fix: Fix issue where website auth_basic is not effective (#8045)

2025-10-26 08:46:28 +08:00 · 2025-03-03 14:28:56 +08:00 · 2025-03-03 14:28:56 +08:00 · 569aaf3c0a
commit 569aaf3c0a
parent c3bd196a23
15 changed files with 65 additions and 51 deletions
--- a/agent/app/service/website.go
+++ b/agent/app/service/website.go
@ -1852,21 +1852,15 @@ func (w WebsiteService) ClearProxyCache(req request.NginxCommonReq) error {

 func (w WebsiteService) GetAuthBasics(req request.NginxAuthReq) (res response.NginxAuthRes, err error) {
 	var (
-		website      model.Website
-		nginxInstall model.AppInstall
-		authContent  []byte
-		nginxParams  []response.NginxParam
+		website     model.Website
+		authContent []byte
+		nginxParams []response.NginxParam
 	)
 	website, err = websiteRepo.GetFirst(repo.WithByID(req.WebsiteID))
 	if err != nil {
 		return
 	}
-	nginxInstall, err = getAppInstallByKey(constant.AppOpenresty)
-	if err != nil {
-		return
-	}
-	authPath := fmt.Sprintf("/www/sites/%s/auth_basic/auth.pass", website.Alias)
-	absoluteAuthPath := path.Join(nginxInstall.GetPath(), authPath)
+	absoluteAuthPath := GetSitePath(website, SiteRootAuthBasicPath)
 	fileOp := files.NewFileOp()
 	if !fileOp.Stat(absoluteAuthPath) {
 		return
@ -1896,22 +1890,17 @@ func (w WebsiteService) GetAuthBasics(req request.NginxAuthReq) (res response.Ng

 func (w WebsiteService) UpdateAuthBasic(req request.NginxAuthUpdate) (err error) {
 	var (
-		website      model.Website
-		nginxInstall model.AppInstall
-		params       []dto.NginxParam
-		authContent  []byte
-		authArray    []string
+		website     model.Website
+		params      []dto.NginxParam
+		authContent []byte
+		authArray   []string
 	)
 	website, err = websiteRepo.GetFirst(repo.WithByID(req.WebsiteID))
 	if err != nil {
 		return err
 	}
-	nginxInstall, err = getAppInstallByKey(constant.AppOpenresty)
-	if err != nil {
-		return
-	}
 	authPath := fmt.Sprintf("/www/sites/%s/auth_basic/auth.pass", website.Alias)
-	absoluteAuthPath := path.Join(nginxInstall.GetPath(), authPath)
+	absoluteAuthPath := GetSitePath(website, SiteRootAuthBasicPath)
 	fileOp := files.NewFileOp()
 	if !fileOp.Stat(path.Dir(absoluteAuthPath)) {
 		_ = fileOp.CreateDir(path.Dir(absoluteAuthPath), constant.DirPerm)
@ -2025,21 +2014,15 @@ func (w WebsiteService) UpdateAuthBasic(req request.NginxAuthUpdate) (err error)

 func (w WebsiteService) GetPathAuthBasics(req request.NginxAuthReq) (res []response.NginxPathAuthRes, err error) {
 	var (
-		website      model.Website
-		nginxInstall model.AppInstall
-		authContent  []byte
+		website     model.Website
+		authContent []byte
 	)
 	website, err = websiteRepo.GetFirst(repo.WithByID(req.WebsiteID))
 	if err != nil {
 		return
 	}
-	nginxInstall, err = getAppInstallByKey(constant.AppOpenresty)
-	if err != nil {
-		return
-	}
 	fileOp := files.NewFileOp()
-	authDir := fmt.Sprintf("/www/sites/%s/path_auth", website.Alias)
-	absoluteAuthDir := path.Join(nginxInstall.GetPath(), authDir)
+	absoluteAuthDir := GetSitePath(website, SitePathAuthBasicDir)
 	passDir := path.Join(absoluteAuthDir, "pass")
 	if !fileOp.Stat(absoluteAuthDir) || !fileOp.Stat(passDir) {
 		return
@ -2097,12 +2080,8 @@ func (w WebsiteService) UpdatePathAuthBasic(req request.NginxPathAuthUpdate) err
 	if err != nil {
 		return err
 	}
-	nginxInstall, err := getAppInstallByKey(constant.AppOpenresty)
-	if err != nil {
-		return err
-	}
 	fileOp := files.NewFileOp()
-	authDir := path.Join(nginxInstall.GetPath(), "www", "sites", website.Alias, "path_auth")
+	authDir := GetSitePath(website, SitePathAuthBasicDir)
 	if !fileOp.Stat(authDir) {
 		_ = fileOp.CreateDir(authDir, constant.DirPerm)
 	}
--- a/agent/app/service/website_utils.go
+++ b/agent/app/service/website_utils.go
@ -1156,21 +1156,23 @@ func GteSiteDir(alias string) string {
 }

 const (
-	SiteConf          = "SiteConf"
-	SiteAccessLog     = "access.log"
-	SiteErrorLog      = "error.log"
-	WebsiteRootDir    = "WebsiteRootDir"
-	SiteDir           = "SiteDir"
-	SiteIndexDir      = "SiteIndexDir"
-	SiteProxyDir      = "SiteProxyDir"
-	SiteSSLDir        = "SiteSSLDir"
-	SiteReWritePath   = "SiteReWritePath"
-	SiteRedirectDir   = "SiteRedirectDir"
-	SiteCacheDir      = "SiteCacheDir"
-	SiteConfDir       = "SiteConfDir"
-	SitesRootDir      = "SitesRootDir"
-	DefaultDir        = "DefaultDir"
-	DefaultRewriteDir = "DefaultRewriteDir"
+	SiteConf              = "SiteConf"
+	SiteAccessLog         = "access.log"
+	SiteErrorLog          = "error.log"
+	WebsiteRootDir        = "WebsiteRootDir"
+	SiteDir               = "SiteDir"
+	SiteIndexDir          = "SiteIndexDir"
+	SiteProxyDir          = "SiteProxyDir"
+	SiteSSLDir            = "SiteSSLDir"
+	SiteReWritePath       = "SiteReWritePath"
+	SiteRedirectDir       = "SiteRedirectDir"
+	SiteCacheDir          = "SiteCacheDir"
+	SiteConfDir           = "SiteConfDir"
+	SitesRootDir          = "SitesRootDir"
+	DefaultDir            = "DefaultDir"
+	DefaultRewriteDir     = "DefaultRewriteDir"
+	SiteRootAuthBasicPath = "SiteRootAuthBasicPath"
+	SitePathAuthBasicDir  = "SitePathAuthBasicDir"
 )

 func GetSitePath(website model.Website, confType string) string {
@ -1195,6 +1197,10 @@ func GetSitePath(website model.Website, confType string) string {
 		return path.Join(GteSiteDir(website.Alias), "rewrite", website.Alias+".conf")
 	case SiteRedirectDir:
 		return path.Join(GteSiteDir(website.Alias), "redirect")
+	case SiteRootAuthBasicPath:
+		return path.Join(GteSiteDir(website.Alias), "auth_basic", "auth.pass")
+	case SitePathAuthBasicDir:
+		return path.Join(GteSiteDir(website.Alias), "path_auth")
 	}
 	return ""
 }
--- a/agent/i18n/lang/en.yaml
+++ b/agent/i18n/lang/en.yaml
@ -6,6 +6,7 @@ ErrStructTransform: "Type conversion failure: {{ .detail }}"
 ErrNotSupportType: "The system does not support the current type: {{ .detail }}"

 #common
+ErrUsernameIsExist: "Username already exists"
 ErrNameIsExist: "Name is already exist"
 ErrDemoEnvironment: "Demo server, prohibit this operation!"
 ErrCmdTimeout: "Command execution timed out！"
--- a/agent/i18n/lang/ja.yaml
+++ b/agent/i18n/lang/ja.yaml
@ -14,6 +14,7 @@ ErrApiConfigIPInvalid: "APIインターフェイスIPはホワイトリストに
 ErrApiConfigDisable: "このインターフェイスは、APIインターフェイスコールの使用を禁止しています：{{.Detail}}"

 #common
+ErrUsernameIsExist: "ユーザー名は既に存在します"
 ErrNameIsExist: "名前はすでに存在しています"
 ErrDemoEnvironment: "デモサーバー、この操作を禁止します！"
 ErrCmdTimeout: "コマンド実行がタイムアウトしました！"
--- a/agent/i18n/lang/ko.yaml
+++ b/agent/i18n/lang/ko.yaml
@ -15,6 +15,7 @@ ErrApiConfigDisable: "이 인터페이스는 API 호출을 금지합니다: {{ .
 ErrApiConfigKeyTimeInvalid: "API 인터페이스 타임스탬프 오류: {{ .detail }}"

 # 공통
+ErrUsernameIsExist: "사용자 이름이 이미 존재합니다"
 ErrNameIsExist: "이름이 이미 존재합니다"
 ErrDemoEnvironment: "데모 서버에서는 이 작업이 금지되어 있습니다!"
 ErrCmdTimeout: "명령어 실행 시간이 초과되었습니다!"
--- a/agent/i18n/lang/ms.yml
+++ b/agent/i18n/lang/ms.yml
@ -15,6 +15,7 @@ ErrApiConfigDisable: "Antara muka ini melarang penggunaan panggilan API: {{ .det
 ErrApiConfigKeyTimeInvalid: "Ralat cap waktu antara muka API: {{ .detail }}"

 #common
+ErrUsernameIsExist: "Nama pengguna sudah wujud"
 ErrNameIsExist: "Nama sudah wujud"
 ErrDemoEnvironment: "Pelayan demo, operasi ini dilarang!"
 ErrCmdTimeout: "Pelaksanaan arahan telah tamat masa!"
--- a/agent/i18n/lang/pt-BR.yaml
+++ b/agent/i18n/lang/pt-BR.yaml
@ -14,6 +14,7 @@ ErrApiConfigIPInvalid: "O IP da interface da API não está na lista de permiss
 ErrApiConfigDisable: "Esta interface proíbe o uso de chamadas de API: {{ .detail }}"

 #common
+ErrUsernameIsExist: "Nome de usuário já existe"
 ErrNameIsExist: "O nome já existe"
 ErrDemoEnvironment: "Servidor de demonstração, operação proibida!"
 ErrCmdTimeout: "Tempo limite de execução do comando excedido!"
--- a/agent/i18n/lang/ru.yaml
+++ b/agent/i18n/lang/ru.yaml
@ -15,6 +15,7 @@ ErrApiConfigDisable: "Этот интерфейс запрещает испол
 ErrApiConfigKeyTimeInvalid: "Ошибка временной метки интерфейса API: {{ .detail }}"

 #common
+ErrUsernameIsExist: "Имя пользователя уже существует"
 ErrNameIsExist: "Имя уже существует"
 ErrDemoEnvironment: "Демо-сервер, операция запрещена!"
 ErrCmdTimeout: "Время выполнения команды истекло!"
--- a/agent/i18n/lang/zh-Hant.yaml
+++ b/agent/i18n/lang/zh-Hant.yaml
@ -10,6 +10,7 @@ ErrApiConfigIPInvalid: "调用 API 接口 IP 不在白名单: {{ .detail }}"
 ErrApiConfigDisable: "此接口禁止使用 API 接口調用: {{ .detail }}"

 #common
+ErrUsernameIsExist: "使用者名稱已存在"
 ErrNameIsExist: "名稱已存在"
 ErrDemoEnvironment: "演示伺服器，禁止此操作!"
 ErrCmdTimeout: "指令執行超時！"
--- a/agent/i18n/lang/zh.yaml
+++ b/agent/i18n/lang/zh.yaml
@ -16,6 +16,7 @@ ErrApiConfigDisable: "此接口禁止使用 API 接口调用: {{ .detail }}"
 ErrApiConfigKeyTimeInvalid: "API 接口时间戳错误: {{ .detail }}"

 #common
+ErrUsernameIsExist: "用户名已存在"
 ErrNameIsExist: "名称已存在"
 ErrDemoEnvironment: "演示服务器，禁止此操作!"
 ErrCmdTimeout: "命令执行超时！"
--- a/core/cmd/server/cmd/root.go
+++ b/core/cmd/server/cmd/root.go
@ -49,7 +49,7 @@ func loadDBConn() (*gorm.DB, error) {
 		baseDir = baseDir[:strings.LastIndex(baseDir, "/")]
 	}

-	db, err := gorm.Open(sqlite.Open(baseDir+"/1panel/db/1Panel.db"), &gorm.Config{})
+	db, err := gorm.Open(sqlite.Open(baseDir+"/1panel/db/core.db"), &gorm.Config{})
 	if err != nil {
 		return nil, fmt.Errorf("init my db conn failed, err: %v \n", err)
 	}
--- a/frontend/src/global/form-rules.ts
+++ b/frontend/src/global/form-rules.ts
@ -211,6 +211,19 @@ const checkSimplePassword = (rule: any, value: any, callback: any) => {
    }
 };

+const checkAuthBasicPassword = (rule: any, value: any, callback: any) => {
+    if (value === '' || typeof value === 'undefined' || value == null) {
+        callback(new Error(i18n.global.t('commons.rule.authBasicPassword')));
+    } else {
+        const reg = /^[a-zA-Z0-9_\-\.@$!%*?&]{1,72}$/;
+        if (!reg.test(value)) {
+            callback(new Error(i18n.global.t('commons.rule.authBasicPassword')));
+        } else {
+            callback();
+        }
+    }
+};
+
 const checkDBName = (rule: any, value: any, callback: any) => {
    if (value === '' || typeof value === 'undefined' || value == null) {
        callback(new Error(i18n.global.t('commons.rule.dbName')));
@ -622,6 +635,7 @@ interface CommonRule {
    phpExtensions: FormItemRule;
    supervisorName: FormItemRule;
    domainOrIP: FormItemRule;
+    authBasicPassword: FormItemRule;

    paramCommon: FormItemRule;
    paramComplexity: FormItemRule;
@ -865,4 +879,8 @@ export const Rules: CommonRule = {
        validator: checkPhone,
        trigger: 'blur',
    },
+    authBasicPassword: {
+        validator: checkAuthBasicPassword,
+        trigger: 'blur',
+    },
 };
--- a/frontend/src/lang/modules/zh.ts
+++ b/frontend/src/lang/modules/zh.ts
@ -238,6 +238,7 @@ const message = {
            phpExtension: '仅支持 , _ 小写英文和数字',
            paramHttp: '必须以 http:// 或 https:// 开头',
            phone: '手机号码格式不正确',
+            authBasicPassword: '支持字母、数字以及常见特殊字符，长度1-72',
        },
        res: {
            paramError: '请求失败,请稍后重试!',
--- a/frontend/src/views/website/website/config/basic/auth-basic/create/index.vue
+++ b/frontend/src/views/website/website/config/basic/auth-basic/create/index.vue
@ -56,7 +56,7 @@ import { getRandomStr } from '@/utils/util';
 const proxyForm = ref<FormInstance>();
 const rules = ref({
    username: [Rules.requiredInput, Rules.name],
-    password: [Rules.requiredInput],
+    password: [Rules.requiredInput, Rules.authBasicPassword],
    name: [Rules.requiredInput],
    path: [Rules.requiredInput],
 });
--- a/frontend/src/views/website/website/config/basic/auth-basic/index.vue
+++ b/frontend/src/views/website/website/config/basic/auth-basic/index.vue
@ -85,6 +85,7 @@ const buttons = [
    {
        label: i18n.global.t('commons.button.edit'),
        click: function (row: Website.NginxAuthConfig) {
+            row.scope = 'root';
            openEdit(row);
        },
    },
@ -100,6 +101,7 @@ const pathButtons = [
    {
        label: i18n.global.t('commons.button.edit'),
        click: function (row: Website.NginxAuthConfig) {
+            row.scope = 'path';
            openEdit(row);
        },
    },