mirror of
				https://github.com/1Panel-dev/1Panel.git
				synced 2025-10-26 08:46:28 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			67 lines
		
	
	
	
		
			1.9 KiB
		
	
	
	
		
			Lua
		
	
	
	
	
	
			
		
		
	
	
			67 lines
		
	
	
	
		
			1.9 KiB
		
	
	
	
		
			Lua
		
	
	
	
	
	
| local config = require "config"
 | |
| local redis_util = require "redis_util"
 | |
| local utils = require "utils"
 | |
| 
 | |
| local _M = {}
 | |
| 
 | |
| function _M.set_access_token(k, v)
 | |
|     local secret = config.get_secret()
 | |
|     local key = ngx.md5(ngx.ctx.ip .. ngx.var.server_name .. ngx.ctx.website_key
 | |
|             .. ngx.ctx.ua .. ngx.ctx.today .. secret)
 | |
|     local value = ngx.md5(ngx.time() .. ngx.ctx.ip)
 | |
|     --TODO check value
 | |
|     if key ~= k then
 | |
|         ngx.exit(444)
 | |
|     end
 | |
|     ngx.log(ngx.ERR, "set cc key: ", key)
 | |
|     if config.redis_on then
 | |
|         --local prefix = "ac_token:"
 | |
|         --redis_util.set(prefix .. accesstoken, accesstoken, timeout)
 | |
|     else
 | |
|         local limit = ngx.shared.waf_accesstoken
 | |
|         limit:set(key, value, 7200)
 | |
|     end
 | |
| 
 | |
|     local cookie_expire = ngx.cookie_time(ngx.time() + 86400)
 | |
|     ngx.header['Set-Cookie'] = { key .. '=' .. value .. '; path=/; Expires=' .. cookie_expire }
 | |
|     ngx.exit(200)
 | |
| end
 | |
| 
 | |
| function _M.check_access_token()
 | |
|     local secret = config.get_secret()
 | |
|     local key = ngx.md5(ngx.ctx.ip .. ngx.var.server_name .. ngx.ctx.website_key
 | |
|             .. ngx.ctx.ua .. ngx.ctx.today .. secret)
 | |
|     if not ngx.var.http_cookie then
 | |
|         return false
 | |
|     end
 | |
|     local cookies = utils.get_cookie_list(ngx.var.http_cookie)
 | |
|     if not cookies then
 | |
|         return false
 | |
|     end
 | |
|     if not cookies[key] then
 | |
|         return false
 | |
|     end
 | |
|     local accesstoken = cookies[key]
 | |
|     local value = nil
 | |
| 
 | |
|     if config.redis_on then
 | |
|         local prefix = "ac_token:"
 | |
|         value = redis_util.get(prefix .. key)
 | |
|         if value and value == accesstoken then
 | |
|             return true
 | |
|         end
 | |
|     else
 | |
|         local limit = ngx.shared.waf_accesstoken
 | |
|         value = limit:get(key)
 | |
|     end
 | |
|     if value and value == accesstoken then
 | |
|         return true
 | |
|     end
 | |
|     return false
 | |
| end
 | |
| 
 | |
| function _M.clear_access_token()
 | |
|     ngx.header['Set-Cookie'] = { 'a_token=; path=/; Expires=Thu, 01-Jan-1970 00:00:00 GMT' }
 | |
| end
 | |
| 
 | |
| return _M
 |