updated login tokens
This commit is contained in:
@@ -24,7 +24,7 @@ func getAuthorization(c *gin.Context) (AuthorizationScope, string) {
|
||||
return AuthorizationScopeNone, ""
|
||||
}
|
||||
if headerSpl[0] == "Bearer" {
|
||||
if storage.CheckLoginToken(headerSpl[1]) {
|
||||
if storage.CheckLoginToken(headerSpl[1], c.ClientIP()) {
|
||||
return AuthorizationScopeUser, headerSpl[1]
|
||||
}
|
||||
}
|
||||
|
||||
@@ -19,7 +19,7 @@ func login(c *gin.Context) {
|
||||
return
|
||||
}
|
||||
|
||||
loggedIn, token := storage.CheckLogin(loginBody.Username, loginBody.Password)
|
||||
loggedIn, token := storage.CheckLogin(loginBody.Username, loginBody.Password, c.ClientIP())
|
||||
|
||||
if loggedIn {
|
||||
c.JSON(200, gin.H{
|
||||
|
||||
@@ -25,7 +25,7 @@ func UpdatePassword(password string) {
|
||||
}
|
||||
}
|
||||
|
||||
func CheckLogin(username string, password string) (bool, string) {
|
||||
func CheckLogin(username string, password string, ip string) (bool, string) {
|
||||
if username == "" || password == "" {
|
||||
return false, ""
|
||||
}
|
||||
@@ -49,18 +49,35 @@ func CheckLogin(username string, password string) (bool, string) {
|
||||
return false, ""
|
||||
}
|
||||
|
||||
return true, createLoginToken()
|
||||
return true, createLoginToken(ip)
|
||||
}
|
||||
|
||||
func createLoginToken() string {
|
||||
type loginToken struct {
|
||||
Token []byte `json:"token"`
|
||||
IP string `jsong:"ip"`
|
||||
End string `json:"end"`
|
||||
}
|
||||
|
||||
func createLoginToken(ip string) string {
|
||||
token := util.GeneratePassword(32)
|
||||
|
||||
tokenHash, err := bcrypt.GenerateFromPassword([]byte(token), bcrypt.DefaultCost)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
tokenData := loginToken{
|
||||
Token: tokenHash,
|
||||
IP: ip,
|
||||
End: token[len(token) - 4:],
|
||||
}
|
||||
|
||||
member := redis.Z{
|
||||
Score: float64(time.Now().Unix() + 4 * 60 * 60),
|
||||
Member: token,
|
||||
Member: tokenData,
|
||||
}
|
||||
|
||||
err := client.ZAdd(ctx, "loginTokens", member).Err()
|
||||
err = client.ZAdd(ctx, "loginTokens", member).Err()
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
@@ -68,7 +85,7 @@ func createLoginToken() string {
|
||||
return token
|
||||
}
|
||||
|
||||
func CheckLoginToken(token string) bool {
|
||||
func CheckLoginToken(token string, ip string) bool {
|
||||
|
||||
expired, err := client.ZRangeByScore(ctx, "loginTokens", &redis.ZRangeBy{
|
||||
Min: "-inf",
|
||||
@@ -83,18 +100,16 @@ func CheckLoginToken(token string) bool {
|
||||
client.ZRem(ctx, "loginTokens", e)
|
||||
}
|
||||
|
||||
current, err := client.ZRangeByScore(ctx, "loginTokens", &redis.ZRangeBy{
|
||||
Min: fmt.Sprintf("%d", time.Now().Unix()),
|
||||
Max: "inf",
|
||||
}).Result()
|
||||
current := make([]loginToken, 0)
|
||||
err = client.ZRange(ctx, "loginTokens", 0, -1).ScanSlice(current)
|
||||
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
for _, c := range current {
|
||||
fmt.Println(c)
|
||||
if c == token {
|
||||
err = bcrypt.CompareHashAndPassword([]byte(c.Token), []byte(token))
|
||||
if err == nil && ip == c.IP {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
@@ -54,11 +54,7 @@ func Init() {
|
||||
}
|
||||
|
||||
username := redisUri.User.Username()
|
||||
pass, passSet := redisUri.User.Password()
|
||||
|
||||
if !passSet {
|
||||
panic("pass not set")
|
||||
}
|
||||
pass, _ := redisUri.User.Password()
|
||||
|
||||
client = redis.NewClient(&redis.Options{
|
||||
Addr: redisUri.Host,
|
||||
|
||||
Reference in New Issue
Block a user