1.重构认证方式的代码,方便未来扩展 2.补充测试用例

2025-08-08 08:22:26 +08:00 · 2022-06-06 21:25:19 +08:00
parent c38f1e9b8c
commit b06c035cce
6 changed files with 149 additions and 76 deletions
--- a/server/dbdata/user.go
+++ b/server/dbdata/user.go
@@ -1,8 +1,6 @@
 package dbdata

 import (
-	"context"
-	"encoding/json"
 	"errors"
 	"fmt"
 	"sync"
@@ -10,8 +8,6 @@ import (

 	"github.com/bjdgyc/anylink/pkg/utils"
 	"github.com/xlzd/gotp"
-	"layeh.com/radius"
-	"layeh.com/radius/rfc2865"
 )

 // type User struct {
@@ -82,15 +78,18 @@ func CheckUser(name, pwd, group string) error {
 	if len(groupData.Auth) == 0 {
 		groupData.Auth["type"] = "local"
 	}
-	switch groupData.Auth["type"] {
-	case "", "local":
+	authType := groupData.Auth["type"].(string)
+	// 本地认证方式
+	if authType == "local" {
 		return checkLocalUser(name, pwd, group)
-	case "radius":
-		return checkRadiusUser(name, pwd, groupData.Auth)
-	default:
-		return fmt.Errorf("%s %s", name, "无效的认证类型")
 	}
-	return nil
+	// 其它认证方式, 支持自定义
+	_, ok := authRegistry[authType]
+	if !ok {
+		return fmt.Errorf("%s %s", "未知的认证方式: ", authType)
+	}
+	auth := makeInstance(authType).(IUserAuth)
+	return auth.checkUser(name, pwd, groupData.Auth)
 }

 // 验证本地用户登陆信息
@@ -135,35 +134,6 @@ func checkLocalUser(name, pwd, group string) error {
 	return nil
 }

-func checkRadiusUser(name string, pwd string, auth map[string]interface{}) error {
-	if _, ok := auth["radius"]; !ok {
-		fmt.Errorf("%s %s", name, "Radius的radius值不存在")
-	}
-	radiusConf := AuthRadius{}
-	bodyBytes, err := json.Marshal(auth["radius"])
-	if err != nil {
-		fmt.Errorf("%s %s", name, "Radius Marshal出现错误")
-	}
-	err = json.Unmarshal(bodyBytes, &radiusConf)
-	if err != nil {
-		fmt.Errorf("%s %s", name, "Radius Unmarshal出现错误")
-	}
-	// radius认证时，设置超时3秒
-	packet := radius.New(radius.CodeAccessRequest, []byte(radiusConf.Secret))
-	rfc2865.UserName_SetString(packet, name)
-	rfc2865.UserPassword_SetString(packet, pwd)
-	ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
-	defer done()
-	response, err := radius.Exchange(ctx, packet, radiusConf.Addr)
-	if err != nil {
-		return fmt.Errorf("%s %s", name, "Radius服务器连接异常, 请检测服务器和端口")
-	}
-	if response.Code != radius.CodeAccessAccept {
-		return fmt.Errorf("%s %s", name, "Radius：用户名或密码错误")
-	}
-	return nil
-}
-
 var (
 	userOtpMux = sync.Mutex{}
 	userOtp    = map[string]time.Time{}