중복 로그인 방지
This commit is contained in:
@ -74,6 +74,7 @@ func SessionTTL() time.Duration {
|
|||||||
|
|
||||||
type maingateConfig struct {
|
type maingateConfig struct {
|
||||||
session.SessionConfig `json:",inline"`
|
session.SessionConfig `json:",inline"`
|
||||||
|
MustUseChecksum bool `json:"maingate_must_checksum"`
|
||||||
Mongo string `json:"maingate_mongodb_url"`
|
Mongo string `json:"maingate_mongodb_url"`
|
||||||
Autologin_ttl int64 `json:"autologin_ttl"`
|
Autologin_ttl int64 `json:"autologin_ttl"`
|
||||||
MaximumNumLinkAccount int64 `json:"maximum_num_link_account"`
|
MaximumNumLinkAccount int64 `json:"maximum_num_link_account"`
|
||||||
@ -407,6 +408,7 @@ func (mg *Maingate) RegisterHandlers(ctx context.Context, serveMux *http.ServeMu
|
|||||||
if len(allServices) > 0 {
|
if len(allServices) > 0 {
|
||||||
only := allServices[0]
|
only := allServices[0]
|
||||||
only.prepare(mg)
|
only.prepare(mg)
|
||||||
|
only.mustUseChecksum = config.MustUseChecksum
|
||||||
|
|
||||||
atomic.StorePointer(&mg.serviceptr, unsafe.Pointer(only))
|
atomic.StorePointer(&mg.serviceptr, unsafe.Pointer(only))
|
||||||
} else {
|
} else {
|
||||||
|
|||||||
@ -2,6 +2,8 @@ package core
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/md5"
|
||||||
|
"encoding/hex"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
@ -113,6 +115,7 @@ type serviceDescription struct {
|
|||||||
divisionsSerialized []byte
|
divisionsSerialized []byte
|
||||||
serviceSerialized []byte
|
serviceSerialized []byte
|
||||||
divisionsSplits map[string][]byte
|
divisionsSplits map[string][]byte
|
||||||
|
mustUseChecksum bool
|
||||||
}
|
}
|
||||||
|
|
||||||
func (sh *serviceDescription) isValidToken(apiToken primitive.ObjectID) bool {
|
func (sh *serviceDescription) isValidToken(apiToken primitive.ObjectID) bool {
|
||||||
@ -613,7 +616,23 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
|||||||
queryvals := r.URL.Query()
|
queryvals := r.URL.Query()
|
||||||
authtype := queryvals.Get("type")
|
authtype := queryvals.Get("type")
|
||||||
uid := queryvals.Get("id")
|
uid := queryvals.Get("id")
|
||||||
if sk := queryvals.Get("sk"); len(sk) > 0 {
|
sk := queryvals.Get("sk")
|
||||||
|
|
||||||
|
checksum := r.Header.Get("AS-X-CHECKSUM")
|
||||||
|
if len(checksum) > 0 || sh.mustUseChecksum {
|
||||||
|
nonce := queryvals.Get("nonce")
|
||||||
|
cookie := r.Header.Get("Cookie")
|
||||||
|
|
||||||
|
h := md5.New()
|
||||||
|
h.Write([]byte(cookie + nonce + sk))
|
||||||
|
|
||||||
|
if checksum != hex.EncodeToString(h.Sum(nil)) {
|
||||||
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if len(sk) > 0 {
|
||||||
success, err := sh.sessionProvider.Touch(sk)
|
success, err := sh.sessionProvider.Touch(sk)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Error("authorize failed. sessionProvider.Touch err:", err)
|
logger.Error("authorize failed. sessionProvider.Touch err:", err)
|
||||||
@ -723,7 +742,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
sk, err := sh.sessionProvider.New(&session.Authorization{
|
sk, err = sh.sessionProvider.New(&session.Authorization{
|
||||||
Account: accid,
|
Account: accid,
|
||||||
Platform: authtype,
|
Platform: authtype,
|
||||||
Uid: uid,
|
Uid: uid,
|
||||||
|
|||||||
2
go.mod
2
go.mod
@ -7,7 +7,7 @@ require (
|
|||||||
github.com/golang-jwt/jwt v3.2.2+incompatible
|
github.com/golang-jwt/jwt v3.2.2+incompatible
|
||||||
go.mongodb.org/mongo-driver v1.11.7
|
go.mongodb.org/mongo-driver v1.11.7
|
||||||
google.golang.org/api v0.128.0
|
google.golang.org/api v0.128.0
|
||||||
repositories.action2quare.com/ayo/gocommon v0.0.0-20240201092859-c71a74762de7
|
repositories.action2quare.com/ayo/gocommon v0.0.0-20240329000615-564827dd9c5b
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
|
|||||||
2
go.sum
2
go.sum
@ -270,3 +270,5 @@ honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWh
|
|||||||
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||||
repositories.action2quare.com/ayo/gocommon v0.0.0-20240201092859-c71a74762de7 h1:ikDwKNiRXJlIBueAVmp9p2To+lRN9zTzGSvVHCXgFnI=
|
repositories.action2quare.com/ayo/gocommon v0.0.0-20240201092859-c71a74762de7 h1:ikDwKNiRXJlIBueAVmp9p2To+lRN9zTzGSvVHCXgFnI=
|
||||||
repositories.action2quare.com/ayo/gocommon v0.0.0-20240201092859-c71a74762de7/go.mod h1:Gb418rT96M3K7L/XMPzp8IJj4UXVunq7dZzrxsMBz/8=
|
repositories.action2quare.com/ayo/gocommon v0.0.0-20240201092859-c71a74762de7/go.mod h1:Gb418rT96M3K7L/XMPzp8IJj4UXVunq7dZzrxsMBz/8=
|
||||||
|
repositories.action2quare.com/ayo/gocommon v0.0.0-20240329000615-564827dd9c5b h1:7eeSfrMutg4YjvlWfDpQm7n/Rxb4zg7TC7x/xHf065c=
|
||||||
|
repositories.action2quare.com/ayo/gocommon v0.0.0-20240329000615-564827dd9c5b/go.mod h1:Gb418rT96M3K7L/XMPzp8IJj4UXVunq7dZzrxsMBz/8=
|
||||||
|
|||||||
Reference in New Issue
Block a user