增加管理后台

2025-08-11 01:48:02 +08:00 · 2020-12-16 16:36:56 +08:00
parent 31b1f12dbe
commit a9584000c6
68 changed files with 2408 additions and 1281 deletions
--- a/handler/link_base.go
+++ b/handler/link_base.go
@@ -0,0 +1,89 @@
+package handler
+
+import (
+	"encoding/xml"
+	"fmt"
+	"log"
+	"net/http"
+	"os/exec"
+	"strings"
+)
+
+const BufferSize = 2048
+
+type ClientRequest struct {
+	XMLName              xml.Name       `xml:"config-auth"`
+	Client               string         `xml:"client,attr"`                 // 一般都是 vpn
+	Type                 string         `xml:"type,attr"`                   // 请求类型 init logout auth-reply
+	AggregateAuthVersion string         `xml:"aggregate-auth-version,attr"` // 一般都是 2
+	Version              string         `xml:"version"`                     // 客户端版本号
+	GroupAccess          string         `xml:"group-access"`                // 请求的地址
+	GroupSelect          string         `xml:"group-select"`                // 选择的组名
+	SessionId            string         `xml:"session-id"`
+	SessionToken         string         `xml:"session-token"`
+	Auth                 auth           `xml:"auth"`
+	DeviceId             deviceId       `xml:"device-id"`
+	MacAddressList       macAddressList `xml:"mac-address-list"`
+}
+
+type auth struct {
+	Username string `xml:"username"`
+	Password string `xml:"password"`
+}
+
+type deviceId struct {
+	ComputerName    string `xml:"computer-name,attr"`
+	DeviceType      string `xml:"device-type,attr"`
+	PlatformVersion string `xml:"platform-version,attr"`
+	UniqueId        string `xml:"unique-id,attr"`
+	UniqueIdGlobal  string `xml:"unique-id-global,attr"`
+}
+
+type macAddressList struct {
+	MacAddress string `xml:"mac-address"`
+}
+
+// 判断anyconnect客户端
+func checkLinkClient(h http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		// TODO 调试信息输出
+		// hd, _ := httputil.DumpRequest(r, true)
+		// fmt.Println("DumpRequest: ", string(hd))
+		// fmt.Println(r.RemoteAddr)
+
+		userAgent := strings.ToLower(r.UserAgent())
+		x_Aggregate_Auth := r.Header.Get("X-Aggregate-Auth")
+		x_Transcend_Version := r.Header.Get("X-Transcend-Version")
+		if strings.Contains(userAgent, "anyconnect") &&
+			x_Aggregate_Auth == "1" && x_Transcend_Version == "1" {
+			h(w, r)
+		} else {
+			w.WriteHeader(http.StatusForbidden)
+			fmt.Fprintf(w, "error request")
+		}
+	}
+}
+
+func setCommonHeader(w http.ResponseWriter) {
+	// Content-Length Date 默认已经存在
+	w.Header().Set("Content-Type", "text/html; charset=utf-8")
+	w.Header().Set("Cache-Control", "no-store")
+	w.Header().Set("Pragma", "no-cache")
+	w.Header().Set("Transfer-Encoding", "chunked")
+	w.Header().Set("Connection", "keep-alive")
+	w.Header().Set("X-Frame-Options", "SAMEORIGIN")
+	w.Header().Set("X-Aggregate-Auth", "1")
+	w.Header().Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains")
+}
+
+func execCmd(cmdStrs []string) error {
+	for _, cmdStr := range cmdStrs {
+		cmd := exec.Command("bash", "-c", cmdStr)
+		b, err := cmd.CombinedOutput()
+		if err != nil {
+			log.Println(string(b), err)
+			return err
+		}
+	}
+	return nil
+}