7x31/anylink
1
0
Fork 0
mirror of https://github.com/bjdgyc/anylink.git synced 2025-08-08 06:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

管理用户支持otp

Browse Source
This commit is contained in:
bjdgyc
2023-07-24 17:26:52 +08:00
parent 254110ebff
commit 91a9190379
8 changed files with 69 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
server/admin/api_base.go
View File

@@ -8,6 +8,7 @@ import (
"github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/pkg/utils"
"github.com/gorilla/mux"
"github.com/xlzd/gotp"
)
// Login 登陆接口
@@ -20,6 +21,30 @@ func Login(w http.ResponseWriter, r *http.Request) {
adminUser := r.PostFormValue("admin_user")
adminPass := r.PostFormValue("admin_pass")
// 启用otp验证
if base.Cfg.AdminOtp != "" {
pwd := adminPass
pl := len(pwd)
if pl < 6 {
RespError(w, RespUserOrPassErr)
base.Error(adminUser, "otp错误")
return
}
// 判断otp信息
adminPass = pwd[:pl-6]
otp := pwd[pl-6:]
totp := gotp.NewDefaultTOTP(base.Cfg.AdminOtp)
unix := time.Now().Unix()
verify := totp.Verify(otp, int(unix))
if !verify {
RespError(w, RespUserOrPassErr)
base.Error(adminUser, "otp错误")
return
}
}
// 认证错误
if !(adminUser == base.Cfg.AdminUser &&
utils.PasswordVerify(adminPass, base.Cfg.AdminPass)) {