1Panel-dev/1Panel
1
1
Fork 0
mirror of https://github.com/1Panel-dev/1Panel.git synced 2024-09-20 15:45:57 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: 增加单独的安全入口接口,防止泄漏

Browse source
This commit is contained in:
ssongliu 2023-04-17 11:12:43 +08:00 committed by ssongliu
parent d5f400670c
commit a06e5f28b3
8 changed files with 243 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
backend/app/api/v1/setting.go
View file

@ -65,6 +65,33 @@ func (b *BaseApi) UpdateSetting(c *gin.Context) {
helper.SuccessWithData(c, nil)
}
// @Tags System Setting
// @Summary Update system entrance
// @Description 更新系统安全入口
// @Accept json
// @Param request body dto.SettingUpdate true "request"
// @Success 200
// @Security ApiKeyAuth
// @Router /settings/entrance/enable [post]
// @x-panel-log {"bodyKeys":[],"paramKeys":[],"BeforeFuntions":[],"formatZH":"修改系统配置 [SecurityEntranceStatus] => [打开]","formatEN":"update system setting [SecurityEntranceStatus] => [Enable]"}
func (b *BaseApi) UpdateEntrance(c *gin.Context) {
var req dto.SettingUpdate
if err := c.ShouldBindJSON(&req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
return
}
if err := global.VALID.Struct(req); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrBadRequest, constant.ErrTypeInvalidParams, err)
return
}
if err := settingService.UpdateEntrance(req.Value); err != nil {
helper.ErrorWithDetail(c, constant.CodeErrInternalServer, constant.ErrTypeInternalServer, err)
return
}
helper.SuccessWithData(c, nil)
}
// @Tags System Setting
// @Summary Update system password
// @Description 更新系统登录密码

11
backend/app/service/setting.go
View file

@ -20,6 +20,7 @@ type SettingService struct{}
type ISettingService interface {
GetSettingInfo() (*dto.SettingInfo, error)
Update(key, value string) error
UpdateEntrance(value string) error
UpdatePassword(c *gin.Context, old, new string) error
UpdatePort(port uint) error
HandlePasswordExpired(c *gin.Context, old, new string) error
@ -76,6 +77,16 @@ func (u *SettingService) Update(key, value string) error {
return nil
}
func (u *SettingService) UpdateEntrance(value string) error {
if err := settingRepo.Update("SecurityEntranceStatus", "enable"); err != nil {
return err
}
if err := settingRepo.Update("SecurityEntrance", value); err != nil {
return err
}
return nil
}
func (u *SettingService) UpdatePort(port uint) error {
if common.ScanPort(int(port)) {
return buserr.WithDetail(constant.ErrPortInUsed, port, nil)

1
backend/router/ro_setting.go
View file

@ -22,6 +22,7 @@ func (s *SettingRouter) InitSettingRouter(Router *gin.RouterGroup) {
router.POST("/expired/handle", baseApi.HandlePasswordExpired)
settingRouter.GET("/search/available", baseApi.GetSystemAvailable)
settingRouter.POST("/update", baseApi.UpdateSetting)
settingRouter.POST("/entrance/enable", baseApi.UpdateEntrance)
settingRouter.POST("/port/update", baseApi.UpdatePort)
settingRouter.POST("/password/update", baseApi.UpdatePassword)
settingRouter.POST("/time/sync", baseApi.SyncTime)

71
cmd/server/docs/docs.go
View file

@ -827,6 +827,34 @@ var doc = `{
}
}
},
"/auth/isfirst": {
"get": {
"description": "判断是否为首次登录",
"tags": [
"Auth"
],
"summary": "Check is First login",
"responses": {
"200": {
"description": ""
}
}
}
},
"/auth/issafety": {
"get": {
"description": "获取系统安全登录状态",
"tags": [
"Auth"
],
"summary": "Load safety status",
"responses": {
"200": {
"description": ""
}
}
}
},
"/auth/login": {
"post": {
"description": "用户登录",
@ -6806,6 +6834,46 @@ var doc = `{
}
}
},
"/settings/entrance/enable": {
"post": {
"security": [
{
"ApiKeyAuth": []
}
],
"description": "更新系统安全入口",
"consumes": [
"application/json"
],
"tags": [
"System Setting"
],
"summary": "Update system entrance",
"parameters": [
{
"description": "request",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/dto.SettingUpdate"
}
}
],
"responses": {
"200": {
"description": ""
}
},
"x-panel-log": {
"BeforeFuntions": [],
"bodyKeys": [],
"formatEN": "update system setting [SecurityEntranceStatus] =\u003e [Enable]",
"formatZH": "修改系统配置 [SecurityEntranceStatus] =\u003e [打开]",
"paramKeys": []
}
}
},
"/settings/expired/handle": {
"post": {
"security": [
@ -11524,6 +11592,9 @@ var doc = `{
"securityEntrance": {
"type": "string"
},
"securityEntranceStatus": {
"type": "string"
},
"serverPort": {
"type": "string"
},

71
cmd/server/docs/swagger.json
View file

@ -813,6 +813,34 @@
}
}
},
"/auth/isfirst": {
"get": {
"description": "判断是否为首次登录",
"tags": [
"Auth"
],
"summary": "Check is First login",
"responses": {
"200": {
"description": ""
}
}
}
},
"/auth/issafety": {
"get": {
"description": "获取系统安全登录状态",
"tags": [
"Auth"
],
"summary": "Load safety status",
"responses": {
"200": {
"description": ""
}
}
}
},
"/auth/login": {
"post": {
"description": "用户登录",
@ -6792,6 +6820,46 @@
}
}
},
"/settings/entrance/enable": {
"post": {
"security": [
{
"ApiKeyAuth": []
}
],
"description": "更新系统安全入口",
"consumes": [
"application/json"
],
"tags": [
"System Setting"
],
"summary": "Update system entrance",
"parameters": [
{
"description": "request",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/dto.SettingUpdate"
}
}
],
"responses": {
"200": {
"description": ""
}
},
"x-panel-log": {
"BeforeFuntions": [],
"bodyKeys": [],
"formatEN": "update system setting [SecurityEntranceStatus] =\u003e [Enable]",
"formatZH": "修改系统配置 [SecurityEntranceStatus] =\u003e [打开]",
"paramKeys": []
}
}
},
"/settings/expired/handle": {
"post": {
"security": [
@ -11510,6 +11578,9 @@
"securityEntrance": {
"type": "string"
},
"securityEntranceStatus": {
"type": "string"
},
"serverPort": {
"type": "string"
},

46
cmd/server/docs/swagger.yaml
View file

@ -1453,6 +1453,8 @@ definitions:
type: string
securityEntrance:
type: string
securityEntranceStatus:
type: string
serverPort:
type: string
sessionTimeout:
@ -3410,6 +3412,24 @@ paths:
summary: Init user
tags:
- Auth
/auth/isfirst:
get:
description: 判断是否为首次登录
responses:
"200":
description: ""
summary: Check is First login
tags:
- Auth
/auth/issafety:
get:
description: 获取系统安全登录状态
responses:
"200":
description: ""
summary: Load safety status
tags:
- Auth
/auth/login:
post:
consumes:
@ -7208,6 +7228,32 @@ paths:
summary: Load local backup dir
tags:
- System Setting
/settings/entrance/enable:
post:
consumes:
- application/json
description: 更新系统安全入口
parameters:
- description: request
in: body
name: request
required: true
schema:
$ref: '#/definitions/dto.SettingUpdate'
responses:
"200":
description: ""
security:
- ApiKeyAuth: []
summary: Update system entrance
tags:
- System Setting
x-panel-log:
BeforeFuntions: []
bodyKeys: []
formatEN: update system setting [SecurityEntranceStatus] => [Enable]
formatZH: 修改系统配置 [SecurityEntranceStatus] => [打开]
paramKeys: []
/settings/expired/handle:
post:
consumes:

4
frontend/src/api/modules/setting.ts
View file

@ -16,6 +16,10 @@ export const updateSetting = (param: Setting.SettingUpdate) => {
return http.post(`/settings/update`, param);
};
export const updateEntrance = (param: Setting.SettingUpdate) => {
return http.post(`/settings/entrance/enable`, param);
};
export const updatePassword = (param: Setting.PasswordUpdate) => {
return http.post(`/settings/password/update`, param);
};

14
frontend/src/views/setting/safe/index.vue
View file

@ -33,6 +33,8 @@
<el-input
@blur="codeError = false"
v-if="isEntranceShow"
type="password"
show-password
clearable
v-model.number="form.securityEntrance"
>
@ -164,7 +166,15 @@ import { ElForm, ElMessageBox } from 'element-plus';
import { Setting } from '@/api/interface/setting';
import LayoutContent from '@/layout/layout-content.vue';
import DrawerHeader from '@/components/drawer-header/index.vue';
import { updateSetting, getMFA, bindMFA, getSettingInfo, updatePort, getSystemAvailable } from '@/api/modules/setting';
import {
updateSetting,
getMFA,
bindMFA,
getSettingInfo,
updatePort,
getSystemAvailable,
updateEntrance,
} from '@/api/modules/setting';
import i18n from '@/lang';
import { Rules, checkNumberRange } from '@/global/form-rules';
import { dateFormatSimple } from '@/utils/util';
@ -320,7 +330,7 @@ const onSaveEntrance = async () => {
return;
}
loading.value = true;
await updateSetting({ key: 'SecurityEntrance', value: form.securityEntrance })
await updateEntrance({ key: 'SecurityEntrance', value: form.securityEntrance })
.then(() => {
globalStore.entrance = form.securityEntrance;
loading.value = false;