConfig struct {
System System `mapstructure:"system"`
LogConfig LogConfig `mapstructure:"log"`
JWT JWT `mapstructure:"jwt"`
Session Session `mapstructure:"session"`
CORS CORS `mapstructure:"cors"`
Captcha Captcha `mapstructure:"captcha"`
Encrypt Encrypt `mapstructure:"encrypt"`
}

5
backend/configs/encrypt.go Normal file
View file

@ -0,0 +1,5 @@
package configs
type Encrypt struct {
Key string `mapstructure:"key" json:"key" yaml:"key"`
}

7
backend/configs/jwt.go
View file

@ -1,8 +1,9 @@
package configs
type JWT struct {
SigningKey string `mapstructure:"signing_key"` // jwt签名
ExpiresTime int64 `mapstructure:"expires_time"` // 过期时间
BufferTime int64 `mapstructure:"buffer_time"` // 缓冲时间
HeaderName string `mapstructure:"header_name"`
SigningKey string `mapstructure:"signing_key"`
ExpiresTime int64 `mapstructure:"expires_time"`
BufferTime int64 `mapstructure:"buffer_time"`
Issuer string `mapstructure:"issuer"`
}

8
backend/configs/session.go Normal file
View file

@ -0,0 +1,8 @@
package configs
type Session struct {
SessionKey string `mapstructure:"session_key"`
SessionUserKey string `mapstructure:"session_user_key"`
SessionName string `mapstructure:"session_name"`
ExpiresTime int `mapstructure:"expires_time"`
}

30
backend/constant/errres/errs.go
View file

@ -1,30 +0,0 @@
package errres
import (
"errors"
"github.com/1Panel-dev/1Panel/app/dto"
)
const (
Success = 0
Error = 500
InvalidParams = 400
InvalidCommon = 10000
InvalidJwtExpired = 10001
InvalidJwtNotFound = 10002
)
var (
OK = dto.NewError(Success, "Ok")
InvalidParam = dto.NewError(InvalidParams, "InvalidParams")
JwtExpired = dto.NewError(InvalidJwtExpired, "JwtExpired")
JwtNotFound = dto.NewError(InvalidJwtNotFound, "JwtNotFound")
)
var (
TokenExpired = errors.New("token is expired")
TokenNotValidYet = errors.New("token not active yet")
TokenMalformed = errors.New("that's not even a token")
TokenInvalid = errors.New("couldn't handle this token")
)

37
backend/constant/errs.go Normal file
View file

@ -0,0 +1,37 @@
package constant
import (
"errors"
)
const (
CodeSuccess = 200
CodeErrBadRequest = 400
CodeErrUnauthorized = 401
CodeErrForbidden = 403
CodeErrNotFound = 404
CodeErrInternalServer = 500
CodeErrHeader = 406
)
var (
ErrTypeToken = "ErrToken"
ErrTypeTokenExpired = "ErrTokenExpired"
ErrTypeParamInReqBody = "ErrParamInReqBody"
ErrTypeParamInReqQuery = "ErrParamInReqQuery"
ErrTypeInternalServer = "ErrInternalServer"
ErrTypeParamValid = "ErrParamValid"
)
var (
ErrTokenExpired = errors.New("token is expired")
ErrTokenNotValidYet = errors.New("token not active yet")
ErrTokenMalformed = errors.New("that's not even a token")
ErrTokenInvalid = errors.New("couldn't handle this token")
ErrCaptchaCode = errors.New("captcha code error")
ErrPageParam = errors.New("paging parameter error")
ErrRecordExist = errors.New("record already exists")
ErrCopyTransform = errors.New("type conversion failure")
)

6
backend/constant/session.go Normal file
View file

@ -0,0 +1,6 @@
package constant
const (
AuthMethodSession = "session"
AuthMethodJWT = "jwt"
)

10
backend/global/global.go
View file

@ -3,13 +3,15 @@ package global
import (
"github.com/1Panel-dev/1Panel/configs"
"github.com/go-playground/validator/v10"
"github.com/gorilla/sessions"
"github.com/sirupsen/logrus"
"gorm.io/gorm"
)
var (
DB *gorm.DB
Logger *logrus.Logger
Config configs.ServerConfig
Validator *validator.Validate
DB *gorm.DB
LOG *logrus.Logger
CONF configs.ServerConfig
VALID *validator.Validate
SESSION *sessions.CookieStore
)

9
backend/go.mod
View file

@ -10,8 +10,12 @@ require (
github.com/go-gormigrate/gormigrate/v2 v2.0.2
github.com/go-playground/validator/v10 v10.11.0
github.com/golang-jwt/jwt/v4 v4.4.2
github.com/gorilla/securecookie v1.1.1
github.com/gorilla/sessions v1.2.1
github.com/jinzhu/copier v0.3.5
github.com/mojocn/base64Captcha v1.3.5
github.com/natefinch/lumberjack v2.0.0+incompatible
github.com/nicksnyder/go-i18n/v2 v2.1.2
github.com/pelletier/go-toml/v2 v2.0.2
github.com/pkg/errors v0.9.1
github.com/sirupsen/logrus v1.9.0
@ -38,6 +42,7 @@ require (
github.com/go-playground/universal-translator v0.18.0 // indirect
github.com/go-sql-driver/mysql v1.6.0 // indirect
github.com/goccy/go-json v0.9.7 // indirect
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.5 // indirect
@ -47,11 +52,10 @@ require (
github.com/magiconair/properties v1.8.6 // indirect
github.com/mailru/easyjson v0.7.6 // indirect
github.com/mattn/go-isatty v0.0.14 // indirect
github.com/mattn/go-sqlite3 v1.14.12 // indirect
github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/nicksnyder/go-i18n/v2 v2.1.2 // indirect
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/spf13/afero v1.8.2 // indirect
github.com/spf13/cast v1.5.0 // indirect
@ -60,6 +64,7 @@ require (
github.com/subosito/gotenv v1.3.0 // indirect
github.com/ugorji/go/codec v1.2.7 // indirect
golang.org/x/crypto v0.0.0-20220411220226-7b82a4e95df4 // indirect
golang.org/x/image v0.0.0-20190802002840-cff245a6509b // indirect
golang.org/x/net v0.0.0-20220520000938-2e3eb7b945c2 // indirect
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
golang.org/x/tools v0.1.10 // indirect

13
backend/go.sum
View file

@ -116,6 +116,8 @@ github.com/golang-jwt/jwt/v4 v4.4.2 h1:rcc4lwaZgFMCZ5jxF9ABolDcIHdBytAFgqFPbSJQA
github.com/golang-jwt/jwt/v4 v4.4.2/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
github.com/golang-sql/sqlexp v0.0.0-20170517235910-f1bb20e5a188 h1:+eHOFJl1BaXrQxKX+T06f78590z4qA2ZzBTqahsKSE4=
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0 h1:DACJavvAHhabrF08vX0COfcOBJRhZ8lUbR+ZWIs0Y5g=
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
@ -175,6 +177,10 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+
github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk=
github.com/googleapis/google-cloud-go-testing v0.0.0-20200911160855-bcd43fbb19e8/go.mod h1:dvDLG8qkwmyD9a/MJJN3XJcT3xFxOKAvTZGvuZmac9g=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
github.com/gorilla/securecookie v1.1.1 h1:miw7JPhV+b/lAHSXz4qd/nN9jRiAFV5FwjeKyCS8BvQ=
github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
github.com/gorilla/sessions v1.2.1 h1:DHd3rPN5lE3Ts3D8rKkQ8x/0kqfeNmBAaiSi+o7FsgI=
github.com/gorilla/sessions v1.2.1/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@ -227,8 +233,9 @@ github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJ
github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
github.com/mattn/go-isatty v0.0.14 h1:yVuAays6BHfxijgZPzw+3Zlu5yQgKGP2/hcQbHb7S9Y=
github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
github.com/mattn/go-sqlite3 v1.14.12 h1:TJ1bhYJPV44phC+IMu1u2K/i5RriLTPe+yc68XDJ1Z0=
github.com/mattn/go-sqlite3 v1.14.12/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJKjyR5WD3HYQSd+U=
github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@ -237,6 +244,8 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/mojocn/base64Captcha v1.3.5 h1:Qeilr7Ta6eDtG4S+tQuZ5+hO+QHbiGAJdi4PfoagaA0=
github.com/mojocn/base64Captcha v1.3.5/go.mod h1:/tTTXn4WTpX9CfrmipqRytCpJ27Uw3G6I7NcP2WwcmY=
github.com/natefinch/lumberjack v2.0.0+incompatible h1:4QJd3OLAMgj7ph+yZTuX13Ld4UpgHp07nNdFX7mqFfM=
github.com/natefinch/lumberjack v2.0.0+incompatible/go.mod h1:Wi9p2TTF5DG5oU+6YfsmYQpsTIOm0B1VNzQg9Mw6nPk=
github.com/nicksnyder/go-i18n/v2 v2.1.2 h1:QHYxcUJnGHBaq7XbvgunmZ2Pn0focXFqTD61CkH146c=
@ -340,6 +349,8 @@ golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u0
golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM=
golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190501045829-6d32002ffd75/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=

18
backend/i18n/i18n.go
View file

@ -2,6 +2,7 @@ package i18n
import (
"embed"
ginI18n "github.com/gin-contrib/i18n"
"github.com/gin-gonic/gin"
"github.com/nicksnyder/go-i18n/v2/i18n"
@ -34,14 +35,15 @@ func GetMsgWithMap(msg string, maps map[string]interface{}) string {
var fs embed.FS
func GinI18nLocalize() gin.HandlerFunc {
return ginI18n.Localize(ginI18n.WithBundle(&ginI18n.BundleCfg{
RootPath: "./lang",
AcceptLanguage: []language.Tag{language.Chinese, language.English},
DefaultLanguage: language.Chinese,
FormatBundleFile: "toml",
UnmarshalFunc: toml.Unmarshal,
Loader: &ginI18n.EmbedLoader{FS: fs},
}),
return ginI18n.Localize(
ginI18n.WithBundle(&ginI18n.BundleCfg{
RootPath: "./lang",
AcceptLanguage: []language.Tag{language.Chinese, language.English},
DefaultLanguage: language.Chinese,
FormatBundleFile: "toml",
UnmarshalFunc: toml.Unmarshal,
Loader: &ginI18n.EmbedLoader{FS: fs},
}),
ginI18n.WithGetLngHandle(
func(context *gin.Context, defaultLng string) string {
lng := context.GetHeader("Accept-Language")

9
backend/i18n/lang/zh.toml
View file

@ -1,3 +1,8 @@
#common
InvalidParams = "参数错误: {.detail}"
JwtNotFound = "需要jwt校验"
ErrInvalidParams = "请求参数错误: {.detail}"
ErrTokenTimeOut = "登陆信息已过期: {.detail}"
ErrCaptchaCode = "错误的验证码信息"
ErrRecordExist = "记录已存在: {.detail}"
ErrRecordNotFound = "记录未能找到: {.detail}"
ErrStructTransform = "类型转换失败: {.detail}"
ErrInternalServer = "服务内部错误: {.detail}"

2
backend/init/db/db.go
View file

@ -3,7 +3,7 @@ package db
import "github.com/1Panel-dev/1Panel/global"
func Init() {
switch global.Config.System.DbType {
switch global.CONF.System.DbType {
case "mysql":
global.DB = MysqlGorm()
case "sqlite":

2
backend/init/db/mysql.go
View file

@ -8,7 +8,7 @@ import (
)
func MysqlGorm() *gorm.DB {
m := global.Config.Mysql
m := global.CONF.Mysql
if m.Dbname == "" {
return nil
}

2
backend/init/db/sqlite.go
View file

@ -8,7 +8,7 @@ import (
)
func SqliteGorm() *gorm.DB {
s := global.Config.Sqlite
s := global.CONF.Sqlite
if db, err := gorm.Open(sqlite.Open(s.Dsn()), &gorm.Config{}); err != nil {
panic(err)
} else {

4
backend/init/log/log.go
View file

@ -12,8 +12,8 @@ import (
func Init() {
l := logrus.New()
setOutput(l, global.Config.LogConfig)
global.Logger = l
setOutput(l, global.CONF.LogConfig)
global.LOG = l
}
func setOutput(log *logrus.Logger, config configs.LogConfig) {

4
backend/init/migration/migrate.go
View file

@ -13,8 +13,8 @@ func Init() {
migrations.AddData,
})
if err := m.Migrate(); err != nil {
global.Logger.Error(err)
global.LOG.Error(err)
panic(err)
}
global.Logger.Infof("Migration did run successfully")
global.LOG.Infof("Migration did run successfully")
}

3
backend/init/router/router.go
View file

@ -1,6 +1,8 @@
package router
import (
"html/template"
"github.com/1Panel-dev/1Panel/docs"
"github.com/1Panel-dev/1Panel/i18n"
"github.com/1Panel-dev/1Panel/middleware"
@ -9,7 +11,6 @@ import (
"github.com/gin-gonic/gin"
swaggerfiles "github.com/swaggo/files"
ginSwagger "github.com/swaggo/gin-swagger"
"html/template"
)
func Routers() *gin.Engine {

18
backend/init/session/session.go Normal file
View file

@ -0,0 +1,18 @@
package session
import (
"github.com/1Panel-dev/1Panel/global"
"github.com/gorilla/securecookie"
"github.com/gorilla/sessions"
)
func Init() {
cs := &sessions.CookieStore{
Codecs: securecookie.CodecsFromPairs([]byte(global.CONF.Session.SessionKey)),
Options: &sessions.Options{
Path: "/",
MaxAge: global.CONF.Session.ExpiresTime,
},
}
global.SESSION = cs
}

6
backend/init/validator/validator.go
View file

@ -20,14 +20,14 @@ func Init() {
if err := validator.RegisterValidation("password", checkPasswordPattern); err != nil {
panic(err)
}
global.Validator = validator
global.VALID = validator
}
func checkNamePattern(fl validator.FieldLevel) bool {
value := fl.Field().String()
result, err := regexp.MatchString("^[a-zA-Z\u4e00-\u9fa5]{1}[a-zA-Z0-9_\u4e00-\u9fa5]{0,30}$", value)
if err != nil {
global.Logger.Errorf("regexp matchString failed, %v", err)
global.LOG.Errorf("regexp matchString failed, %v", err)
}
return result
}
@ -36,7 +36,7 @@ func checkIpPattern(fl validator.FieldLevel) bool {
value := fl.Field().String()
result, err := regexp.MatchString(`^((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})(\.((2(5[0-5]|[0-4]\d))|[0-1]?\d{1,2})){3}$`, value)
if err != nil {
global.Logger.Errorf("regexp check ip matchString failed, %v", err)
global.LOG.Errorf("regexp check ip matchString failed, %v", err)
}
return result
}

4
backend/init/viper/viper.go
View file

@ -21,7 +21,7 @@ func Init() {
v.WatchConfig()
v.OnConfigChange(func(e fsnotify.Event) {
fmt.Println("config file changed:", e.Name)
if err := v.Unmarshal(&global.Config); err != nil {
if err := v.Unmarshal(&global.CONF); err != nil {
panic(err)
}
})
@ -29,5 +29,5 @@ func Init() {
if err := v.Unmarshal(&serverConfig); err != nil {
panic(err)
}
global.Config = serverConfig
global.CONF = serverConfig
}

4
backend/middleware/cors.go
View file

@ -27,7 +27,7 @@ func Cors() gin.HandlerFunc {
}
func CorsByRules() gin.HandlerFunc {
mode := global.Config.CORS.Mode
mode := global.CONF.CORS.Mode
if mode == "allow-all" {
return Cors()
}
@ -55,7 +55,7 @@ func CorsByRules() gin.HandlerFunc {
}
func checkCors(currentOrigin string) *configs.CORSWhiteList {
for _, whitelist := range global.Config.CORS.WhiteList {
for _, whitelist := range global.CONF.CORS.WhiteList {
if currentOrigin == whitelist.AllowOrigin {
return &whitelist
}

26
backend/middleware/jwt.go
View file

@ -1,38 +1,36 @@
package middleware
import (
"errors"
"time"
"github.com/1Panel-dev/1Panel/app/dto"
"github.com/1Panel-dev/1Panel/constant/errres"
"github.com/1Panel-dev/1Panel/utils"
"github.com/1Panel-dev/1Panel/app/api/v1/helper"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/global"
jwtUtils "github.com/1Panel-dev/1Panel/utils/jwt"
"github.com/golang-jwt/jwt/v4"
"github.com/gin-gonic/gin"
)
func JwtAuth() gin.HandlerFunc {
return func(c *gin.Context) {
token := c.Request.Header.Get("Authorization")
re := dto.NewResult(c)
c.Set("authMethod", "")
token := c.Request.Header.Get(global.CONF.JWT.HeaderName)
if token == "" {
re.Error(errres.JwtNotFound)
c.Next()
return
}
j := utils.NewJWT()
j := jwtUtils.NewJWT()
claims, err := j.ParseToken(token)
if err != nil {
if errors.Is(err, errres.TokenExpired) {
re.Error(errres.JwtExpired)
return
}
re.ErrorCode(errres.InvalidCommon, err.Error())
helper.ErrorWithDetail(c, constant.CodeErrUnauthorized, constant.ErrTypeToken, err)
return
}
if claims.ExpiresAt.Unix()-time.Now().Unix() < claims.BufferTime {
//TODO 续签
claims.ExpiresAt = jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(global.CONF.JWT.ExpiresTime)))
}
c.Set("claims", claims)
c.Set("authMethod", constant.AuthMethodJWT)
c.Next()
}
}

31
backend/middleware/session.go Normal file
View file

@ -0,0 +1,31 @@
package middleware
import (
"github.com/1Panel-dev/1Panel/app/api/v1/helper"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/global"
"github.com/gin-gonic/gin"
)
func SessionAuth() gin.HandlerFunc {
return func(c *gin.Context) {
if method, exist := c.Get("authMethod"); exist && method == constant.AuthMethodJWT {
c.Next()
}
sID, err := c.Cookie(global.CONF.Session.SessionName)
if err != nil {
helper.ErrorWithDetail(c, constant.CodeErrUnauthorized, constant.ErrTypeToken, nil)
return
}
sess, err := global.SESSION.Get(c.Request, sID)
if err != nil {
helper.ErrorWithDetail(c, constant.CodeErrUnauthorized, constant.ErrTypeToken, nil)
return
}
if _, ok := sess.Values[global.CONF.Session.SessionUserKey]; !ok {
helper.ErrorWithDetail(c, constant.CodeErrUnauthorized, constant.ErrTypeToken, nil)
return
}
c.Next()
}
}

2
backend/router/ro_base.go
View file

@ -12,6 +12,8 @@ func (s *BaseRouter) InitBaseRouter(Router *gin.RouterGroup) (R gin.IRoutes) {
baseApi := v1.ApiGroupApp.BaseApi
{
baseRouter.POST("login", baseApi.Login)
baseRouter.GET("captcha", baseApi.Captcha)
}
return baseRouter
}

2
backend/router/ro_user.go
View file

@ -2,6 +2,7 @@ package router
import (
v1 "github.com/1Panel-dev/1Panel/app/api/v1"
"github.com/1Panel-dev/1Panel/middleware"
"github.com/gin-gonic/gin"
)
@ -10,6 +11,7 @@ type UserRouter struct{}
func (s *UserRouter) InitUserRouter(Router *gin.RouterGroup) {
userRouter := Router.Group("users")
userRouter.Use(middleware.JwtAuth()).Use(middleware.SessionAuth())
baseApi := v1.ApiGroupApp.BaseApi
{
userRouter.POST("", baseApi.Register)

8
backend/server/server.go
View file

@ -9,6 +9,7 @@ import (
"github.com/1Panel-dev/1Panel/init/log"
"github.com/1Panel-dev/1Panel/init/migration"
"github.com/1Panel-dev/1Panel/init/router"
"github.com/1Panel-dev/1Panel/init/session"
"github.com/1Panel-dev/1Panel/init/validator"
"github.com/1Panel-dev/1Panel/init/viper"
@ -22,12 +23,13 @@ func Start() {
db.Init()
migration.Init()
validator.Init()
session.Init()
routers := router.Routers()
address := fmt.Sprintf(":%d", global.Config.System.Port)
address := fmt.Sprintf(":%d", global.CONF.System.Port)
s := initServer(address, routers)
global.Logger.Info(fmt.Sprintf("server run success on %d", global.Config.System.Port))
global.LOG.Infof("server run success on %d", global.CONF.System.Port)
if err := s.ListenAndServe(); err != nil {
global.Logger.Error(err)
global.LOG.Error(err)
panic(err)
}
}

49
backend/utils/captcha/captcha.go Normal file
View file

@ -0,0 +1,49 @@
package captcha
import (
"strings"
"github.com/1Panel-dev/1Panel/app/dto"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/global"
"github.com/mojocn/base64Captcha"
)
var store = base64Captcha.DefaultMemStore
func VerifyCode(codeID string, code string) error {
if !global.CONF.Captcha.Enable {
return nil
}
if codeID == "" {
return constant.ErrCaptchaCode
}
vv := store.Get(codeID, true)
vv = strings.TrimSpace(vv)
code = strings.TrimSpace(code)
if strings.EqualFold(vv, code) {
return nil
}
return constant.ErrCaptchaCode
}
func CreateCaptcha() (*dto.CaptchaResponse, error) {
var driverString base64Captcha.DriverString
driverString.Source = global.CONF.Captcha.Source
driverString.Width = global.CONF.Captcha.ImgWidth
driverString.Height = global.CONF.Captcha.ImgHeight
driverString.NoiseCount = global.CONF.Captcha.NoiseCount
driverString.Length = global.CONF.Captcha.Length
driverString.Fonts = []string{"wqy-microhei.ttc"}
driver := driverString.ConvertFonts()
c := base64Captcha.NewCaptcha(driver, store)
id, b64s, err := c.Generate()
if err != nil {
return nil, err
}
return &dto.CaptchaResponse{
CaptchaID: id,
ImagePath: b64s,
}, nil
}

1
backend/utils/copier/copier.go
View file

@ -6,7 +6,6 @@ import (
"github.com/pkg/errors"
)
// Copy 从一个结构体复制到另一个结构体
func Copy(to, from interface{}) error {
b, err := json.Marshal(from)
if err != nil {

20
backend/utils/cover.go
View file

@ -1,20 +0,0 @@
package utils
import (
"github.com/jinzhu/copier"
"github.com/pkg/errors"
)
func ModelToDTO(dto, model interface{}) error {
if err := copier.Copy(dto, model); err != nil {
return errors.Wrap(err, "cover to dto err")
}
return nil
}
func DTOToModel(model, dto interface{}) error {
if err := copier.Copy(dto, model); err != nil {
return errors.Wrap(err, "cover to model err")
}
return nil
}

83
backend/utils/encrypt/encrypt.go Normal file
View file

@ -0,0 +1,83 @@
package encrypt
import (
"bytes"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"fmt"
"io"
"github.com/1Panel-dev/1Panel/global"
)
func StringEncrypt(text string) (string, error) {
key := global.CONF.Encrypt.Key
pass := []byte(text)
xpass, err := aesEncryptWithSalt([]byte(key), pass)
if err == nil {
pass64 := base64.StdEncoding.EncodeToString(xpass)
return pass64, err
}
return "", err
}
func StringDecrypt(text string) (string, error) {
key := global.CONF.Encrypt.Key
bytesPass, err := base64.StdEncoding.DecodeString(text)
if err != nil {
return "", err
}
var tpass []byte
tpass, err = aesDecryptWithSalt([]byte(key), bytesPass)
if err == nil {
result := string(tpass[:])
return result, err
}
return "", err
}
func padding(plaintext []byte, blockSize int) []byte {
padding := blockSize - len(plaintext)%blockSize
padtext := bytes.Repeat([]byte{byte(padding)}, padding)
return append(plaintext, padtext...)
}
func unPadding(origData []byte) []byte {
length := len(origData)
unpadding := int(origData[length-1])
return origData[:(length - unpadding)]
}
func aesEncryptWithSalt(key, plaintext []byte) ([]byte, error) {
plaintext = padding(plaintext, aes.BlockSize)
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
ciphertext := make([]byte, aes.BlockSize+len(plaintext))
iv := ciphertext[0:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
cbc := cipher.NewCBCEncrypter(block, iv)
cbc.CryptBlocks(ciphertext[aes.BlockSize:], plaintext)
return ciphertext, nil
}
func aesDecryptWithSalt(key, ciphertext []byte) ([]byte, error) {
var block cipher.Block
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
if len(ciphertext) < aes.BlockSize {
return nil, fmt.Errorf("iciphertext too short")
}
iv := ciphertext[:aes.BlockSize]
ciphertext = ciphertext[aes.BlockSize:]
cbc := cipher.NewCBCDecrypter(block, iv)
cbc.CryptBlocks(ciphertext, ciphertext)
ciphertext = unPadding(ciphertext)
return ciphertext, nil
}

26
backend/utils/encrypt/encrypt_test.go Normal file
View file

@ -0,0 +1,26 @@
package encrypt
import (
"fmt"
"testing"
"github.com/1Panel-dev/1Panel/init/viper"
)
func TestStringEncrypt(t *testing.T) {
viper.Init()
p, err := StringEncrypt("Songliu123++")
if err != nil {
t.Fatal(err)
}
fmt.Println(p)
}
func TestStringDecrypt(t *testing.T) {
viper.Init()
p, err := StringDecrypt("5WYEZ4XcitdomVvAyimt9WwJwBJJSbTTHncZoqyOraQ=")
if err != nil {
t.Fatal(err)
}
fmt.Println(p)
}

59
backend/utils/jwt.go
View file

@ -1,59 +0,0 @@
package utils
import (
"time"
"github.com/1Panel-dev/1Panel/app/dto"
"github.com/1Panel-dev/1Panel/constant/errres"
"github.com/1Panel-dev/1Panel/global"
"github.com/golang-jwt/jwt/v4"
)
type JWT struct {
SigningKey []byte
}
func NewJWT() *JWT {
return &JWT{
[]byte(global.Config.JWT.SigningKey),
}
}
func (j *JWT) CreateToken(request dto.JwtRequest) (string, error) {
request.RegisteredClaims = jwt.RegisteredClaims{
Issuer: global.Config.JWT.Issuer,
NotBefore: jwt.NewNumericDate(time.Now()),
ExpiresAt: jwt.NewNumericDate(time.Now().Add(24 * time.Hour)),
}
token := jwt.NewWithClaims(jwt.SigningMethodES256, &request)
return token.SignedString(j.SigningKey)
}
func (j *JWT) ParseToken(tokenStr string) (*dto.JwtRequest, error) {
token, err := jwt.ParseWithClaims(tokenStr, &dto.JwtRequest{}, func(token *jwt.Token) (interface{}, error) {
return j.SigningKey, nil
})
if err != nil {
if ve, ok := err.(*jwt.ValidationError); ok {
if ve.Errors&jwt.ValidationErrorMalformed != 0 {
return nil, errres.TokenMalformed
} else if ve.Errors&jwt.ValidationErrorExpired != 0 {
return nil, errres.TokenExpired
} else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 {
return nil, errres.TokenNotValidYet
} else {
return nil, errres.TokenInvalid
}
}
}
if token != nil {
if claims, ok := token.Claims.(*dto.JwtRequest); ok && token.Valid {
return claims, nil
}
return nil, errres.TokenInvalid
} else {
return nil, errres.TokenInvalid
}
}

85
backend/utils/jwt/jwt.go Normal file
View file

@ -0,0 +1,85 @@
package jwt
import (
"time"
"github.com/1Panel-dev/1Panel/constant"
"github.com/1Panel-dev/1Panel/global"
"github.com/golang-jwt/jwt/v4"
)
type JWT struct {
SigningKey []byte
}
type JwtRequest struct {
BaseClaims
BufferTime int64
jwt.RegisteredClaims
}
type CustomClaims struct {
BaseClaims
BufferTime int64
jwt.RegisteredClaims
}
type BaseClaims struct {
ID uint
Name string
}
func NewJWT() *JWT {
return &JWT{
[]byte(global.CONF.JWT.SigningKey),
}
}
func (j *JWT) CreateClaims(baseClaims BaseClaims) CustomClaims {
claims := CustomClaims{
BaseClaims: baseClaims,
BufferTime: global.CONF.JWT.BufferTime,
RegisteredClaims: jwt.RegisteredClaims{
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(global.CONF.JWT.ExpiresTime))),
Issuer: global.CONF.JWT.Issuer,
},
}
return claims
}
func (j *JWT) CreateToken(request CustomClaims) (string, error) {
request.RegisteredClaims = jwt.RegisteredClaims{
Issuer: global.CONF.JWT.Issuer,
NotBefore: jwt.NewNumericDate(time.Now()),
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Second * time.Duration(global.CONF.JWT.ExpiresTime))),
}
token := jwt.NewWithClaims(jwt.SigningMethodES256, &request)
return token.SignedString(j.SigningKey)
}
func (j *JWT) ParseToken(tokenStr string) (*JwtRequest, error) {
token, err := jwt.ParseWithClaims(tokenStr, &JwtRequest{}, func(token *jwt.Token) (interface{}, error) {
return j.SigningKey, nil
})
if err != nil {
if ve, ok := err.(*jwt.ValidationError); ok {
if ve.Errors&jwt.ValidationErrorMalformed != 0 {
return nil, constant.ErrTokenMalformed
} else if ve.Errors&jwt.ValidationErrorExpired != 0 {
return nil, constant.ErrTokenExpired
} else if ve.Errors&jwt.ValidationErrorNotValidYet != 0 {
return nil, constant.ErrTokenNotValidYet
} else {
return nil, constant.ErrTokenInvalid
}
}
}
if token == nil {
return nil, constant.ErrTokenInvalid
}
if claims, ok := token.Claims.(*JwtRequest); ok && token.Valid {
return claims, nil
}
return nil, constant.ErrTokenInvalid
}

16
frontend/src/api/modules/login.ts
View file

@ -1,8 +1,8 @@
import { Login } from '@/api/interface/index';
// import { PORT1 } from '@/api/config/servicePort';
import { PORT1 } from '@/api/config/servicePort';
// import qs from 'qs';
// import http from '@/api';
import http from '@/api';
/**
* @name
@ -10,14 +10,14 @@ import { Login } from '@/api/interface/index';
// * 用户登录接口
export const loginApi = (params: Login.ReqLoginForm) => {
console.log(params);
// return http.post<Login.ResLogin>(PORT1 + `/login`, params); // 正常 post json 请求 ==> application/json
return http.post<Login.ResLogin>(PORT1 + `base/login`, params); // 正常 post json 请求 ==> application/json
// return http.post<Login.ResLogin>(PORT1 + `/login`, {}, { params }); // post 请求携带 query 参数 ==> ?username=admin&password=123456
// return http.post<Login.ResLogin>(PORT1 + `/login`, qs.stringify(params)); // post 请求携带 表单 参数 ==> application/x-www-form-urlencoded
// return http.post<Login.ResLogin>(PORT1 + `/login`, params, {
// headers: { noLoading: true },
// }); // 控制当前请求不显示 loading
return { data: { access_token: '565656565' } };
// return { data: { access_token: '565656565' } };
};
// // * 获取按钮权限
@ -25,9 +25,7 @@ export const loginApi = (params: Login.ReqLoginForm) => {
// return http.get<Login.ResAuthButtons>(PORT1 + `/auth/buttons`);
// };
// * 获取菜单列表
export const getMenuList = () => {
// return http.get<Menu.MenuOptions[]>(PORT1 + `/menu/list`);
// 如果想让菜单变为本地数据,注释上一行代码,并引入本地 Menu.json 数据
return {};
// * 获取验证码
export const getCaptcha = () => {
return http.post<Login.ResCaptcha>(PORT1 + `base/captcha`);
};

87
frontend/src/views/login/components/LoginForm.vue
View file

@ -1,66 +1,41 @@
<template>
<el-form
ref="loginFormRef"
:model="loginForm"
:rules="loginRules"
size="large"
>
<el-form-item prop="username">
<el-input
v-model="loginForm.username"
placeholder="用户名admin / user"
>
<template #prefix>
<el-icon class="el-input__icon"><user /></el-icon>
</template>
</el-input>
</el-form-item>
<el-form-item prop="password">
<el-input
type="password"
v-model="loginForm.password"
placeholder="密码123456"
show-password
autocomplete="new-password"
>
<template #prefix>
<el-icon class="el-input__icon"><lock /></el-icon>
</template>
</el-input>
</el-form-item>
</el-form>
<div class="login-btn">
<el-button
:icon="CircleClose"
round
@click="resetForm(loginFormRef)"
size="large"
>重置</el-button
>
<el-button
:icon="UserFilled"
round
@click="login(loginFormRef)"
size="large"
type="primary"
:loading="loading"
>
登录
</el-button>
</div>
<el-form ref="loginFormRef" :model="loginForm" :rules="loginRules" size="large">
<el-form-item prop="username">
<el-input v-model="loginForm.username" placeholder="用户名admin / user">
<template #prefix>
<el-icon class="el-input__icon">
<user />
</el-icon>
</template>
</el-input>
</el-form-item>
<el-form-item prop="password">
<el-input type="password" v-model="loginForm.password" placeholder="密码123456" show-password autocomplete="new-password">
<template #prefix>
<el-icon class="el-input__icon">
<lock />
</el-icon>
</template>
</el-input>
</el-form-item>
</el-form>
<div class="login-btn">
<el-button :icon="CircleClose" round @click="resetForm(loginFormRef)" size="large">重置</el-button>
<el-button :icon="UserFilled" round @click="login(loginFormRef)" size="large" type="primary" :loading="loading">
登录
</el-button>
</div>
</template>
<script setup lang="ts">
import { ref, reactive, onMounted } from 'vue';
import { useRouter } from 'vue-router';
import { Login } from '@/api/interface';
import { CircleClose, UserFilled } from '@element-plus/icons-vue';
import { Login,getCaptcha } from '@/api/interface';
import type { ElForm } from 'element-plus';
import { ElMessage } from 'element-plus';
import { loginApi } from '@/api/modules/login';
import { GlobalStore } from '@/store';
import { MenuStore } from '@/store/modules/menu';
import md5 from 'js-md5';
const globalStore = GlobalStore();
const menuStore = MenuStore();
@ -69,13 +44,13 @@ const menuStore = MenuStore();
type FormInstance = InstanceType<typeof ElForm>;
const loginFormRef = ref<FormInstance>();
const loginRules = reactive({
username: [{ required: true, message: '请输入用户名', trigger: 'blur' }],
name: [{ required: true, message: '请输入用户名', trigger: 'blur' }],
password: [{ required: true, message: '请输入密码', trigger: 'blur' }],
});
//
const loginForm = reactive<Login.ReqLoginForm>({
username: '',
name: '',
password: '',
});
@ -89,8 +64,8 @@ const login = (formEl: FormInstance | undefined) => {
loading.value = true;
try {
const requestLoginForm: Login.ReqLoginForm = {
username: loginForm.username,
password: md5(loginForm.password),
name: loginForm.username,
password: loginForm.password,
};
const res = await loginApi(requestLoginForm);
// * token