Flow display and user login and rate limit bug

2025-09-02 03:16:53 +00:00 · 2019-03-26 11:13:07 +08:00
parent 2a5a45a700
commit 7637cd448e
14 changed files with 164 additions and 17 deletions
--- a/web/controllers/base.go
+++ b/web/controllers/base.go
@@ -3,6 +3,7 @@ package controllers
 import (
 	"github.com/cnlh/nps/lib/common"
 	"github.com/cnlh/nps/lib/crypt"
+	"github.com/cnlh/nps/lib/file"
 	"github.com/cnlh/nps/server"
 	"github.com/cnlh/nps/vender/github.com/astaxie/beego"
 	"strconv"
@@ -33,6 +34,14 @@ func (s *BaseController) Prepare() {
 			s.Redirect("/login/index", 302)
 		}
 	}
+	if s.GetSession("isAdmin") != nil && !s.GetSession("isAdmin").(bool) {
+		s.Ctx.Input.SetData("client_id", s.GetSession("clientId").(int))
+		s.Ctx.Input.SetParam("client_id", strconv.Itoa(s.GetSession("clientId").(int)))
+		s.Data["isAdmin"] = false
+		s.CheckUserAuth()
+	} else {
+		s.Data["isAdmin"] = true
+	}
 }

 //加载模板
@@ -128,3 +137,30 @@ func (s *BaseController) SetInfo(name string) {
 func (s *BaseController) SetType(name string) {
 	s.Data["type"] = name
 }
+
+func (s *BaseController) CheckUserAuth() {
+	if s.controllerName == "client" {
+		s.StopRun()
+	}
+	if s.controllerName == "index" {
+		if id := s.GetIntNoErr("id"); id != 0 {
+			belong := false
+			if strings.Contains(s.actionName, "H") {
+				if v, ok := file.GetCsvDb().Hosts.Load(id); ok {
+					if v.(*file.Host).Client.Id == s.GetSession("clientId").(int) {
+						belong = true
+					}
+				}
+			} else {
+				if v, ok := file.GetCsvDb().Tasks.Load(id); ok {
+					if v.(*file.Tunnel).Client.Id == s.GetSession("clientId").(int) {
+						belong = true
+					}
+				}
+			}
+			if !belong {
+				s.StopRun()
+			}
+		}
+	}
+}
--- a/web/controllers/client.go
+++ b/web/controllers/client.go
@@ -111,7 +111,8 @@ func (s *ClientController) Edit() {
 				c.Rate = rate.NewRate(int64(c.RateLimit * 1024))
 				c.Rate.Start()
 			} else {
-				c.Rate = nil
+				c.Rate = rate.NewRate(int64(2 << 23))
+				c.Rate.Start()
 			}
 			file.GetCsvDb().StoreClientsToCsv()
 		}
--- a/web/controllers/login.go
+++ b/web/controllers/login.go
@@ -2,6 +2,7 @@ package controllers

 import (
 	"github.com/cnlh/nps/lib/common"
+	"github.com/cnlh/nps/lib/file"
 	"github.com/cnlh/nps/server"
 	"github.com/cnlh/nps/vender/github.com/astaxie/beego"
 	"time"
@@ -15,15 +16,32 @@ func (self *LoginController) Index() {
 	self.TplName = "login/index.html"
 }
 func (self *LoginController) Verify() {
+	var auth bool
 	if self.GetString("password") == beego.AppConfig.String("web_password") && self.GetString("username") == beego.AppConfig.String("web_username") {
+		self.SetSession("isAdmin", true)
+		auth = true
+		server.Bridge.Register.Store(common.GetIpByAddr(self.Ctx.Request.RemoteAddr), time.Now().Add(time.Hour*time.Duration(2)))
+	}
+	b, err := beego.AppConfig.Bool("allow_user_login")
+	if err == nil && b && self.GetString("username") == "user" && !auth {
+		file.GetCsvDb().Clients.Range(func(key, value interface{}) bool {
+			v := value.(*file.Client)
+			if v.VerifyKey == self.GetString("password") && v.Status {
+				self.SetSession("isAdmin", false)
+				self.SetSession("clientId", v.Id)
+				auth = true
+				return false
+			}
+			return true
+		})
+	}
+	if auth {
 		self.SetSession("auth", true)
 		self.Data["json"] = map[string]interface{}{"status": 1, "msg": "login success"}
-		server.Bridge.Register.Store(common.GetIpByAddr(self.Ctx.Request.RemoteAddr), time.Now().Add(time.Hour*time.Duration(2)))
-		self.ServeJSON()
 	} else {
 		self.Data["json"] = map[string]interface{}{"status": 0, "msg": "username or password incorrect"}
-		self.ServeJSON()
 	}
+	self.ServeJSON()
 }
 func (self *LoginController) Out() {
 	self.SetSession("auth", false)