fix: add session date as fingerprint

2025-09-06 14:37:49 +08:00 · 2024-06-12 13:05:09 +05:30 · 2024-06-12 13:05:09 +05:30 · 4cc1087152
commit 4cc1087152
parent 54a5fd55e1
6 changed files with 24 additions and 24 deletions
--- a/internal/database/migrations/20240612190605_modify_session.sql
+++ b/internal/database/migrations/20240612190605_modify_session.sql
@ -0,0 +1,6 @@
+-- +goose Up
+-- +goose StatementBegin
+truncate teldrive.sessions;
+ALTER TABLE "teldrive"."sessions" DROP COLUMN IF EXISTS "auth_hash";
+ALTER TABLE "teldrive"."sessions" ADD COLUMN "auth_hash" bigint;
+-- +goose StatementEnd
--- a/internal/database/migrations/20240613190605_modify_session.sql
+++ b/internal/database/migrations/20240613190605_modify_session.sql
@ -0,0 +1,6 @@
+-- +goose Up
+-- +goose StatementBegin
+truncate teldrive.sessions;
+ALTER TABLE "teldrive"."sessions" DROP COLUMN IF EXISTS "auth_hash";
+ALTER TABLE "teldrive"."sessions" ADD COLUMN "session_date" integer;
+-- +goose StatementEnd
--- a/pkg/models/session.go
+++ b/pkg/models/session.go
@ -5,9 +5,9 @@ import (
 )

 type Session struct {
-	UserId    int64     `gorm:"type:bigint;primaryKey"`
-	Hash      string    `gorm:"type:text"`
-	AuthHash  string    `gorm:"type:text"`
-	Session   string    `gorm:"type:text"`
-	CreatedAt time.Time `gorm:"default:timezone('utc'::text, now())"`
+	UserId      int64     `gorm:"type:bigint;primaryKey"`
+	Hash        string    `gorm:"type:text"`
+	SessionDate int       `gorm:"type:text"`
+	Session     string    `gorm:"type:text"`
+	CreatedAt   time.Time `gorm:"default:timezone('utc'::text, now())"`
 }
--- a/pkg/services/auth.go
+++ b/pkg/services/auth.go
@ -133,7 +133,7 @@ func (as *AuthService) LogIn(c *gin.Context, session *schemas.TgSession) (*schem

 	//create session
 	if err := as.db.Create(&models.Session{UserId: session.UserID, Hash: hexToken,
-		Session: session.Sesssion, AuthHash: GenAuthHash(auth)}).Error; err != nil {
+		Session: session.Sesssion, SessionDate: auth.DateCreated}).Error; err != nil {
 		return nil, &types.AppError{Error: err}
 	}

--- a/pkg/services/common.go
+++ b/pkg/services/common.go
@ -3,11 +3,8 @@ package services
 import (
 	"bytes"
 	"context"
-	"crypto/md5"
 	"crypto/rand"
 	"encoding/binary"
-	"encoding/hex"
-	"encoding/json"
 	"fmt"
 	"io"
 	"math"
@ -370,12 +367,3 @@ func DeleteTGMessages(ctx context.Context, cnf *config.TGConfig, session string,
 	})
 	return err
 }
-
-func GenAuthHash(auth *tg.Authorization) string {
-	auth.Flags = 0
-	auth.DateActive = 0
-	auth.Current = false
-	b, _ := json.Marshal(auth)
-	hash := md5.Sum(b)
-	return hex.EncodeToString(hash[:])
-}
--- a/pkg/services/user.go
+++ b/pkg/services/user.go
@ -153,7 +153,7 @@ func (us *UserService) ListSessions(c *gin.Context) ([]schemas.SessionOut, *type

 	dbSessions := []models.Session{}

-	if err = us.db.Where("user_id = ?", userId).Find(&dbSessions).Order("created_at DESC").Error; err != nil {
+	if err = us.db.Where("user_id = ?", userId).Order("created_at DESC").Find(&dbSessions).Error; err != nil {
 		return nil, &types.AppError{Error: err}
 	}

@ -166,11 +166,11 @@ func (us *UserService) ListSessions(c *gin.Context) ([]schemas.SessionOut, *type
 			Current:   session.Session == userSession}

 		if auth != nil {
-			for _, auth := range auth.Authorizations {
-				if session.AuthHash == GenAuthHash(&auth) {
-					s.AppName = strings.Trim(strings.Replace(auth.AppName, "Telegram", "", -1), " ")
-					s.Location = auth.Country
-					s.OfficialApp = auth.OfficialApp
+			for _, a := range auth.Authorizations {
+				if session.SessionDate == a.DateCreated {
+					s.AppName = strings.Trim(strings.Replace(a.AppName, "Telegram", "", -1), " ")
+					s.Location = a.Country
+					s.OfficialApp = a.OfficialApp
 					s.Valid = true
 					break
 				}