mirror of
https://github.com/bjdgyc/anylink.git
synced 2025-09-28 16:15:17 +08:00
Compare commits
98 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
abce53e008 | ||
|
|
507feec72f | ||
|
|
e864585588 | ||
|
315e1deadc | ||
|
|
b562686f68 | ||
|
|
64340b2673 | ||
|
|
5e60feeb9b | ||
|
|
7da226f8d3 | ||
|
|
ce8d04484b | ||
|
|
0945276775 | ||
|
|
13498fc125 | ||
|
|
e9622fa543 | ||
|
|
8329e8ec4f | ||
|
|
8e78ef5c94 | ||
|
|
a77f4cae84 | ||
|
|
a0af89d77d | ||
|
|
2a1686073e | ||
|
|
d5e3e99b48 | ||
|
|
d33eeed180 | ||
|
ee27290b82 | ||
|
|
825a4bc6ca | ||
|
|
39fa986d55 | ||
|
|
740fcf64e9 | ||
|
|
4846c80b04 | ||
|
|
bda23283ec | ||
|
|
8a2350eb6e | ||
|
|
fe47b22cf1 | ||
|
|
2b757b65b6 | ||
|
|
9ef29545bc | ||
|
|
c7d6a76759 | ||
|
|
6deb007d92 | ||
|
|
60898ea2f6 | ||
|
|
0405ed75ab | ||
|
|
7d1b4b5e22 | ||
|
|
7116aaa5a8 | ||
|
|
6ac4e90901 | ||
|
|
874b6914e2 | ||
|
|
9d5b7070d9 | ||
|
|
cad74d7fdb | ||
|
|
152b62ac90 | ||
|
|
5826ebe6eb | ||
|
|
436b8e3129 | ||
|
|
55d7300033 | ||
|
|
dd7d1b0e25 | ||
|
|
5f7b11954a | ||
|
|
ff9d92a693 | ||
|
|
34e555c70c | ||
|
|
f8685490dc | ||
|
|
fdc755bd98 | ||
|
|
96fd114c25 | ||
|
|
bd6ee0b140 | ||
|
|
772b1118eb | ||
|
|
49b40b5ee4 | ||
|
|
cb9d023a96 | ||
|
|
a0569b09f2 | ||
|
|
c0c15815f9 | ||
|
|
1c5b269aa3 | ||
|
|
fe3a10aab9 | ||
|
|
4c219a3127 | ||
|
|
fd383b92f5 | ||
|
|
11bd9861e5 | ||
|
|
57b9e1dc7b | ||
|
|
1c6fc446c9 | ||
|
|
c8cb9c163a | ||
|
|
59748fe395 | ||
|
|
f195ae2d30 | ||
|
|
2fedb281e8 | ||
|
|
175ffd3c3a | ||
|
|
9e700830be | ||
|
|
c5a76ba436 | ||
|
|
1e237d9d20 | ||
|
|
4b78232e1d | ||
|
|
00c5425990 | ||
|
|
b45d5e4cfa | ||
|
|
e8a8773005 | ||
|
|
2ba3625885 | ||
|
|
567f0e8adb | ||
|
|
ad1885798b | ||
|
|
76779de80a | ||
|
|
5b498cbc59 | ||
|
|
cd21ffd7ab | ||
|
|
415f312f40 | ||
|
|
d796a6850a | ||
|
|
7160c3cab7 | ||
|
|
52329e8a2b | ||
|
|
cbdf730481 | ||
|
|
a5487771da | ||
|
|
ff9b7c7dcc | ||
|
|
262af4ac8e | ||
|
|
71539ad09c | ||
|
|
8232f79b4a | ||
|
|
7c810d409b | ||
|
|
ed4e324e77 | ||
|
|
726ae20f75 | ||
|
|
00bbbf414d | ||
|
|
57e2f45398 | ||
|
|
01ab115956 | ||
|
|
9a47714f3f |
2
.github/workflows/go.yml
vendored
2
.github/workflows/go.yml
vendored
@@ -20,7 +20,7 @@ jobs:
|
||||
- name: Set up Go 1.x
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: '1.20'
|
||||
go-version: '1.22'
|
||||
go-version-file: 'server/go.mod'
|
||||
cache-dependency-path: 'server/go.sum'
|
||||
|
||||
|
||||
87
README.md
87
README.md
@@ -12,6 +12,10 @@
|
||||
|
||||
AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。
|
||||
|
||||
使用 AnyLink,你可以随时随地安全的访问你的内部网络。
|
||||
|
||||
With AnyLink, you can securely access your internal network anytime and anywhere.
|
||||
|
||||
## Repo
|
||||
|
||||
> github: https://github.com/bjdgyc/anylink
|
||||
@@ -23,9 +27,11 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同
|
||||
AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
|
||||
协议开发,并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路,使其可以同时兼容 AnyConnect 客户端。
|
||||
|
||||
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以使用私有自签证书,可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
|
||||
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以使用私有自签证书,可以通过 Let's Encrypt 和 TrustAsia
|
||||
申请免费的 SSL 证书。
|
||||
|
||||
AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过,如需要安装在其他系统,需要服务端支持 tun/tap
|
||||
AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18、Ubuntu 20、Ubuntu 20、AnolisOS 8 测试通过,如需要安装在其他系统,需要服务端支持
|
||||
tun/tap
|
||||
功能、ip 设置命令、iptables命令。
|
||||
|
||||
## Screenshot
|
||||
@@ -54,9 +60,9 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
|
||||
>
|
||||
> 也可以添加QQ群 咨询群内大佬
|
||||
>
|
||||
> 添加QQ群①(已满): 567510628
|
||||
> 添加QQ群①: 567510628
|
||||
>
|
||||
> 添加QQ群②: 739072205
|
||||
> <img src="doc/screenshot/qq2.jpg" width="400" />
|
||||
|
||||
### 使用问题
|
||||
|
||||
@@ -125,7 +131,7 @@ sudo ./anylink
|
||||
- [x] 后台管理界面
|
||||
- [x] 访问权限管理
|
||||
- [x] 用户活动审计功能
|
||||
- [x] IP 访问审计功能
|
||||
- [x] IP 访问审计功能(支持多端口、连续端口)
|
||||
- [x] 域名动态拆分隧道(域名路由功能)
|
||||
- [x] radius认证支持
|
||||
- [x] LDAP认证支持
|
||||
@@ -134,6 +140,9 @@ sudo ./anylink
|
||||
- [x] 出口 IP 自动放行
|
||||
- [x] 支持多服务的配置区分
|
||||
- [x] 支持私有自签证书
|
||||
- [x] 支持内网域名解析(指定的域名走内网dns)
|
||||
- [x] 增加用户验证防爆功能(IP BAN)
|
||||
- [x] 支持 docker 非特权模式
|
||||
- [ ] 基于 ipvtap 设备的桥接访问模式
|
||||
|
||||
## Config
|
||||
@@ -158,11 +167,12 @@ sudo ./anylink
|
||||
>
|
||||
> 数据库表结构自动生成,无需手动导入(请赋予 DDL 权限)
|
||||
|
||||
| db_type | db_source |
|
||||
|----------|--------------------------------------------------------|
|
||||
| sqlite3 | ./conf/anylink.db |
|
||||
| mysql | user:password@tcp(127.0.0.1:3306)/anylink?charset=utf8 |
|
||||
| postgres | user:password@localhost/anylink?sslmode=verify-full |
|
||||
| db_type | db_source |
|
||||
|----------|----------------------------------------------------------------------------------------------------------------------|
|
||||
| sqlite3 | ./conf/anylink.db |
|
||||
| mysql | user:password@tcp(127.0.0.1:3306)/anylink?charset=utf8<br/>user:password@tcp(127.0.0.1:3306)/anylink?charset=utf8mb4 |
|
||||
| postgres | postgres://user:password@localhost/anylink?sslmode=verify-full |
|
||||
| mssql | sqlserver://user:password@localhost?database=anylink&connection+timeout=30 |
|
||||
|
||||
> 示例配置文件
|
||||
>
|
||||
@@ -186,7 +196,6 @@ sudo ./anylink
|
||||
>
|
||||
> ubuntu: apt-get install iptables iproute2
|
||||
|
||||
|
||||
### link_mode 设置
|
||||
|
||||
> 以下参数必须设置其中之一
|
||||
@@ -330,6 +339,7 @@ ipv4_end = "10.1.2.200"
|
||||
- centos: `/usr/lib/systemd/system/`
|
||||
- ubuntu: `/lib/systemd/system/`
|
||||
3. 操作命令:
|
||||
- 加载配置: `systemctl daemon-reload`
|
||||
- 启动: `systemctl start anylink`
|
||||
- 停止: `systemctl stop anylink`
|
||||
- 开机自启: `systemctl enable anylink`
|
||||
@@ -346,11 +356,33 @@ ipv4_end = "10.1.2.200"
|
||||
|
||||
## Docker
|
||||
|
||||
### anylink 镜像地址
|
||||
|
||||
对于国内用户,为提高镜像拉取体验,可以考虑拉取存放于阿里云镜像仓库的镜像,镜像名称及标签如下表所示(
|
||||
具体版本号可以查看 `version` 文件):
|
||||
|
||||
| 支持设备/平台 | DockerHub | 阿里云镜像仓库 |
|
||||
|:-------------:|:---------------------:|:---------------------------------------------------------------:|
|
||||
| x86_64/amd64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest |
|
||||
| x86_64/amd64 | bjdgyc/anylink:0.13.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:0.13.1 |
|
||||
| armv8/aarch64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest |
|
||||
| armv8/aarch64 | bjdgyc/anylink:0.13.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-0.13.1 |
|
||||
|
||||
### docker 镜像源地址
|
||||
|
||||
> docker.1ms.run/bjdgyc/anylink:latest
|
||||
>
|
||||
> dockerhub.yydy.link:2023/bjdgyc/anylink:latest
|
||||
|
||||
|
||||
### 操作步骤
|
||||
|
||||
1. 获取镜像
|
||||
```bash
|
||||
# 具体tag可以从docker hub获取
|
||||
# https://hub.docker.com/r/bjdgyc/anylink/tags
|
||||
docker pull bjdgyc/anylink:latest
|
||||
docker pull registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
```
|
||||
|
||||
2. 查看命令信息
|
||||
@@ -375,7 +407,17 @@ ipv4_end = "10.1.2.200"
|
||||
docker run -it --rm bjdgyc/anylink tool -d
|
||||
```
|
||||
|
||||
6. 启动容器
|
||||
6. iptables兼容设置
|
||||
```bash
|
||||
# 默认 iptables 使用 nf_tables 设置转发规则,如果内核低于 4.19 版本,需要特殊配置
|
||||
docker run -itd --name anylink --privileged \
|
||||
-e IPTABLES_LEGACY=on \
|
||||
-p 443:443 -p 8800:8800 -p 443:443/udp \
|
||||
--restart=always \
|
||||
bjdgyc/anylink
|
||||
```
|
||||
|
||||
7. 启动容器
|
||||
```bash
|
||||
# 默认启动
|
||||
docker run -itd --name anylink --privileged \
|
||||
@@ -395,7 +437,7 @@ ipv4_end = "10.1.2.200"
|
||||
docker restart anylink
|
||||
```
|
||||
|
||||
6. 使用自定义参数启动容器
|
||||
8. 使用自定义参数启动容器
|
||||
```bash
|
||||
# 参数可以参考 ./anylink tool -d
|
||||
# 可以使用命令行参数 或者 环境变量 配置
|
||||
@@ -408,7 +450,18 @@ ipv4_end = "10.1.2.200"
|
||||
--ip_lease=1209600 # IP地址租约时长
|
||||
```
|
||||
|
||||
7. 构建镜像 (非必需)
|
||||
9. 使用非特权模式启动容器
|
||||
```bash
|
||||
# 参数可以参考 ./anylink tool -d
|
||||
# 可以使用命令行参数 或者 环境变量 配置
|
||||
docker run -itd --name anylink \
|
||||
-p 443:443 -p 8800:8800 -p 443:443/udp \
|
||||
-v /dev/net/tun:/dev/net/tun --cap-add=NET_ADMIN \
|
||||
--restart=always \
|
||||
bjdgyc/anylink
|
||||
```
|
||||
|
||||
10. 构建镜像 (非必需)
|
||||
```bash
|
||||
#获取仓库源码
|
||||
git clone https://github.com/bjdgyc/anylink.git
|
||||
@@ -437,15 +490,15 @@ ipv4_end = "10.1.2.200"
|
||||
- [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
|
||||
- [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
|
||||
- [三方文档-思有云](https://www.ioiox.com/archives/128.html)
|
||||
- [三方文档-啵品](https://yangpin.link/archives/1633.html)
|
||||
- [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html)
|
||||
|
||||
## Support Client
|
||||
|
||||
- [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
|
||||
- [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
|
||||
- [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
|
||||
- [三方客户端下载地址](https://cisco.yangpin.link) (Windows/macOS/Linux/Android/iOS)
|
||||
|
||||
- 【推荐】三方客户端下载地址(
|
||||
Windows/macOS/Linux/Android/iOS) [国内地址](https://ocserv.yydy.link:2023)
|
||||
|
||||
## Contribution
|
||||
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
action=$1
|
||||
|
||||
ver=$(cat version)
|
||||
echo $ver
|
||||
|
||||
@@ -18,8 +20,8 @@ docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
|
||||
echo "docker tag latest $ver"
|
||||
docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
|
||||
|
||||
exit 0
|
||||
|
||||
docker tag bjdgyc/anylink:latest registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
|
||||
|
||||
docker push registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
|
||||
if [[ $action == "cntest" ]]; then
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
echo registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
fi
|
||||
|
||||
@@ -42,9 +42,10 @@ go build -v -o anylink $flags -ldflags "$ldflags"
|
||||
EOF
|
||||
)
|
||||
|
||||
# golang:1.20-alpine3.19
|
||||
#使用 musl-dev 编译
|
||||
docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
|
||||
golang:1.20-alpine3.19 sh -c "$dockercmd"
|
||||
golang:1.22-alpine3.19 sh -c "$dockercmd"
|
||||
|
||||
#arm64编译
|
||||
#docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
|
||||
|
||||
@@ -12,6 +12,7 @@ services:
|
||||
- 443:443/udp
|
||||
environment:
|
||||
LINK_LOG_LEVEL: info
|
||||
#IPTABLES_LEGACY: "on"
|
||||
command:
|
||||
- --conf=/app/conf/server.toml
|
||||
#volumes:
|
||||
|
||||
27
deploy_docker_cn.sh
Normal file
27
deploy_docker_cn.sh
Normal file
@@ -0,0 +1,27 @@
|
||||
#!/bin/bash
|
||||
|
||||
ver=$(cat version)
|
||||
echo $ver
|
||||
|
||||
echo "docker tag latest $ver"
|
||||
|
||||
docker pull --platform=linux/amd64 bjdgyc/anylink:$ver
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
|
||||
|
||||
docker rmi bjdgyc/anylink:$ver
|
||||
|
||||
#arm64
|
||||
docker pull --platform=linux/arm64 bjdgyc/anylink:$ver
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
|
||||
|
||||
docker rmi bjdgyc/anylink:$ver
|
||||
@@ -12,38 +12,50 @@
|
||||
>
|
||||
> 需要展示主页的同学,可以在QQ群 直接联系我添加。
|
||||
|
||||
| 昵称 | 主页 / 联系方式 |
|
||||
|-----------|------------------------------|
|
||||
| 代码 oo8 | |
|
||||
| 甘磊 | https://github.com/ganlei333 |
|
||||
| Oo@ | https://github.com/chooop |
|
||||
| 虚极静笃 | |
|
||||
| 请喝可乐 | |
|
||||
| 加油加油 | |
|
||||
| 李建 | |
|
||||
| lanbin | |
|
||||
| 乐在东途 | |
|
||||
| 孤鸿 | |
|
||||
| 刘国华 | |
|
||||
| 改名好无聊 | |
|
||||
| 全能互联网专家 | |
|
||||
| JCM | |
|
||||
| Eh... | |
|
||||
| 沉 | |
|
||||
| 刘国华 | |
|
||||
| 忧郁的豚骨拉面 | |
|
||||
| 张小旋当爹地 | |
|
||||
| 对方正在输入 | |
|
||||
| Ronny | |
|
||||
| 奔跑的少年 | |
|
||||
| ZBW | |
|
||||
| 悲鸣 | |
|
||||
| 谢谢 | |
|
||||
| 云思科技 | |
|
||||
| 哆啦A伟(张佳伟) | |
|
||||
| 人类的悲欢并不相通 | |
|
||||
| 做人要低调 | |
|
||||
| 洛洛 | |
|
||||
| 昵称 | 主页 / 联系方式 |
|
||||
|--------------------|------------------------------|
|
||||
| 代码 oo8 | |
|
||||
| 甘磊 | https://github.com/ganlei333 |
|
||||
| Oo@ | https://github.com/chooop |
|
||||
| 虚极静笃 | |
|
||||
| 请喝可乐 | |
|
||||
| 加油加油 | |
|
||||
| 李建 | |
|
||||
| lanbin | |
|
||||
| 乐在东途 | |
|
||||
| 孤鸿 | |
|
||||
| 刘国华 | |
|
||||
| 改名好无聊 | |
|
||||
| 全能互联网专家 | |
|
||||
| JCM | |
|
||||
| Eh... | |
|
||||
| 沉 | |
|
||||
| 刘国华 | |
|
||||
| 忧郁的豚骨拉面 | |
|
||||
| 张小旋当爹地 | |
|
||||
| 对方正在输入 | |
|
||||
| Ronny | |
|
||||
| 奔跑的少年 | |
|
||||
| ZBW | |
|
||||
| 悲鸣 | |
|
||||
| 谢谢 | |
|
||||
| 云思科技 | |
|
||||
| 哆啦A伟(张佳伟) | |
|
||||
| 人类的悲欢并不相通 | |
|
||||
| 做人要低调 | |
|
||||
| 洛洛 | |
|
||||
| Dragon Liao | |
|
||||
| 诸葛御风 | |
|
||||
| 杨杨得亿 | |
|
||||
| Thanataos | |
|
||||
| 憨大叔 | |
|
||||
| 明月 | |
|
||||
| Amis | |
|
||||
| Blake | |
|
||||
| 刘国华 | |
|
||||
| ZBW | |
|
||||
| 全能互联网专家 | |
|
||||
| 广播.会议.音响.无纸化.物联网中控 | |
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -117,3 +117,18 @@ anylink: tun模式 tcp传输
|
||||
> 客户端tls加密协议、隧道header头都会占用一定带宽
|
||||
|
||||
|
||||
### 登录防爆说明
|
||||
|
||||
```
|
||||
1.用户 A 在 IP 1.2.3.4 上尝试登录:
|
||||
用户 A 在 IP 1.2.3.4 上尝试登录失败 5 次,触发了该 IP 上的用户 A 锁定 5 分钟。
|
||||
在这 5 分钟内,用户 A 从 IP 1.2.3.4 无法进行新的登录尝试。
|
||||
2.用户 A 更换 IP 到 1.2.3.5 继续尝试登录:
|
||||
用户 A 在 IP 1.2.3.5 上继续尝试登录,并且累计失败 20 次,触发了全局用户 A 锁定 5 分钟。
|
||||
在这 5 分钟内,用户 A 从任何 IP 地址都无法进行新的登录尝试。
|
||||
3.IP 1.2.3.4 上多个用户尝试登录:
|
||||
如果从 IP 1.2.3.4 上累计有 40 次失败登录尝试(无论来自多少不同的用户),触发了该 IP 的全局锁定 5 分钟。
|
||||
在这 5 分钟内,从 IP 1.2.3.4 的所有登录尝试都将被拒绝。
|
||||
|
||||
如果在 N 分钟内没有新的失败尝试,失败计数会在 N 分钟后(*_reset_time)重置。
|
||||
```
|
||||
BIN
doc/screenshot/qq2.jpg
Normal file
BIN
doc/screenshot/qq2.jpg
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 102 KiB |
@@ -13,7 +13,8 @@
|
||||
# 需要先编译出ui文件后 再执行docker编译
|
||||
|
||||
# server
|
||||
FROM golang:1.20-alpine3.19 as builder_golang
|
||||
# golang:1.20-alpine3.19
|
||||
FROM golang:1.22-alpine3.19 as builder_golang
|
||||
|
||||
ARG CN="no"
|
||||
ARG appVer="appVer"
|
||||
@@ -37,7 +38,9 @@ LABEL maintainer="github.com/bjdgyc"
|
||||
ARG CN="no"
|
||||
|
||||
ENV TZ=Asia/Shanghai
|
||||
ENV ANYLINK_IN_CONTAINER=true
|
||||
#开关变量 on off
|
||||
ENV ANYLINK_IN_CONTAINER="on"
|
||||
ENV IPTABLES_LEGACY="off"
|
||||
|
||||
WORKDIR /app
|
||||
COPY docker/init_release.sh /tmp/
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
#!/bin/sh
|
||||
#!/bin/bash
|
||||
var1=$1
|
||||
|
||||
#set -x
|
||||
@@ -19,13 +19,19 @@ case $var1 in
|
||||
#iptables -nL -t nat
|
||||
|
||||
# 启动服务 先判断配置文件是否存在
|
||||
if [ ! -f /app/conf/profile.xml ]; then
|
||||
if [[ ! -f /app/conf/profile.xml ]]; then
|
||||
/bin/cp -r /home/conf-bak/* /app/conf/
|
||||
echo "After the configuration file is initialized, the container will be forcibly exited. Restart the container."
|
||||
echo "配置文件初始化完成后,容器会强制退出,请重新启动容器。"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 兼容老版本 iptables
|
||||
if [[ $IPTABLES_LEGACY == "on" ]]; then
|
||||
rm /sbin/iptables
|
||||
ln -s /sbin/iptables-legacy /sbin/iptables
|
||||
fi
|
||||
|
||||
exec /app/anylink "$@"
|
||||
;;
|
||||
esac
|
||||
|
||||
@@ -9,12 +9,17 @@ if [[ $CN == "yes" ]]; then
|
||||
export GOPROXY=https://goproxy.cn
|
||||
fi
|
||||
|
||||
# alpine:3.19 兼容老版 iptables
|
||||
apk add --no-cache iptables iptables-legacy
|
||||
rm /sbin/iptables
|
||||
ln -s /sbin/iptables-legacy /sbin/iptables
|
||||
|
||||
apk add --no-cache ca-certificates bash iproute2 tzdata
|
||||
# docker 启动使用 4.19 以上内核
|
||||
apk add --no-cache ca-certificates bash iproute2 tzdata iptables inetutils-telnet
|
||||
|
||||
# alpine:3.19 兼容老版本 iptables
|
||||
apk add --no-cache iptables-legacy
|
||||
|
||||
#rm /sbin/iptables
|
||||
#ln -s /sbin/iptables-legacy /sbin/iptables
|
||||
|
||||
|
||||
chmod +x /app/docker_entrypoint.sh
|
||||
mkdir /app/log
|
||||
|
||||
|
||||
@@ -110,6 +110,7 @@ func UploadUser(file string) error {
|
||||
if err := dbdata.AddBatch(user); err != nil {
|
||||
return fmt.Errorf("请检查第%d行数据是否导入有重复用户", index)
|
||||
}
|
||||
user.PinCode = row[4]
|
||||
if user.SendEmail {
|
||||
if err := userAccountMail(user); err != nil {
|
||||
return err
|
||||
|
||||
@@ -15,6 +15,7 @@ import (
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/bjdgyc/anylink/dbdata"
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
"github.com/skip2/go-qrcode"
|
||||
mail "github.com/xhit/go-simple-mail/v2"
|
||||
@@ -98,11 +99,17 @@ func UserSet(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if len(data.PinCode) < 6 {
|
||||
data.PinCode = utils.RandomRunes(8)
|
||||
base.Info("用户", data.Username, "随机密码为:", data.PinCode)
|
||||
}
|
||||
plainpwd := data.PinCode
|
||||
err = dbdata.SetUser(data)
|
||||
if err != nil {
|
||||
RespError(w, RespInternalErr, err)
|
||||
return
|
||||
}
|
||||
data.PinCode = plainpwd
|
||||
|
||||
// 发送邮件
|
||||
if data.SendEmail {
|
||||
@@ -180,7 +187,15 @@ func userOtpQr(uid int, b64 bool) (string, error) {
|
||||
|
||||
// 在线用户
|
||||
func UserOnline(w http.ResponseWriter, r *http.Request) {
|
||||
datas := sessdata.OnlineSess()
|
||||
_ = r.ParseForm()
|
||||
search_cate := r.FormValue("search_cate")
|
||||
search_text := r.FormValue("search_text")
|
||||
show_sleeper := r.FormValue("show_sleeper")
|
||||
showSleeper, _ := strconv.ParseBool(show_sleeper)
|
||||
// one_offline := r.FormValue("one_offline")
|
||||
|
||||
// datas := sessdata.OnlineSess()
|
||||
datas := sessdata.GetOnlineSess(search_cate, search_text, showSleeper)
|
||||
|
||||
data := map[string]interface{}{
|
||||
"count": len(datas),
|
||||
@@ -212,6 +227,7 @@ type userAccountMailData struct {
|
||||
Username string
|
||||
Nickname string
|
||||
PinCode string
|
||||
LimitTime string
|
||||
OtpImg string
|
||||
OtpImgBase64 string
|
||||
DisableOtp bool
|
||||
@@ -268,6 +284,13 @@ func userAccountMail(user *dbdata.User) error {
|
||||
OtpImgBase64: "data:image/png;base64," + otpData,
|
||||
DisableOtp: user.DisableOtp,
|
||||
}
|
||||
|
||||
if user.LimitTime == nil {
|
||||
data.LimitTime = "无限制"
|
||||
} else {
|
||||
data.LimitTime = user.LimitTime.Local().Format("2006-01-02")
|
||||
}
|
||||
|
||||
w := bytes.NewBufferString("")
|
||||
t, _ := template.New("auth_complete").Parse(htmlBody)
|
||||
err = t.Execute(w, data)
|
||||
|
||||
465
server/admin/lockmanager.go
Normal file
465
server/admin/lockmanager.go
Normal file
@@ -0,0 +1,465 @@
|
||||
package admin
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
)
|
||||
|
||||
type LockInfo struct {
|
||||
Description string `json:"description"` // 锁定原因
|
||||
Username string `json:"username"` // 用户名
|
||||
IP string `json:"ip"` // IP 地址
|
||||
State *LockState `json:"state"` // 锁定状态信息
|
||||
}
|
||||
type LockState struct {
|
||||
Locked bool `json:"locked"` // 是否锁定
|
||||
FailureCount int `json:"attempts"` // 失败次数
|
||||
LockTime time.Time `json:"lock_time"` // 锁定截止时间
|
||||
LastAttempt time.Time `json:"lastAttempt"` // 最后一次尝试的时间
|
||||
}
|
||||
type IPWhitelists struct {
|
||||
IP net.IP
|
||||
CIDR *net.IPNet
|
||||
}
|
||||
|
||||
type LockManager struct {
|
||||
mu sync.Mutex
|
||||
// LoginStatus sync.Map // 登录状态
|
||||
ipLocks map[string]*LockState // 全局IP锁定状态
|
||||
userLocks map[string]*LockState // 全局用户锁定状态
|
||||
ipUserLocks map[string]map[string]*LockState // 单用户IP锁定状态
|
||||
ipWhitelists []IPWhitelists // 全局IP白名单,包含IP地址和CIDR范围
|
||||
cleanupTicker *time.Ticker
|
||||
}
|
||||
|
||||
var lockmanager *LockManager
|
||||
var once sync.Once
|
||||
|
||||
func GetLockManager() *LockManager {
|
||||
once.Do(func() {
|
||||
lockmanager = &LockManager{
|
||||
// LoginStatus: sync.Map{},
|
||||
ipLocks: make(map[string]*LockState),
|
||||
userLocks: make(map[string]*LockState),
|
||||
ipUserLocks: make(map[string]map[string]*LockState),
|
||||
ipWhitelists: make([]IPWhitelists, 0),
|
||||
}
|
||||
})
|
||||
return lockmanager
|
||||
}
|
||||
|
||||
const defaultGlobalLockStateExpirationTime = 3600
|
||||
|
||||
func InitLockManager() {
|
||||
lm := GetLockManager()
|
||||
if base.Cfg.AntiBruteForce {
|
||||
if base.Cfg.GlobalLockStateExpirationTime <= 0 {
|
||||
base.Cfg.GlobalLockStateExpirationTime = defaultGlobalLockStateExpirationTime
|
||||
}
|
||||
lm.StartCleanupTicker()
|
||||
lm.InitIPWhitelist()
|
||||
}
|
||||
}
|
||||
|
||||
func GetLocksInfo(w http.ResponseWriter, r *http.Request) {
|
||||
lm := GetLockManager()
|
||||
locksInfo := lm.GetLocksInfo()
|
||||
|
||||
RespSucess(w, locksInfo)
|
||||
}
|
||||
|
||||
func UnlockUser(w http.ResponseWriter, r *http.Request) {
|
||||
body, err := io.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
RespError(w, RespInternalErr, err)
|
||||
return
|
||||
}
|
||||
lockinfo := LockInfo{}
|
||||
if err := json.Unmarshal(body, &lockinfo); err != nil {
|
||||
RespError(w, RespInternalErr, err)
|
||||
return
|
||||
}
|
||||
|
||||
if lockinfo.State == nil {
|
||||
RespError(w, RespInternalErr, "未找到锁定用户!")
|
||||
return
|
||||
}
|
||||
lm := GetLockManager()
|
||||
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
// 根据用户名和IP查找锁定状态
|
||||
var state *LockState
|
||||
switch {
|
||||
case lockinfo.IP == "" && lockinfo.Username != "":
|
||||
state = lm.userLocks[lockinfo.Username] // 全局用户锁定
|
||||
case lockinfo.Username != "" && lockinfo.IP != "":
|
||||
if userIPMap, exists := lm.ipUserLocks[lockinfo.Username]; exists {
|
||||
state = userIPMap[lockinfo.IP] // 单用户 IP 锁定
|
||||
}
|
||||
default:
|
||||
state = lm.ipLocks[lockinfo.IP] // 全局 IP 锁定
|
||||
}
|
||||
|
||||
if state == nil || !state.Locked {
|
||||
RespError(w, RespInternalErr, "锁定状态未找到或已解锁")
|
||||
return
|
||||
}
|
||||
|
||||
lm.Unlock(state)
|
||||
base.Info("解锁成功:", lockinfo.Description, lockinfo.Username, lockinfo.IP)
|
||||
|
||||
RespSucess(w, "解锁成功!")
|
||||
}
|
||||
|
||||
func (lm *LockManager) GetLocksInfo() []LockInfo {
|
||||
var locksInfo []LockInfo
|
||||
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
for ip, state := range lm.ipLocks {
|
||||
if base.Cfg.MaxGlobalIPBanCount > 0 && state.Locked {
|
||||
info := LockInfo{
|
||||
Description: "全局IP锁定",
|
||||
Username: "",
|
||||
IP: ip,
|
||||
State: &LockState{
|
||||
Locked: state.Locked,
|
||||
FailureCount: state.FailureCount,
|
||||
LockTime: state.LockTime,
|
||||
LastAttempt: state.LastAttempt,
|
||||
},
|
||||
}
|
||||
locksInfo = append(locksInfo, info)
|
||||
}
|
||||
}
|
||||
|
||||
for username, state := range lm.userLocks {
|
||||
if base.Cfg.MaxGlobalUserBanCount > 0 && state.Locked {
|
||||
info := LockInfo{
|
||||
Description: "全局用户锁定",
|
||||
Username: username,
|
||||
IP: "",
|
||||
State: &LockState{
|
||||
Locked: state.Locked,
|
||||
FailureCount: state.FailureCount,
|
||||
LockTime: state.LockTime,
|
||||
LastAttempt: state.LastAttempt,
|
||||
},
|
||||
}
|
||||
locksInfo = append(locksInfo, info)
|
||||
}
|
||||
}
|
||||
|
||||
for username, ipStates := range lm.ipUserLocks {
|
||||
for ip, state := range ipStates {
|
||||
if base.Cfg.MaxBanCount > 0 && state.Locked {
|
||||
info := LockInfo{
|
||||
Description: "单用户IP锁定",
|
||||
Username: username,
|
||||
IP: ip,
|
||||
State: &LockState{
|
||||
Locked: state.Locked,
|
||||
FailureCount: state.FailureCount,
|
||||
LockTime: state.LockTime,
|
||||
LastAttempt: state.LastAttempt,
|
||||
},
|
||||
}
|
||||
locksInfo = append(locksInfo, info)
|
||||
}
|
||||
}
|
||||
}
|
||||
return locksInfo
|
||||
}
|
||||
|
||||
// 初始化IP白名单
|
||||
func (lm *LockManager) InitIPWhitelist() {
|
||||
ipWhitelist := strings.Split(base.Cfg.IPWhitelist, ",")
|
||||
for _, ipWhitelist := range ipWhitelist {
|
||||
ipWhitelist = strings.TrimSpace(ipWhitelist)
|
||||
if ipWhitelist == "" {
|
||||
continue
|
||||
}
|
||||
|
||||
_, ipNet, err := net.ParseCIDR(ipWhitelist)
|
||||
if err == nil {
|
||||
lm.ipWhitelists = append(lm.ipWhitelists, IPWhitelists{CIDR: ipNet})
|
||||
continue
|
||||
}
|
||||
|
||||
ip := net.ParseIP(ipWhitelist)
|
||||
if ip != nil {
|
||||
lm.ipWhitelists = append(lm.ipWhitelists, IPWhitelists{IP: ip})
|
||||
continue
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// 检查 IP 是否在白名单中
|
||||
func (lm *LockManager) IsWhitelisted(ip string) bool {
|
||||
clientIP := net.ParseIP(ip)
|
||||
if clientIP == nil {
|
||||
return false
|
||||
}
|
||||
for _, ipWhitelist := range lm.ipWhitelists {
|
||||
if ipWhitelist.CIDR != nil && ipWhitelist.CIDR.Contains(clientIP) {
|
||||
return true
|
||||
}
|
||||
if ipWhitelist.IP != nil && ipWhitelist.IP.Equal(clientIP) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
func (lm *LockManager) StartCleanupTicker() {
|
||||
lm.cleanupTicker = time.NewTicker(1 * time.Minute)
|
||||
go func() {
|
||||
for range lm.cleanupTicker.C {
|
||||
lm.CleanupExpiredLocks()
|
||||
}
|
||||
}()
|
||||
}
|
||||
|
||||
// 定期清理过期的锁定
|
||||
func (lm *LockManager) CleanupExpiredLocks() {
|
||||
now := time.Now()
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
for ip, state := range lm.ipLocks {
|
||||
if !lm.CheckLockState(state, now, base.Cfg.GlobalIPBanResetTime) ||
|
||||
now.Sub(state.LastAttempt) > time.Duration(base.Cfg.GlobalLockStateExpirationTime)*time.Second {
|
||||
delete(lm.ipLocks, ip)
|
||||
}
|
||||
}
|
||||
|
||||
for user, state := range lm.userLocks {
|
||||
if !lm.CheckLockState(state, now, base.Cfg.GlobalUserBanResetTime) ||
|
||||
now.Sub(state.LastAttempt) > time.Duration(base.Cfg.GlobalLockStateExpirationTime)*time.Second {
|
||||
delete(lm.userLocks, user)
|
||||
}
|
||||
}
|
||||
|
||||
for user, ipMap := range lm.ipUserLocks {
|
||||
for ip, state := range ipMap {
|
||||
if !lm.CheckLockState(state, now, base.Cfg.BanResetTime) ||
|
||||
now.Sub(state.LastAttempt) > time.Duration(base.Cfg.GlobalLockStateExpirationTime)*time.Second {
|
||||
delete(ipMap, ip)
|
||||
if len(ipMap) == 0 {
|
||||
delete(lm.ipUserLocks, user)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// 检查全局 IP 锁定
|
||||
func (lm *LockManager) CheckGlobalIPLock(ip string, now time.Time) bool {
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
state, exists := lm.ipLocks[ip]
|
||||
if !exists {
|
||||
return false
|
||||
}
|
||||
|
||||
return lm.CheckLockState(state, now, base.Cfg.GlobalIPBanResetTime)
|
||||
}
|
||||
|
||||
// 检查全局用户锁定
|
||||
func (lm *LockManager) CheckGlobalUserLock(username string, now time.Time) bool {
|
||||
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
|
||||
if username == "" {
|
||||
return false
|
||||
}
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
state, exists := lm.userLocks[username]
|
||||
if !exists {
|
||||
return false
|
||||
}
|
||||
return lm.CheckLockState(state, now, base.Cfg.GlobalUserBanResetTime)
|
||||
}
|
||||
|
||||
// 检查单个用户的 IP 锁定
|
||||
func (lm *LockManager) CheckUserIPLock(username, ip string, now time.Time) bool {
|
||||
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
|
||||
if username == "" {
|
||||
return false
|
||||
}
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
userIPMap, userExists := lm.ipUserLocks[username]
|
||||
if !userExists {
|
||||
return false
|
||||
}
|
||||
|
||||
state, ipExists := userIPMap[ip]
|
||||
if !ipExists {
|
||||
return false
|
||||
}
|
||||
|
||||
return lm.CheckLockState(state, now, base.Cfg.BanResetTime)
|
||||
}
|
||||
|
||||
// 更新全局 IP 锁定状态
|
||||
func (lm *LockManager) UpdateGlobalIPLock(ip string, now time.Time, success bool) {
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
state, exists := lm.ipLocks[ip]
|
||||
if !exists {
|
||||
state = &LockState{}
|
||||
lm.ipLocks[ip] = state
|
||||
}
|
||||
|
||||
lm.UpdateLockState(state, now, success, base.Cfg.MaxGlobalIPBanCount, base.Cfg.GlobalIPLockTime)
|
||||
}
|
||||
|
||||
// 更新全局用户锁定状态
|
||||
func (lm *LockManager) UpdateGlobalUserLock(username string, now time.Time, success bool) {
|
||||
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
|
||||
if username == "" {
|
||||
return
|
||||
}
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
state, exists := lm.userLocks[username]
|
||||
if !exists {
|
||||
state = &LockState{}
|
||||
lm.userLocks[username] = state
|
||||
}
|
||||
|
||||
lm.UpdateLockState(state, now, success, base.Cfg.MaxGlobalUserBanCount, base.Cfg.GlobalUserLockTime)
|
||||
}
|
||||
|
||||
// 更新单个用户的 IP 锁定状态
|
||||
func (lm *LockManager) UpdateUserIPLock(username, ip string, now time.Time, success bool) {
|
||||
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
|
||||
if username == "" {
|
||||
return
|
||||
}
|
||||
lm.mu.Lock()
|
||||
defer lm.mu.Unlock()
|
||||
|
||||
userIPMap, userExists := lm.ipUserLocks[username]
|
||||
if !userExists {
|
||||
userIPMap = make(map[string]*LockState)
|
||||
lm.ipUserLocks[username] = userIPMap
|
||||
}
|
||||
|
||||
state, ipExists := userIPMap[ip]
|
||||
if !ipExists {
|
||||
state = &LockState{}
|
||||
userIPMap[ip] = state
|
||||
}
|
||||
|
||||
lm.UpdateLockState(state, now, success, base.Cfg.MaxBanCount, base.Cfg.LockTime)
|
||||
}
|
||||
|
||||
// 更新锁定状态
|
||||
func (lm *LockManager) UpdateLockState(state *LockState, now time.Time, success bool, maxBanCount, lockTime int) {
|
||||
if success {
|
||||
lm.Unlock(state) // 成功登录后解锁
|
||||
} else {
|
||||
state.FailureCount++
|
||||
if state.FailureCount >= maxBanCount {
|
||||
state.LockTime = now.Add(time.Duration(lockTime) * time.Second)
|
||||
state.Locked = true // 超过阈值时锁定
|
||||
}
|
||||
}
|
||||
state.LastAttempt = now
|
||||
}
|
||||
|
||||
// 检查锁定状态
|
||||
func (lm *LockManager) CheckLockState(state *LockState, now time.Time, resetTime int) bool {
|
||||
if state == nil || state.LastAttempt.IsZero() {
|
||||
return false
|
||||
}
|
||||
|
||||
// 如果超过锁定时间,重置锁定状态
|
||||
if !state.LockTime.IsZero() && now.After(state.LockTime) {
|
||||
lm.Unlock(state) // 锁定期过后解锁
|
||||
return false
|
||||
}
|
||||
// 如果超过窗口时间,重置失败计数
|
||||
if now.Sub(state.LastAttempt) > time.Duration(resetTime)*time.Second {
|
||||
state.FailureCount = 0
|
||||
return false
|
||||
}
|
||||
return state.Locked
|
||||
}
|
||||
|
||||
// 解锁
|
||||
func (lm *LockManager) Unlock(state *LockState) {
|
||||
state.FailureCount = 0
|
||||
state.LockTime = time.Time{}
|
||||
state.Locked = false
|
||||
}
|
||||
|
||||
// 检查锁定状态
|
||||
func (lm *LockManager) CheckLocked(username, ipaddr string) bool {
|
||||
if !base.Cfg.AntiBruteForce {
|
||||
return true
|
||||
}
|
||||
|
||||
ip, _, err := net.SplitHostPort(ipaddr) // 提取纯 IP 地址,去掉端口号
|
||||
if err != nil {
|
||||
base.Error("检查锁定状态失败,提取IP地址错误:", ipaddr)
|
||||
return true
|
||||
}
|
||||
now := time.Now()
|
||||
|
||||
// 检查IP是否在白名单中
|
||||
if lm.IsWhitelisted(ip) {
|
||||
return true
|
||||
}
|
||||
|
||||
// 检查全局 IP 锁定
|
||||
if base.Cfg.MaxGlobalIPBanCount > 0 && lm.CheckGlobalIPLock(ip, now) {
|
||||
base.Warn("IP", ip, "is globally locked. Try again later.")
|
||||
return false
|
||||
}
|
||||
|
||||
// 检查全局用户锁定
|
||||
if base.Cfg.MaxGlobalUserBanCount > 0 && lm.CheckGlobalUserLock(username, now) {
|
||||
base.Warn("User", username, "is globally locked. Try again later.")
|
||||
return false
|
||||
}
|
||||
|
||||
// 检查单个用户的 IP 锁定
|
||||
if base.Cfg.MaxBanCount > 0 && lm.CheckUserIPLock(username, ip, now) {
|
||||
base.Warn("IP", ip, "is locked for user", username, "Try again later.")
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
// 更新用户登录状态
|
||||
func (lm *LockManager) UpdateLoginStatus(username, ipaddr string, loginStatus bool) {
|
||||
ip, _, err := net.SplitHostPort(ipaddr) // 提取纯 IP 地址,去掉端口号
|
||||
if err != nil {
|
||||
base.Error("更新登录状态失败,提取IP地址错误:", ipaddr)
|
||||
return
|
||||
}
|
||||
now := time.Now()
|
||||
|
||||
// 更新用户登录状态
|
||||
lm.UpdateGlobalIPLock(ip, now, loginStatus)
|
||||
lm.UpdateGlobalUserLock(username, now, loginStatus)
|
||||
lm.UpdateUserIPLock(username, ip, now, loginStatus)
|
||||
}
|
||||
@@ -87,6 +87,8 @@ func StartAdmin() {
|
||||
r.HandleFunc("/group/auth_login", GroupAuthLogin)
|
||||
|
||||
r.HandleFunc("/statsinfo/list", StatsInfoList)
|
||||
r.HandleFunc("/locksinfo/list", GetLocksInfo)
|
||||
r.HandleFunc("/locksinfo/unlok", UnlockUser)
|
||||
|
||||
// pprof
|
||||
if base.Cfg.Pprof {
|
||||
|
||||
@@ -5,6 +5,9 @@ import (
|
||||
"os"
|
||||
"path/filepath"
|
||||
"reflect"
|
||||
"strings"
|
||||
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
)
|
||||
|
||||
const (
|
||||
@@ -31,28 +34,29 @@ var (
|
||||
|
||||
type ServerConfig struct {
|
||||
// LinkAddr string `json:"link_addr"`
|
||||
Conf string `json:"conf"`
|
||||
Profile string `json:"profile"`
|
||||
ProfileName string `json:"profile_name"`
|
||||
ServerAddr string `json:"server_addr"`
|
||||
ServerDTLSAddr string `json:"server_dtls_addr"`
|
||||
ServerDTLS bool `json:"server_dtls"`
|
||||
AdminAddr string `json:"admin_addr"`
|
||||
ProxyProtocol bool `json:"proxy_protocol"`
|
||||
DbType string `json:"db_type"`
|
||||
DbSource string `json:"db_source"`
|
||||
CertFile string `json:"cert_file"`
|
||||
CertKey string `json:"cert_key"`
|
||||
FilesPath string `json:"files_path"`
|
||||
LogPath string `json:"log_path"`
|
||||
LogLevel string `json:"log_level"`
|
||||
HttpServerLog bool `json:"http_server_log"`
|
||||
Pprof bool `json:"pprof"`
|
||||
Issuer string `json:"issuer"`
|
||||
AdminUser string `json:"admin_user"`
|
||||
AdminPass string `json:"admin_pass"`
|
||||
AdminOtp string `json:"admin_otp"`
|
||||
JwtSecret string `json:"jwt_secret"`
|
||||
Conf string `json:"conf"`
|
||||
Profile string `json:"profile"`
|
||||
ProfileName string `json:"profile_name"`
|
||||
ServerAddr string `json:"server_addr"`
|
||||
ServerDTLS bool `json:"server_dtls"`
|
||||
ServerDTLSAddr string `json:"server_dtls_addr"`
|
||||
AdvertiseDTLSAddr string `json:"advertise_dtls_addr"`
|
||||
AdminAddr string `json:"admin_addr"`
|
||||
ProxyProtocol bool `json:"proxy_protocol"`
|
||||
DbType string `json:"db_type"`
|
||||
DbSource string `json:"db_source"`
|
||||
CertFile string `json:"cert_file"`
|
||||
CertKey string `json:"cert_key"`
|
||||
FilesPath string `json:"files_path"`
|
||||
LogPath string `json:"log_path"`
|
||||
LogLevel string `json:"log_level"`
|
||||
HttpServerLog bool `json:"http_server_log"`
|
||||
Pprof bool `json:"pprof"`
|
||||
Issuer string `json:"issuer"`
|
||||
AdminUser string `json:"admin_user"`
|
||||
AdminPass string `json:"admin_pass"`
|
||||
AdminOtp string `json:"admin_otp"`
|
||||
JwtSecret string `json:"jwt_secret"`
|
||||
|
||||
LinkMode string `json:"link_mode"` // tun tap macvtap ipvtap
|
||||
Ipv4Master string `json:"ipv4_master"` // eth0
|
||||
@@ -82,8 +86,27 @@ type ServerConfig struct {
|
||||
Compression bool `json:"compression"` // bool
|
||||
NoCompressLimit int `json:"no_compress_limit"` // int
|
||||
|
||||
DisplayError bool `json:"display_error"`
|
||||
ExcludeExportIp bool `json:"exclude_export_ip"`
|
||||
DisplayError bool `json:"display_error"`
|
||||
ExcludeExportIp bool `json:"exclude_export_ip"`
|
||||
AuthAloneOtp bool `json:"auth_alone_otp"`
|
||||
EncryptionPassword bool `json:"encryption_password"`
|
||||
|
||||
AntiBruteForce bool `json:"anti_brute_force"`
|
||||
IPWhitelist string `json:"ip_whitelist"`
|
||||
|
||||
MaxBanCount int `json:"max_ban_score"`
|
||||
BanResetTime int `json:"ban_reset_time"`
|
||||
LockTime int `json:"lock_time"`
|
||||
|
||||
MaxGlobalUserBanCount int `json:"max_global_user_ban_count"`
|
||||
GlobalUserBanResetTime int `json:"global_user_ban_reset_time"`
|
||||
GlobalUserLockTime int `json:"global_user_lock_time"`
|
||||
|
||||
MaxGlobalIPBanCount int `json:"max_global_ip_ban_count"`
|
||||
GlobalIPBanResetTime int `json:"global_ip_ban_reset_time"`
|
||||
GlobalIPLockTime int `json:"global_ip_lock_time"`
|
||||
|
||||
GlobalLockStateExpirationTime int `json:"global_lock_state_expiration_time"`
|
||||
}
|
||||
|
||||
func initServerCfg() {
|
||||
@@ -106,6 +129,15 @@ func initServerCfg() {
|
||||
|
||||
if Cfg.JwtSecret == defaultJwt {
|
||||
fmt.Fprintln(os.Stderr, "=== 使用默认的jwt_secret有安全风险,请设置新的jwt_secret ===")
|
||||
|
||||
// 安全问题,自动生成新的密钥
|
||||
jwtSecret, _ := utils.RandSecret(40, 60)
|
||||
jwtSecret = strings.Trim(jwtSecret, "=")
|
||||
Cfg.JwtSecret = jwtSecret
|
||||
}
|
||||
|
||||
if Cfg.AdvertiseDTLSAddr == "" {
|
||||
Cfg.AdvertiseDTLSAddr = Cfg.ServerDTLSAddr
|
||||
}
|
||||
|
||||
fmt.Printf("ServerCfg: %+v \n", Cfg)
|
||||
|
||||
@@ -26,6 +26,7 @@ var configs = []config{
|
||||
{Typ: cfgStr, Name: "server_addr", Usage: "TCP服务监听地址(任意端口)", ValStr: ":443"},
|
||||
{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: false},
|
||||
{Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址(任意端口)", ValStr: ":443"},
|
||||
{Typ: cfgStr, Name: "advertise_dtls_addr", Usage: "DTLS对外映射端口(为空则与server_dtls_addr相同)", ValStr: ""},
|
||||
{Typ: cfgStr, Name: "admin_addr", Usage: "后台服务监听地址", ValStr: ":8800"},
|
||||
{Typ: cfgBool, Name: "proxy_protocol", Usage: "TCP代理协议", ValBool: false},
|
||||
{Typ: cfgStr, Name: "db_type", Usage: "数据库类型 [sqlite3 mysql postgres]", ValStr: "sqlite3"},
|
||||
@@ -71,6 +72,25 @@ var configs = []config{
|
||||
|
||||
{Typ: cfgBool, Name: "display_error", Usage: "客户端显示详细错误信息(线上环境慎开启)", ValBool: false},
|
||||
{Typ: cfgBool, Name: "exclude_export_ip", Usage: "排除出口ip路由(出口ip不加密传输)", ValBool: true},
|
||||
{Typ: cfgBool, Name: "auth_alone_otp", Usage: "登录单独验证OTP窗口", ValBool: false},
|
||||
{Typ: cfgBool, Name: "encryption_password", Usage: "用户密码是否加密保存", ValBool: false},
|
||||
|
||||
{Typ: cfgBool, Name: "anti_brute_force", Usage: "是否开启防爆功能", ValBool: true},
|
||||
{Typ: cfgStr, Name: "ip_whitelist", Usage: "全局IP白名单,多个用逗号分隔,支持单IP和CIDR范围", ValStr: "192.168.90.1,172.16.0.0/24"},
|
||||
|
||||
{Typ: cfgInt, Name: "max_ban_score", Usage: "单位时间内最大尝试次数,0为关闭该功能", ValInt: 5},
|
||||
{Typ: cfgInt, Name: "ban_reset_time", Usage: "设置单位时间(秒),超过则重置计数", ValInt: 10},
|
||||
{Typ: cfgInt, Name: "lock_time", Usage: "超过最大尝试次数后的锁定时长(秒)", ValInt: 300},
|
||||
|
||||
{Typ: cfgInt, Name: "max_global_user_ban_count", Usage: "全局用户单位时间内最大尝试次数,0为关闭该功能", ValInt: 20},
|
||||
{Typ: cfgInt, Name: "global_user_ban_reset_time", Usage: "全局用户设置单位时间(秒)", ValInt: 600},
|
||||
{Typ: cfgInt, Name: "global_user_lock_time", Usage: "全局用户锁定时间(秒)", ValInt: 300},
|
||||
|
||||
{Typ: cfgInt, Name: "max_global_ip_ban_count", Usage: "全局IP单位时间内最大尝试次数,0为关闭该功能", ValInt: 40},
|
||||
{Typ: cfgInt, Name: "global_ip_ban_reset_time", Usage: "全局IP设置单位时间(秒)", ValInt: 1200},
|
||||
{Typ: cfgInt, Name: "global_ip_lock_time", Usage: "全局IP锁定时间(秒)", ValInt: 300},
|
||||
|
||||
{Typ: cfgInt, Name: "global_lock_state_expiration_time", Usage: "全局锁定状态的保存生命周期(秒),超过则删除记录", ValInt: 3600},
|
||||
}
|
||||
|
||||
var envs = map[string]string{}
|
||||
|
||||
@@ -22,7 +22,7 @@ var (
|
||||
|
||||
func initMod() {
|
||||
container := os.Getenv(inContainerKey)
|
||||
if container == "true" {
|
||||
if container == "on" {
|
||||
InContainer = true
|
||||
}
|
||||
log.Println("InContainer", InContainer)
|
||||
|
||||
@@ -44,6 +44,8 @@ server_addr = ":443"
|
||||
server_dtls = false
|
||||
#UDP监听地址(任意端口)
|
||||
server_dtls_addr = ":443"
|
||||
#DTLS对外映射端口(为空则与server_dtls_addr相同)
|
||||
advertise_dtls_addr = ""
|
||||
#后台服务监听地址
|
||||
admin_addr = ":8800"
|
||||
#开启tcp proxy protocol协议
|
||||
@@ -111,3 +113,39 @@ display_error = false
|
||||
|
||||
#排除出口ip路由(出口ip不加密传输)
|
||||
exclude_export_ip = true
|
||||
|
||||
#登录单独验证OTP窗口
|
||||
auth_alone_otp = false
|
||||
|
||||
#加密保存用户密码
|
||||
encryption_password = false
|
||||
|
||||
#防爆破全局开关
|
||||
anti_brute_force = true
|
||||
#全局IP白名单,多个用逗号分隔,支持单IP和CIDR范围
|
||||
ip_whitelist = "192.168.90.1,172.16.0.0/24"
|
||||
|
||||
#锁定时间最好不要超过单位时间
|
||||
#单位时间内最大尝试次数,0为关闭该功能
|
||||
max_ban_score = 5
|
||||
#设置单位时间(秒),超过则重置计数
|
||||
ban_reset_time = 600
|
||||
#超过最大尝试次数后的锁定时长(秒)
|
||||
lock_time = 300
|
||||
|
||||
#全局用户单位时间内最大尝试次数,0为关闭该功能
|
||||
max_global_user_ban_count = 20
|
||||
#全局用户设置单位时间(秒)
|
||||
global_user_ban_reset_time = 600
|
||||
#全局用户锁定时间(秒)
|
||||
global_user_lock_time = 300
|
||||
|
||||
#全局IP单位时间内最大尝试次数,0为关闭该功能
|
||||
max_global_ip_ban_count = 40
|
||||
#全局IP设置单位时间(秒)
|
||||
global_ip_ban_reset_time = 1200
|
||||
#全局IP锁定时间(秒)
|
||||
global_ip_lock_time = 300
|
||||
|
||||
#全局锁定状态的保存生命周期(秒),超过则删除记录
|
||||
global_lock_state_expiration_time = 3600
|
||||
|
||||
@@ -53,8 +53,5 @@ ipv4_end = "192.168.90.200"
|
||||
#是否自动添加nat
|
||||
iptables_nat = true
|
||||
|
||||
|
||||
#客户端显示详细错误信息(线上环境慎开启)
|
||||
display_error = true
|
||||
|
||||
|
||||
|
||||
@@ -400,12 +400,3 @@ func buildNameToCertificate(cert *tls.Certificate) {
|
||||
nameToCertificate[san] = cert
|
||||
}
|
||||
}
|
||||
|
||||
// func Scrypt(passwd string) string {
|
||||
// salt := []byte{0xc8, 0x28, 0xf2, 0x58, 0xa7, 0x6a, 0xad, 0x7b}
|
||||
// hashPasswd, err := scrypt.Key([]byte(passwd), salt, 1<<15, 8, 1, 32)
|
||||
// if err != nil {
|
||||
// return err.Error()
|
||||
// }
|
||||
// return base64.StdEncoding.EncodeToString(hashPasswd)
|
||||
// }
|
||||
|
||||
@@ -5,6 +5,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
_ "github.com/denisenkom/go-mssqldb"
|
||||
_ "github.com/go-sql-driver/mysql"
|
||||
_ "github.com/lib/pq"
|
||||
_ "github.com/mattn/go-sqlite3"
|
||||
@@ -22,13 +23,14 @@ func GetXdb() *xorm.Engine {
|
||||
func initDb() {
|
||||
var err error
|
||||
xdb, err = xorm.NewEngine(base.Cfg.DbType, base.Cfg.DbSource)
|
||||
// 初始化xorm时区
|
||||
xdb.DatabaseTZ = time.Local
|
||||
xdb.TZLocation = time.Local
|
||||
if err != nil {
|
||||
base.Fatal(err)
|
||||
}
|
||||
|
||||
// 初始化xorm时区
|
||||
xdb.DatabaseTZ = time.Local
|
||||
xdb.TZLocation = time.Local
|
||||
|
||||
if base.Cfg.ShowSQL {
|
||||
xdb.ShowSQL(true)
|
||||
}
|
||||
@@ -147,7 +149,7 @@ func addInitData() error {
|
||||
Name: "all",
|
||||
AllowLan: true,
|
||||
ClientDns: []ValData{{Val: "114.114.114.114"}},
|
||||
RouteInclude: []ValData{{Val: All}},
|
||||
RouteInclude: []ValData{{Val: ALL}},
|
||||
Status: 1,
|
||||
}
|
||||
err = SetGroup(&g1)
|
||||
@@ -184,6 +186,7 @@ const accountMail = `<p>您好:</p>
|
||||
用户组: <b>{{.Group}}</b> <br/>
|
||||
用户名: <b>{{.Username}}</b> <br/>
|
||||
用户PIN码: <b>{{.PinCode}}</b> <br/>
|
||||
用户过期时间: <b>{{.LimitTime}}</b> <br/>
|
||||
{{if .DisableOtp}}
|
||||
<!-- nothing -->
|
||||
{{else}}
|
||||
@@ -202,7 +205,8 @@ const accountMail = `<p>您好:</p>
|
||||
<ul>
|
||||
<li>请使用OTP软件扫描动态码二维码</li>
|
||||
<li>然后使用anyconnect客户端进行登陆</li>
|
||||
<li>登陆密码为 【PIN码+动态码】(中间没有+号)</li>
|
||||
<li>登陆密码为 PIN 码</li>
|
||||
<li>OTP密码为扫码后生成的动态码</li>
|
||||
</ul>
|
||||
</div>
|
||||
<p>
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/songgao/water/waterutil"
|
||||
"golang.org/x/text/language"
|
||||
"golang.org/x/text/message"
|
||||
)
|
||||
@@ -17,7 +18,10 @@ import (
|
||||
const (
|
||||
Allow = "allow"
|
||||
Deny = "deny"
|
||||
All = "all"
|
||||
ALL = "all"
|
||||
TCP = "tcp"
|
||||
UDP = "udp"
|
||||
ICMP = "icmp"
|
||||
)
|
||||
|
||||
// 域名分流最大字符2万
|
||||
@@ -25,12 +29,14 @@ const DsMaxLen = 20000
|
||||
|
||||
type GroupLinkAcl struct {
|
||||
// 自上而下匹配 默认 allow * *
|
||||
Action string `json:"action"` // allow、deny
|
||||
Val string `json:"val"`
|
||||
Port string `json:"port"` // 兼容单端口历史数据类型uint16
|
||||
Ports map[uint16]int8 `json:"ports"`
|
||||
IpNet *net.IPNet `json:"ip_net"`
|
||||
Note string `json:"note"`
|
||||
Action string `json:"action"` // allow、deny
|
||||
Protocol string `json:"protocol"` // 支持 ALL、TCP、UDP、ICMP 协议
|
||||
IpProto waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
|
||||
Val string `json:"val"`
|
||||
Port string `json:"port"` // 兼容单端口历史数据类型uint16
|
||||
Ports map[uint16]int8 `json:"ports"`
|
||||
IpNet *net.IPNet `json:"ip_net"`
|
||||
Note string `json:"note"`
|
||||
}
|
||||
|
||||
type ValData struct {
|
||||
@@ -114,7 +120,7 @@ func SetGroup(g *Group) error {
|
||||
routeInclude := []ValData{}
|
||||
for _, v := range g.RouteInclude {
|
||||
if v.Val != "" {
|
||||
if v.Val == All {
|
||||
if v.Val == ALL {
|
||||
routeInclude = append(routeInclude, v)
|
||||
continue
|
||||
}
|
||||
@@ -164,6 +170,19 @@ func SetGroup(g *Group) error {
|
||||
}
|
||||
v.IpNet = ipNet
|
||||
|
||||
// 设置协议数据
|
||||
switch v.Protocol {
|
||||
case TCP:
|
||||
v.IpProto = waterutil.TCP
|
||||
case UDP:
|
||||
v.IpProto = waterutil.UDP
|
||||
case ICMP:
|
||||
v.IpProto = waterutil.ICMP
|
||||
default:
|
||||
// 其他类型都是 all
|
||||
v.Protocol = ALL
|
||||
}
|
||||
|
||||
portsStr := v.Port
|
||||
v.Port = strings.TrimSpace(portsStr)
|
||||
// switch vp := v.Port.(type) {
|
||||
@@ -181,11 +200,13 @@ func SetGroup(g *Group) error {
|
||||
}
|
||||
if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
|
||||
rp := strings.Split(p, "-")
|
||||
portfrom, err := strconv.Atoi(rp[0])
|
||||
// portfrom, err := strconv.Atoi(rp[0])
|
||||
portfrom, err := strconv.ParseUint(rp[0], 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
|
||||
}
|
||||
portto, err := strconv.Atoi(rp[1])
|
||||
// portto, err := strconv.Atoi(rp[1])
|
||||
portto, err := strconv.ParseUint(rp[1], 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
|
||||
}
|
||||
@@ -194,7 +215,7 @@ func SetGroup(g *Group) error {
|
||||
}
|
||||
|
||||
} else {
|
||||
port, err := strconv.Atoi(p)
|
||||
port, err := strconv.ParseUint(p, 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + p + " 格式错误, " + err.Error())
|
||||
}
|
||||
@@ -319,7 +340,8 @@ func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = auth.checkUser(name, pwd, g)
|
||||
ext := map[string]interface{}{}
|
||||
err = auth.checkUser(name, pwd, g, ext)
|
||||
return err
|
||||
}
|
||||
|
||||
|
||||
@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
|
||||
routeInclude := []ValData{}
|
||||
for _, v := range p.RouteInclude {
|
||||
if v.Val != "" {
|
||||
if v.Val == All {
|
||||
if v.Val == ALL {
|
||||
routeInclude = append(routeInclude, v)
|
||||
continue
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ type User struct {
|
||||
Nickname string `json:"nickname" xorm:"varchar(255)"`
|
||||
Email string `json:"email" xorm:"varchar(255)"`
|
||||
// Password string `json:"password"`
|
||||
PinCode string `json:"pin_code" xorm:"varchar(32)"`
|
||||
PinCode string `json:"pin_code" xorm:"varchar(64)"`
|
||||
LimitTime *time.Time `json:"limittime,omitempty" xorm:"Datetime limittime"` // 值为null时,前端不显示
|
||||
OtpSecret string `json:"otp_secret" xorm:"varchar(255)"`
|
||||
DisableOtp bool `json:"disable_otp" xorm:"Bool"` // 禁用otp
|
||||
@@ -46,7 +46,7 @@ type UserActLog struct {
|
||||
Username string `json:"username" xorm:"varchar(60)"`
|
||||
GroupName string `json:"group_name" xorm:"varchar(60)"`
|
||||
IpAddr string `json:"ip_addr" xorm:"varchar(32)"`
|
||||
RemoteAddr string `json:"remote_addr" xorm:"varchar(32)"`
|
||||
RemoteAddr string `json:"remote_addr" xorm:"varchar(42)"`
|
||||
Os uint8 `json:"os" xorm:"not null default 0 Int"`
|
||||
Client uint8 `json:"client" xorm:"not null default 0 Int"`
|
||||
Version string `json:"version" xorm:"varchar(15)"`
|
||||
@@ -67,12 +67,12 @@ type Setting struct {
|
||||
type AccessAudit struct {
|
||||
Id int `json:"id" xorm:"pk autoincr not null"`
|
||||
Username string `json:"username" xorm:"varchar(60) not null"`
|
||||
Protocol uint8 `json:"protocol" xorm:"not null"`
|
||||
Protocol uint8 `json:"protocol" xorm:"Int not null"`
|
||||
Src string `json:"src" xorm:"varchar(60) not null"`
|
||||
SrcPort uint16 `json:"src_port" xorm:"not null"`
|
||||
SrcPort uint16 `json:"src_port" xorm:"Int not null"`
|
||||
Dst string `json:"dst" xorm:"varchar(60) not null"`
|
||||
DstPort uint16 `json:"dst_port" xorm:"not null"`
|
||||
AccessProto uint8 `json:"access_proto" xorm:"default 0"` // 访问协议
|
||||
DstPort uint16 `json:"dst_port" xorm:"Int not null"`
|
||||
AccessProto uint8 `json:"access_proto" xorm:"Int default 0"` // 访问协议
|
||||
Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情
|
||||
CreatedAt time.Time `json:"created_at" xorm:"DateTime"`
|
||||
}
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
"github.com/xlzd/gotp"
|
||||
)
|
||||
@@ -67,7 +68,9 @@ func SetUser(v *User) error {
|
||||
}
|
||||
|
||||
// 验证用户登录信息
|
||||
func CheckUser(name, pwd, group string) error {
|
||||
func CheckUser(name, pwd, group string, ext map[string]interface{}) error {
|
||||
base.Trace("CheckUser", name, pwd, group, ext)
|
||||
|
||||
// 获取登入的group数据
|
||||
groupData := &Group{}
|
||||
err := One("Name", group, groupData)
|
||||
@@ -81,7 +84,7 @@ func CheckUser(name, pwd, group string) error {
|
||||
authType := groupData.Auth["type"].(string)
|
||||
// 本地认证方式
|
||||
if authType == "local" {
|
||||
return checkLocalUser(name, pwd, group)
|
||||
return checkLocalUser(name, pwd, group, ext)
|
||||
}
|
||||
// 其它认证方式, 支持自定义
|
||||
_, ok := authRegistry[authType]
|
||||
@@ -89,11 +92,11 @@ func CheckUser(name, pwd, group string) error {
|
||||
return fmt.Errorf("%s %s", "未知的认证方式: ", authType)
|
||||
}
|
||||
auth := makeInstance(authType).(IUserAuth)
|
||||
return auth.checkUser(name, pwd, groupData)
|
||||
return auth.checkUser(name, pwd, groupData, ext)
|
||||
}
|
||||
|
||||
// 验证本地用户登录信息
|
||||
func checkLocalUser(name, pwd, group string) error {
|
||||
func checkLocalUser(name, pwd, group string, ext map[string]interface{}) error {
|
||||
// TODO 严重问题
|
||||
// return nil
|
||||
|
||||
@@ -115,18 +118,29 @@ func checkLocalUser(name, pwd, group string) error {
|
||||
if !utils.InArrStr(v.Groups, group) {
|
||||
return fmt.Errorf("%s %s", name, "用户组错误")
|
||||
}
|
||||
// 判断otp信息
|
||||
|
||||
pinCode := pwd
|
||||
if !v.DisableOtp {
|
||||
pinCode = pwd[:pl-6]
|
||||
otp := pwd[pl-6:]
|
||||
if !checkOtp(name, otp, v.OtpSecret) {
|
||||
return fmt.Errorf("%s %s", name, "动态码错误")
|
||||
if !base.Cfg.AuthAloneOtp {
|
||||
// 判断otp信息
|
||||
if !v.DisableOtp {
|
||||
pinCode = pwd[:pl-6]
|
||||
otp := pwd[pl-6:]
|
||||
if !CheckOtp(name, otp, v.OtpSecret) {
|
||||
return fmt.Errorf("%s %s", name, "动态码错误")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// 判断用户密码
|
||||
if pinCode != v.PinCode {
|
||||
// 兼容明文密码
|
||||
if len(v.PinCode) != 60 {
|
||||
if pinCode != v.PinCode {
|
||||
return fmt.Errorf("%s %s", name, "密码错误")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
// 密文密码
|
||||
if !utils.PasswordVerify(pinCode, v.PinCode) {
|
||||
return fmt.Errorf("%s %s", name, "密码错误")
|
||||
}
|
||||
|
||||
@@ -171,7 +185,7 @@ func init() {
|
||||
}
|
||||
|
||||
// 判断令牌信息
|
||||
func checkOtp(name, otp, secret string) bool {
|
||||
func CheckOtp(name, otp, secret string) bool {
|
||||
key := fmt.Sprintf("%s:%s", name, otp)
|
||||
|
||||
userOtpMux.Lock()
|
||||
@@ -190,3 +204,25 @@ func checkOtp(name, otp, secret string) bool {
|
||||
|
||||
return verify
|
||||
}
|
||||
|
||||
// 插入数据库前加密密码
|
||||
func (u *User) BeforeInsert() {
|
||||
if base.Cfg.EncryptionPassword {
|
||||
hashedPassword, err := utils.PasswordHash(u.PinCode)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
}
|
||||
u.PinCode = hashedPassword
|
||||
}
|
||||
}
|
||||
|
||||
// 更新数据库前加密密码
|
||||
func (u *User) BeforeUpdate() {
|
||||
if len(u.PinCode) != 60 && base.Cfg.EncryptionPassword {
|
||||
hashedPassword, err := utils.PasswordHash(u.PinCode)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
}
|
||||
u.PinCode = hashedPassword
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package dbdata
|
||||
|
||||
import (
|
||||
"net"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"strings"
|
||||
@@ -78,7 +79,8 @@ func (ua *UserActLogProcess) Add(u UserActLog, userAgent string) {
|
||||
u.Os = os_idx
|
||||
u.Client = client_idx
|
||||
u.Version = ver
|
||||
u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
|
||||
// u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
|
||||
u.RemoteAddr, _, _ = net.SplitHostPort(u.RemoteAddr)
|
||||
// remove extra characters
|
||||
infoSlice := strings.Split(u.Info, " ")
|
||||
infoLen := len(infoSlice)
|
||||
|
||||
@@ -3,11 +3,12 @@ package dbdata
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/xlzd/gotp"
|
||||
)
|
||||
|
||||
func TestCheckUser(t *testing.T) {
|
||||
base.Test()
|
||||
ast := assert.New(t)
|
||||
|
||||
preIpData()
|
||||
@@ -25,20 +26,24 @@ func TestCheckUser(t *testing.T) {
|
||||
ast.Equal(g.RouteInclude[0].IpMask, "192.168.1.0/255.255.255.0")
|
||||
|
||||
// 添加一个用户
|
||||
u := User{Username: "aaa", Groups: []string{group}, Status: 1}
|
||||
pincode := "a123456"
|
||||
u := User{Username: "aaa", PinCode: pincode, Groups: []string{group}, Status: 1}
|
||||
err = SetUser(&u)
|
||||
ast.Nil(err)
|
||||
|
||||
// 验证 PinCode + OtpSecret
|
||||
totp := gotp.NewDefaultTOTP(u.OtpSecret)
|
||||
secret := totp.Now()
|
||||
err = CheckUser("aaa", u.PinCode+secret, group)
|
||||
ast.Nil(err)
|
||||
// totp := gotp.NewDefaultTOTP(u.OtpSecret)
|
||||
// secret := totp.Now()
|
||||
// err = CheckUser("aaa", u.PinCode+secret, group)
|
||||
// ast.Nil(err)
|
||||
|
||||
// 单独验证密码
|
||||
u.DisableOtp = true
|
||||
_ = SetUser(&u)
|
||||
err = CheckUser("aaa", u.PinCode, group)
|
||||
ext := map[string]any{
|
||||
"mac_addr": "",
|
||||
}
|
||||
err = CheckUser("aaa", pincode, group, ext)
|
||||
ast.Nil(err)
|
||||
|
||||
// 添加一个radius组
|
||||
@@ -53,9 +58,9 @@ func TestCheckUser(t *testing.T) {
|
||||
g2 := Group{Name: group2, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData}
|
||||
err = SetGroup(&g2)
|
||||
ast.Nil(err)
|
||||
err = CheckUser("aaa", "bbbbbbb", group2)
|
||||
err = CheckUser("aaa", "bbbbbbb", group2, ext)
|
||||
if ast.NotNil(err) {
|
||||
ast.Equal("aaa Radius服务器连接异常, 请检测服务器和端口", err.Error())
|
||||
ast.Contains(err.Error(), "aaa Radius服务器连接异常")
|
||||
}
|
||||
// 添加用户策略
|
||||
dns2 := []ValData{{Val: "8.8.8.8"}}
|
||||
@@ -63,7 +68,7 @@ func TestCheckUser(t *testing.T) {
|
||||
p1 := Policy{Username: "aaa", Status: 1, ClientDns: dns2, RouteInclude: route2}
|
||||
err = SetPolicy(&p1)
|
||||
ast.Nil(err)
|
||||
err = CheckUser("aaa", u.PinCode, group)
|
||||
err = CheckUser("aaa", pincode, group, ext)
|
||||
ast.Nil(err)
|
||||
// 添加一个ldap组
|
||||
group3 := "group3"
|
||||
@@ -83,7 +88,7 @@ func TestCheckUser(t *testing.T) {
|
||||
g3 := Group{Name: group3, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData}
|
||||
err = SetGroup(&g3)
|
||||
ast.Nil(err)
|
||||
err = CheckUser("aaa", "bbbbbbb", group3)
|
||||
err = CheckUser("aaa", "bbbbbbb", group3, ext)
|
||||
if ast.NotNil(err) {
|
||||
ast.Equal("aaa LDAP服务器连接异常, 请检测服务器和端口", err.Error())
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@ var authRegistry = make(map[string]reflect.Type)
|
||||
|
||||
type IUserAuth interface {
|
||||
checkData(authData map[string]interface{}) error
|
||||
checkUser(name, pwd string, g *Group) error
|
||||
checkUser(name, pwd string, g *Group, ext map[string]interface{}) error
|
||||
}
|
||||
|
||||
func makeInstance(name string) interface{} {
|
||||
|
||||
@@ -61,7 +61,7 @@ func (auth AuthLdap) checkData(authData map[string]interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (auth AuthLdap) checkUser(name, pwd string, g *Group) error {
|
||||
func (auth AuthLdap) checkUser(name, pwd string, g *Group, ext map[string]interface{}) error {
|
||||
pl := len(pwd)
|
||||
if name == "" || pl < 1 {
|
||||
return fmt.Errorf("%s %s", name, "密码错误")
|
||||
|
||||
@@ -5,9 +5,11 @@ import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"layeh.com/radius"
|
||||
"layeh.com/radius/rfc2865"
|
||||
)
|
||||
@@ -15,6 +17,7 @@ import (
|
||||
type AuthRadius struct {
|
||||
Addr string `json:"addr"`
|
||||
Secret string `json:"secret"`
|
||||
Nasip string `json:"nasip"`
|
||||
}
|
||||
|
||||
func init() {
|
||||
@@ -38,7 +41,7 @@ func (auth AuthRadius) checkData(authData map[string]interface{}) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
|
||||
func (auth AuthRadius) checkUser(name, pwd string, g *Group, ext map[string]interface{}) error {
|
||||
pl := len(pwd)
|
||||
if name == "" || pl < 1 {
|
||||
return fmt.Errorf("%s %s", name, "密码错误")
|
||||
@@ -57,16 +60,39 @@ func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
|
||||
}
|
||||
// radius认证时,设置超时3秒
|
||||
packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret))
|
||||
rfc2865.UserName_SetString(packet, name)
|
||||
rfc2865.UserPassword_SetString(packet, pwd)
|
||||
err = rfc2865.UserName_SetString(packet, name)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set name 出现错误")
|
||||
}
|
||||
err = rfc2865.UserPassword_SetString(packet, pwd)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set pwd 出现错误")
|
||||
}
|
||||
if auth.Nasip != "" {
|
||||
nasip := net.ParseIP(auth.Nasip)
|
||||
err = rfc2865.NASIPAddress_Set(packet, nasip)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set nasip 出现错误")
|
||||
}
|
||||
}
|
||||
macAddr := ext["mac_addr"].(string)
|
||||
base.Trace("AuthRadius", ext, macAddr)
|
||||
if macAddr != "" {
|
||||
err = rfc2865.CallingStationID_AddString(packet, macAddr)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set CallingStationID 出现错误")
|
||||
}
|
||||
}
|
||||
|
||||
ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
|
||||
defer done()
|
||||
response, err := radius.Exchange(ctx, packet, auth.Addr)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius服务器连接异常, 请检测服务器和端口")
|
||||
return fmt.Errorf("%s %s %s", name, "Radius服务器连接异常, 请检测服务器和端口", err)
|
||||
}
|
||||
if response.Code != radius.CodeAccessAccept {
|
||||
return fmt.Errorf("%s %s", name, "Radius:用户名或密码错误")
|
||||
}
|
||||
return nil
|
||||
|
||||
}
|
||||
|
||||
@@ -1,85 +1,95 @@
|
||||
module github.com/bjdgyc/anylink
|
||||
|
||||
go 1.20
|
||||
go 1.22.0
|
||||
|
||||
toolchain go1.22.12
|
||||
|
||||
require (
|
||||
github.com/arl/statsviz v0.6.0
|
||||
github.com/deckarep/golang-set v1.8.0
|
||||
github.com/go-acme/lego/v4 v4.15.0
|
||||
github.com/denisenkom/go-mssqldb v0.12.3
|
||||
github.com/go-acme/lego/v4 v4.19.2
|
||||
github.com/go-co-op/gocron v1.37.0
|
||||
github.com/go-ldap/ldap v3.0.3+incompatible
|
||||
github.com/go-sql-driver/mysql v1.8.0
|
||||
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0
|
||||
github.com/go-sql-driver/mysql v1.8.1
|
||||
github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1
|
||||
github.com/golang-jwt/jwt/v4 v4.5.1
|
||||
github.com/google/gopacket v1.1.19
|
||||
github.com/gorilla/handlers v1.5.2
|
||||
github.com/gorilla/mux v1.8.1
|
||||
github.com/ivpusic/grpool v1.0.0
|
||||
github.com/lanrenwo/lzsgo v0.0.2
|
||||
github.com/lib/pq v1.10.9
|
||||
github.com/mattn/go-sqlite3 v1.14.22
|
||||
github.com/lorenzosaino/go-sysctl v0.3.1
|
||||
github.com/mattn/go-sqlite3 v1.14.24
|
||||
github.com/orcaman/concurrent-map v1.0.0
|
||||
github.com/pion/dtls/v2 v2.2.10
|
||||
github.com/pion/dtls/v2 v2.2.12
|
||||
github.com/pion/logging v0.2.2
|
||||
github.com/pires/go-proxyproto v0.7.0
|
||||
github.com/pires/go-proxyproto v0.8.0
|
||||
github.com/shirou/gopsutil v3.21.11+incompatible
|
||||
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
|
||||
github.com/songgao/packets v0.0.0-20160404182456-549a10cd4091
|
||||
github.com/songgao/water v0.0.0-20200317203138-2b4b6d7c09d8
|
||||
github.com/spf13/cast v1.6.0
|
||||
github.com/spf13/cobra v1.8.0
|
||||
github.com/spf13/viper v1.18.2
|
||||
github.com/stretchr/testify v1.8.4
|
||||
github.com/spf13/cast v1.7.0
|
||||
github.com/spf13/cobra v1.8.1
|
||||
github.com/spf13/viper v1.19.0
|
||||
github.com/stretchr/testify v1.10.0
|
||||
github.com/xhit/go-simple-mail/v2 v2.16.0
|
||||
github.com/xlzd/gotp v0.1.0
|
||||
github.com/xuri/excelize/v2 v2.8.1
|
||||
golang.org/x/crypto v0.21.0
|
||||
golang.org/x/net v0.22.0
|
||||
golang.org/x/text v0.14.0
|
||||
golang.org/x/time v0.5.0
|
||||
github.com/xuri/excelize/v2 v2.9.0
|
||||
golang.org/x/crypto v0.32.0
|
||||
golang.org/x/net v0.33.0
|
||||
golang.org/x/text v0.21.0
|
||||
golang.org/x/time v0.7.0
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8
|
||||
xorm.io/xorm v1.3.8
|
||||
xorm.io/xorm v1.3.9
|
||||
)
|
||||
|
||||
require (
|
||||
filippo.io/edwards25519 v1.1.0 // indirect
|
||||
github.com/aliyun/alibaba-cloud-sdk-go v1.62.690 // indirect
|
||||
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
|
||||
github.com/cloudflare/cloudflare-go v0.89.0 // indirect
|
||||
github.com/BurntSushi/toml v1.4.0 // indirect
|
||||
github.com/aliyun/alibaba-cloud-sdk-go v1.63.48 // indirect
|
||||
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
|
||||
github.com/cloudflare/cloudflare-go v0.109.0 // indirect
|
||||
github.com/felixge/httpsnoop v1.0.4 // indirect
|
||||
github.com/go-jose/go-jose/v3 v3.0.3 // indirect
|
||||
github.com/go-jose/go-jose/v4 v4.0.5 // indirect
|
||||
github.com/go-test/deep v1.1.0 // indirect
|
||||
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
|
||||
github.com/golang-sql/sqlexp v0.1.0 // indirect
|
||||
github.com/google/go-querystring v1.1.0 // indirect
|
||||
github.com/google/uuid v1.6.0 // indirect
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
|
||||
github.com/jmespath/go-jmespath v0.4.0 // indirect
|
||||
github.com/miekg/dns v1.1.58 // indirect
|
||||
github.com/miekg/dns v1.1.62 // indirect
|
||||
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.1.1 // indirect
|
||||
github.com/pion/transport/v2 v2.2.4 // indirect
|
||||
github.com/sagikazarmark/locafero v0.4.0 // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
|
||||
github.com/pion/transport/v2 v2.2.10 // indirect
|
||||
github.com/pion/transport/v3 v3.0.7 // indirect
|
||||
github.com/sagikazarmark/locafero v0.6.0 // indirect
|
||||
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
|
||||
github.com/sourcegraph/conc v0.3.0 // indirect
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873 // indirect
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873 // indirect
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1036 // indirect
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1036 // indirect
|
||||
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 // indirect
|
||||
github.com/yusufpapurcu/wmi v1.2.4 // indirect
|
||||
go.uber.org/atomic v1.11.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
|
||||
golang.org/x/mod v0.16.0 // indirect
|
||||
golang.org/x/tools v0.19.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c // indirect
|
||||
golang.org/x/exp/typeparams v0.0.0-20220613132600-b0d781184e0d // indirect
|
||||
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
|
||||
golang.org/x/mod v0.21.0 // indirect
|
||||
golang.org/x/sync v0.10.0 // indirect
|
||||
golang.org/x/tools v0.26.0 // indirect
|
||||
honnef.co/go/tools v0.3.2 // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/coreos/go-iptables v0.7.0
|
||||
github.com/coreos/go-iptables v0.8.0
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
|
||||
github.com/fsnotify/fsnotify v1.7.0 // indirect
|
||||
github.com/fsnotify/fsnotify v1.8.0 // indirect
|
||||
github.com/go-ole/go-ole v1.3.0 // indirect
|
||||
github.com/goccy/go-json v0.10.2 // indirect
|
||||
github.com/goccy/go-json v0.10.3 // indirect
|
||||
github.com/golang/snappy v0.0.4 // indirect
|
||||
github.com/gorilla/websocket v1.5.1 // indirect
|
||||
github.com/gorilla/websocket v1.5.3 // indirect
|
||||
github.com/hashicorp/hcl v1.0.0 // indirect
|
||||
github.com/inconshreveable/mousetrap v1.1.0 // indirect
|
||||
github.com/json-iterator/go v1.1.12 // indirect
|
||||
@@ -90,17 +100,17 @@ require (
|
||||
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
|
||||
github.com/richardlehane/mscfb v1.0.4 // indirect
|
||||
github.com/richardlehane/msoleps v1.0.3 // indirect
|
||||
github.com/richardlehane/msoleps v1.0.4 // indirect
|
||||
github.com/robfig/cron/v3 v3.0.1 // indirect
|
||||
github.com/spf13/afero v1.11.0 // indirect
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
github.com/subosito/gotenv v1.6.0 // indirect
|
||||
github.com/syndtr/goleveldb v1.0.0 // indirect
|
||||
github.com/tklauser/go-sysconf v0.3.13 // indirect
|
||||
github.com/tklauser/numcpus v0.7.0 // indirect
|
||||
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
|
||||
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
|
||||
golang.org/x/sys v0.18.0 // indirect
|
||||
github.com/tklauser/go-sysconf v0.3.14 // indirect
|
||||
github.com/tklauser/numcpus v0.9.0 // indirect
|
||||
github.com/xuri/efp v0.0.0-20240408161823-9ad904a10d6d // indirect
|
||||
github.com/xuri/nfp v0.0.0-20240318013403-ab9948c2c4a7 // indirect
|
||||
golang.org/x/sys v0.29.0 // indirect
|
||||
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
|
||||
236
server/go.sum
236
server/go.sum
@@ -3,20 +3,25 @@ filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
|
||||
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
|
||||
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
|
||||
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v0.19.0/go.mod h1:h6H6c8enJmmocHUbLiiGY6sx7f9i+X3m1CHdd5c6Rdw=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.11.0/go.mod h1:HcM1YX14R7CJcghJGOYCgdezslRSVzqwLf/q+4Y2r/0=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v0.7.0/go.mod h1:yqy467j36fJxcRV2TzfVZ1pCb5vxm4BtZPUdYWe/Xo8=
|
||||
github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
|
||||
github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
|
||||
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
|
||||
github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
|
||||
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
|
||||
github.com/aliyun/alibaba-cloud-sdk-go v1.62.690 h1:9ChlXyXZxVeHXPlsUqquutxxmrEGhNmfQiOW/YKIbq8=
|
||||
github.com/aliyun/alibaba-cloud-sdk-go v1.62.690/go.mod h1:CJJYa1ZMxjlN/NbXEwmejEnBkhi0DV+Yb3B2lxf+74o=
|
||||
github.com/aliyun/alibaba-cloud-sdk-go v1.63.48 h1:f57dtSI1BJfF5FO7JJ7ljMh79Ae64nbbDfUOey5PBa0=
|
||||
github.com/aliyun/alibaba-cloud-sdk-go v1.63.48/go.mod h1:SOSDHfe1kX91v3W5QiBsWSLqeLxImobbMX1mxrFHsVQ=
|
||||
github.com/arl/statsviz v0.6.0 h1:jbW1QJkEYQkufd//4NDYRSNBpwJNrdzPahF7ZmoGdyE=
|
||||
github.com/arl/statsviz v0.6.0/go.mod h1:0toboo+YGSUXDaS4g1D5TVS4dXs7S7YYT5J/qnW2h8s=
|
||||
github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
|
||||
github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
|
||||
github.com/cloudflare/cloudflare-go v0.89.0 h1:3zoVntC8xmUR/weFEcNE1RizdW4LRZdQnJ/AN8DDa1U=
|
||||
github.com/cloudflare/cloudflare-go v0.89.0/go.mod h1:eyuehb1i6BNRc+ZwaTZAiRHeE+4jbKvHAns19oGeakg=
|
||||
github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8=
|
||||
github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
|
||||
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
|
||||
github.com/cloudflare/cloudflare-go v0.109.0 h1:Wjp+RfJD1lidIFUlrTBqUQnCBrUnmVsLxgzWYiURueg=
|
||||
github.com/cloudflare/cloudflare-go v0.109.0/go.mod h1:m492eNahT/9MsN7Ppnoge8AaI7QhVFtEgVm3I9HJFeU=
|
||||
github.com/coreos/go-iptables v0.8.0 h1:MPc2P89IhuVpLI7ETL/2tx3XZ61VeICZjYqDEgNsPRc=
|
||||
github.com/coreos/go-iptables v0.8.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
|
||||
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
|
||||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
@@ -24,38 +29,47 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
|
||||
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4=
|
||||
github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo=
|
||||
github.com/denisenkom/go-mssqldb v0.12.3 h1:pBSGx9Tq67pBOTLmxNuirNTeB8Vjmf886Kx+8Y+8shw=
|
||||
github.com/denisenkom/go-mssqldb v0.12.3/go.mod h1:k0mtMFOnU+AihqFxPMiF05rtiDrorD1Vrm1KEz5hxDo=
|
||||
github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
|
||||
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
|
||||
github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
|
||||
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
|
||||
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
|
||||
github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
|
||||
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
|
||||
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
||||
github.com/go-acme/lego/v4 v4.15.0 h1:A7MHEU3b+TDFqhC/HmzMJnzPbyeaYvMZQBbqgvbThhU=
|
||||
github.com/go-acme/lego/v4 v4.15.0/go.mod h1:eeGhjW4zWT7Ccqa3sY7ayEqFLCAICx+mXgkMHKIkLxg=
|
||||
github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M=
|
||||
github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
|
||||
github.com/go-acme/lego/v4 v4.19.2 h1:Y8hrmMvWETdqzzkRly7m98xtPJJivWFsgWi8fcvZo+Y=
|
||||
github.com/go-acme/lego/v4 v4.19.2/go.mod h1:wtDe3dDkmV4/oI2nydpNXSJpvV10J9RCyZ6MbYxNtlQ=
|
||||
github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0=
|
||||
github.com/go-co-op/gocron v1.37.0/go.mod h1:3L/n6BkO7ABj+TrfSVXLRzsP26zmikL4ISkLQ0O8iNY=
|
||||
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
|
||||
github.com/go-jose/go-jose/v3 v3.0.3 h1:fFKWeig/irsp7XD2zBxvnmA/XaRWp5V3CBsZXJF7G7k=
|
||||
github.com/go-jose/go-jose/v3 v3.0.3/go.mod h1:5b+7YgP7ZICgJDBdfjZaIt+H/9L9T/YQrVfLAMboGkQ=
|
||||
github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE=
|
||||
github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA=
|
||||
github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
|
||||
github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
|
||||
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
|
||||
github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
|
||||
github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
|
||||
github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
|
||||
github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
|
||||
github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
|
||||
github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
|
||||
github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
|
||||
github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
|
||||
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a h1:RYfmiM0zluBJOiPDJseKLEN4BapJ42uSi9SZBQ2YyiA=
|
||||
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI=
|
||||
github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
|
||||
github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
|
||||
github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1 h1:FWNFq4fM1wPfcK40yHE5UO3RUdSNPaBC+j3PokzA6OQ=
|
||||
github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI=
|
||||
github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
|
||||
github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
|
||||
github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
|
||||
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA=
|
||||
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
|
||||
github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A=
|
||||
github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI=
|
||||
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
|
||||
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
|
||||
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
@@ -63,8 +77,8 @@ github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
|
||||
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
||||
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
|
||||
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
|
||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||
@@ -77,14 +91,8 @@ github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyE
|
||||
github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w=
|
||||
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
|
||||
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
|
||||
github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY=
|
||||
github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY=
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
|
||||
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
|
||||
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||
github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
|
||||
github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
|
||||
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
|
||||
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
|
||||
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
|
||||
@@ -93,20 +101,20 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2
|
||||
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
|
||||
github.com/ivpusic/grpool v1.0.0 h1:+FCiCo3GhfsvzfXuJWnpJUNb/VaqyYVgG8C+qvh07Rc=
|
||||
github.com/ivpusic/grpool v1.0.0/go.mod h1:WPmiAI5ExAn06vg+0JzyPzXMQutJmpb7TrBtyLJkOHQ=
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
|
||||
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
|
||||
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
|
||||
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
|
||||
github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
|
||||
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
|
||||
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
||||
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
|
||||
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
|
||||
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||
@@ -115,22 +123,24 @@ github.com/lanrenwo/lzsgo v0.0.2 h1:FA30LAaJFYLoaM17b+H32gA+5H+abjoomNLSA9HCbrI=
|
||||
github.com/lanrenwo/lzsgo v0.0.2/go.mod h1:oxDZy2vgi6VBGIdvL80ayRMtIyXV+TbjavVuINXZY2k=
|
||||
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
|
||||
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
||||
github.com/lorenzosaino/go-sysctl v0.3.1 h1:3phX80tdITw2fJjZlwbXQnDWs4S30beNcMbw0cn0HtY=
|
||||
github.com/lorenzosaino/go-sysctl v0.3.1/go.mod h1:5grcsBRpspKknNS1qzt1eIeRDLrhpKZAtz8Fcuvs1Rc=
|
||||
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
|
||||
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
|
||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
|
||||
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
|
||||
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
|
||||
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY=
|
||||
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||
github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
|
||||
github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||
github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ=
|
||||
github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ=
|
||||
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
|
||||
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
|
||||
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
|
||||
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
|
||||
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
|
||||
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
|
||||
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
|
||||
github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8=
|
||||
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
|
||||
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
|
||||
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
|
||||
@@ -143,16 +153,20 @@ github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:Ff
|
||||
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU=
|
||||
github.com/orcaman/concurrent-map v1.0.0 h1:I/2A2XPCb4IuQWcQhBhSwGfiuybl/J0ev9HDbW65HOY=
|
||||
github.com/orcaman/concurrent-map v1.0.0/go.mod h1:Lu3tH6HLW3feq74c2GC+jIMS/K2CFcDWnWD9XkenwhI=
|
||||
github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI=
|
||||
github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc=
|
||||
github.com/pion/dtls/v2 v2.2.10 h1:u2Axk+FyIR1VFTPurktB+1zoEPGIW3bmyj3LEFrXjAA=
|
||||
github.com/pion/dtls/v2 v2.2.10/go.mod h1:d9SYc9fch0CqK90mRk1dC7AkzzpwJj6u2GU3u+9pqFE=
|
||||
github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
|
||||
github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
|
||||
github.com/pion/dtls/v2 v2.2.12 h1:KP7H5/c1EiVAAKUmXyCzPiQe5+bCJrpOeKg/L05dunk=
|
||||
github.com/pion/dtls/v2 v2.2.12/go.mod h1:d9SYc9fch0CqK90mRk1dC7AkzzpwJj6u2GU3u+9pqFE=
|
||||
github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY=
|
||||
github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms=
|
||||
github.com/pion/transport/v2 v2.2.4 h1:41JJK6DZQYSeVLxILA2+F4ZkKb4Xd/tFJZRFZQ9QAlo=
|
||||
github.com/pion/transport/v2 v2.2.4/go.mod h1:q2U/tf9FEfnSBGSW6w5Qp5PFWRLRj3NjLhCCgpRK4p0=
|
||||
github.com/pires/go-proxyproto v0.7.0 h1:IukmRewDQFWC7kfnb66CSomk2q/seBuilHBYFwyq0Hs=
|
||||
github.com/pires/go-proxyproto v0.7.0/go.mod h1:Vz/1JPY/OACxWGQNIRY2BeyDmpoaWmEP40O9LbuiFR4=
|
||||
github.com/pion/transport/v2 v2.2.10 h1:ucLBLE8nuxiHfvkFKnkDQRYWYfp8ejf4YBOPfaQpw6Q=
|
||||
github.com/pion/transport/v2 v2.2.10/go.mod h1:sq1kSLWs+cHW9E+2fJP95QudkzbK7wscs8yYgQToO5E=
|
||||
github.com/pion/transport/v3 v3.0.7 h1:iRbMH05BzSNwhILHoBoAPxoB9xQgOaJk+591KC9P1o0=
|
||||
github.com/pion/transport/v3 v3.0.7/go.mod h1:YleKiTZ4vqNxVwh77Z0zytYi7rXHl7j6uPLGhhz9rwo=
|
||||
github.com/pires/go-proxyproto v0.8.0 h1:5unRmEAPbHXHuLjDg01CxJWf91cw3lKHc/0xzKpXEe0=
|
||||
github.com/pires/go-proxyproto v0.8.0/go.mod h1:iknsfgnH8EkjrMeMyvfKByp9TiBZCKZM0jx2xmKqnVY=
|
||||
github.com/pkg/browser v0.0.0-20180916011732-0a3d74bf9ce4/go.mod h1:4OwLy04Bl9Ef3GJJCoec+30X3LQs/0/m4HFRt/2LUSA=
|
||||
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
@@ -160,19 +174,21 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
|
||||
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
|
||||
github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
|
||||
github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
|
||||
github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
|
||||
github.com/richardlehane/msoleps v1.0.3 h1:aznSZzrwYRl3rLKRT3gUk9am7T/mLNSnJINvN0AQoVM=
|
||||
github.com/richardlehane/msoleps v1.0.3/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
|
||||
github.com/richardlehane/msoleps v1.0.4 h1:WuESlvhX3gH2IHcd8UqyCuFY5yiq/GR/yqaSM/9/g00=
|
||||
github.com/richardlehane/msoleps v1.0.4/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
|
||||
github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
|
||||
github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
|
||||
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
|
||||
github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
|
||||
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
|
||||
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
|
||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
|
||||
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
|
||||
github.com/sagikazarmark/locafero v0.6.0 h1:ON7AQg37yzcRPU69mt7gwhFEBwxI6P9T4Qu3N51bwOk=
|
||||
github.com/sagikazarmark/locafero v0.6.0/go.mod h1:77OmuIc6VTraTXKXIs/uvUxKGUXjE1GbemJYHqdNjX0=
|
||||
github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
|
||||
github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
|
||||
github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI=
|
||||
@@ -187,37 +203,37 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS
|
||||
github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
|
||||
github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
|
||||
github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
|
||||
github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0=
|
||||
github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
|
||||
github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0=
|
||||
github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho=
|
||||
github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w=
|
||||
github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
|
||||
github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
|
||||
github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
|
||||
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
|
||||
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
|
||||
github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ=
|
||||
github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk=
|
||||
github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI=
|
||||
github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
|
||||
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
|
||||
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
|
||||
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
|
||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
|
||||
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
|
||||
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
|
||||
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
|
||||
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
|
||||
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
|
||||
github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
|
||||
github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
|
||||
github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873 h1:VdQ+lQ98CFwbmfQj02iMVWWzdwnKubuICIa2QhzQBJI=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.873/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873 h1:qawAviStyrk6b2bHvRvKxmiiL8Cu6KujtzAHktLqdFI=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.873/go.mod h1:wqyJy+a/L53zH8pRDNOF+7t9iZhSPANmYSuUfvVp9NE=
|
||||
github.com/tklauser/go-sysconf v0.3.13 h1:GBUpcahXSpR2xN01jhkNAbTLRk2Yzgggk8IM08lq3r4=
|
||||
github.com/tklauser/go-sysconf v0.3.13/go.mod h1:zwleP4Q4OehZHGn4CYZDipCgg9usW5IJePewFCGVEa0=
|
||||
github.com/tklauser/numcpus v0.7.0 h1:yjuerZP127QG9m5Zh/mSO4wqurYil27tHrqwRoRjpr4=
|
||||
github.com/tklauser/numcpus v0.7.0/go.mod h1:bb6dMVcj8A42tSE7i32fsIUCbQNllK5iDguyOZRUzAY=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1036 h1:B3GO+IBOrjrq8sN5bT9e8GMHWguHkyyGdNEos6cp5cE=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1036/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1036 h1:lpDbM5GqLY67hGkndcRfledZf14sJaY+LOcHp5I4BkQ=
|
||||
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1036/go.mod h1:WuuxNlel804BVTQYrE9qauuiu2462Va04PlIr8/FVJY=
|
||||
github.com/tklauser/go-sysconf v0.3.14 h1:g5vzr9iPFFz24v2KZXs/pvpvh8/V9Fw6vQK5ZZb78yU=
|
||||
github.com/tklauser/go-sysconf v0.3.14/go.mod h1:1ym4lWMLUOhuBOPGtRcJm7tEGX4SCYNEEEtghGG/8uY=
|
||||
github.com/tklauser/numcpus v0.9.0 h1:lmyCHtANi8aRUgkckBgoDk1nHCux3n2cgkJLXdQGPDo=
|
||||
github.com/tklauser/numcpus v0.9.0/go.mod h1:SN6Nq1O3VychhC1npsWostA+oW+VOQTxZrS604NSRyI=
|
||||
github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns=
|
||||
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 h1:flbMkdl6HxQkLs6DDhH1UkcnFpNBOu70391STjMS0O4=
|
||||
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns=
|
||||
@@ -225,16 +241,17 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO
|
||||
github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
|
||||
github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
|
||||
github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
|
||||
github.com/wlynxg/anet v0.0.3/go.mod h1:eay5PRQr7fIVAMbTbchTnO9gG65Hg/uYGdc7mguHxoA=
|
||||
github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICLkIkNVccA=
|
||||
github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
|
||||
github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po=
|
||||
github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg=
|
||||
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 h1:Chd9DkqERQQuHpXjR/HSV1jLZA6uaoiwwH3vSuF3IW0=
|
||||
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
|
||||
github.com/xuri/excelize/v2 v2.8.1 h1:pZLMEwK8ep+CLIUWpWmvW8IWE/yxqG0I1xcN6cVMGuQ=
|
||||
github.com/xuri/excelize/v2 v2.8.1/go.mod h1:oli1E4C3Pa5RXg1TBXn4ENCXDV5JUMlBluUhG7c+CEE=
|
||||
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 h1:qhbILQo1K3mphbwKh1vNm4oGezE1eF9fQWmNiIpSfI4=
|
||||
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
|
||||
github.com/xuri/efp v0.0.0-20240408161823-9ad904a10d6d h1:llb0neMWDQe87IzJLS4Ci7psK/lVsjIS2otl+1WyRyY=
|
||||
github.com/xuri/efp v0.0.0-20240408161823-9ad904a10d6d/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
|
||||
github.com/xuri/excelize/v2 v2.9.0 h1:1tgOaEq92IOEumR1/JfYS/eR0KHOCsRv/rYXXh6YJQE=
|
||||
github.com/xuri/excelize/v2 v2.9.0/go.mod h1:uqey4QBZ9gdMeWApPLdhm9x+9o2lq4iVmjiLfBS5hdE=
|
||||
github.com/xuri/nfp v0.0.0-20240318013403-ab9948c2c4a7 h1:hPVCafDV85blFTabnqKgNhDCkJX25eik94Si9cTER4A=
|
||||
github.com/xuri/nfp v0.0.0-20240318013403-ab9948c2c4a7/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
|
||||
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
|
||||
github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
|
||||
@@ -246,54 +263,64 @@ go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN8
|
||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
|
||||
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
|
||||
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
|
||||
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
|
||||
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
|
||||
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
|
||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
|
||||
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
||||
golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
|
||||
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
|
||||
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
|
||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 h1:LfspQV/FYTatPTr/3HzIcmiUFH7PGP+OQ6mgDYo3yuQ=
|
||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc=
|
||||
golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY=
|
||||
golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8=
|
||||
golang.org/x/exp/typeparams v0.0.0-20220613132600-b0d781184e0d h1:+W8Qf4iJtMGKkyAygcKohjxTk4JPsL9DpzApJ22m5Ic=
|
||||
golang.org/x/exp/typeparams v0.0.0-20220613132600-b0d781184e0d/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
|
||||
golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
|
||||
golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ=
|
||||
golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
|
||||
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug=
|
||||
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
|
||||
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
|
||||
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
|
||||
golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
|
||||
golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
|
||||
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
|
||||
golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
|
||||
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
|
||||
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
|
||||
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
|
||||
golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
|
||||
golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
|
||||
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
|
||||
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
|
||||
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
@@ -303,9 +330,8 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
||||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
|
||||
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
@@ -313,18 +339,19 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
|
||||
golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
|
||||
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
|
||||
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
|
||||
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
|
||||
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
|
||||
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
|
||||
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
|
||||
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
|
||||
golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ=
|
||||
golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
@@ -333,8 +360,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
|
||||
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw=
|
||||
golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc=
|
||||
golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
|
||||
golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
@@ -353,7 +380,6 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EV
|
||||
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
|
||||
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
|
||||
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
|
||||
gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
|
||||
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
|
||||
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
|
||||
@@ -361,24 +387,38 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
|
||||
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
honnef.co/go/tools v0.3.2 h1:ytYb4rOqyp1TSa2EPvNVwtPQJctSELKaMyLfqNP4+34=
|
||||
honnef.co/go/tools v0.3.2/go.mod h1:jzwdWgg7Jdq75wlfblQxO4neNaFFSvgc1tD5Wv8U0Yw=
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs=
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o=
|
||||
lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
|
||||
lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
|
||||
modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
|
||||
modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
|
||||
modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
|
||||
modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
|
||||
modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
|
||||
modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
|
||||
modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
|
||||
modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
|
||||
modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk=
|
||||
modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
|
||||
modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
|
||||
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
|
||||
modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
|
||||
modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
|
||||
modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
|
||||
modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
|
||||
modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
|
||||
modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
|
||||
rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
|
||||
xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
|
||||
xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
|
||||
xorm.io/xorm v1.3.8 h1:CJmplmWqfSRpLWSPMmqz+so8toBp3m7ehuRehIWedZo=
|
||||
xorm.io/xorm v1.3.8/go.mod h1:LsCCffeeYp63ssk0pKumP6l96WZcHix7ChpurcLNuMw=
|
||||
xorm.io/xorm v1.3.9 h1:TUovzS0ko+IQ1XnNLfs5dqK1cJl1H5uHpWbWqAQ04nU=
|
||||
xorm.io/xorm v1.3.9/go.mod h1:LsCCffeeYp63ssk0pKumP6l96WZcHix7ChpurcLNuMw=
|
||||
|
||||
@@ -2,11 +2,9 @@ package handler
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/md5"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/http/httputil"
|
||||
"strings"
|
||||
@@ -46,7 +44,10 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
defer r.Body.Close()
|
||||
|
||||
cr := ClientRequest{}
|
||||
cr := &ClientRequest{
|
||||
RemoteAddr: r.RemoteAddr,
|
||||
UserAgent: userAgent,
|
||||
}
|
||||
err = xml.Unmarshal(body, &cr)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
@@ -76,8 +77,15 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
// 锁定状态判断
|
||||
if !lockManager.CheckLocked(cr.Auth.Username, r.RemoteAddr) {
|
||||
w.WriteHeader(http.StatusTooManyRequests)
|
||||
return
|
||||
}
|
||||
|
||||
// 用户活动日志
|
||||
ua := dbdata.UserActLog{
|
||||
ua := &dbdata.UserActLog{
|
||||
Username: cr.Auth.Username,
|
||||
GroupName: cr.GroupSelect,
|
||||
RemoteAddr: r.RemoteAddr,
|
||||
@@ -85,13 +93,21 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
DeviceType: cr.DeviceId.DeviceType,
|
||||
PlatformVersion: cr.DeviceId.PlatformVersion,
|
||||
}
|
||||
|
||||
sessionData := &AuthSession{
|
||||
ClientRequest: cr,
|
||||
UserActLog: ua,
|
||||
}
|
||||
// TODO 用户密码校验
|
||||
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect)
|
||||
ext := map[string]interface{}{"mac_addr": cr.MacAddressList.MacAddress}
|
||||
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect, ext)
|
||||
if err != nil {
|
||||
base.Warn(err)
|
||||
lockManager.UpdateLoginStatus(cr.Auth.Username, r.RemoteAddr, false) // 记录登录失败状态
|
||||
|
||||
base.Warn(err, r.RemoteAddr)
|
||||
ua.Info = err.Error()
|
||||
ua.Status = dbdata.UserAuthFail
|
||||
dbdata.UserActLogIns.Add(ua, userAgent)
|
||||
dbdata.UserActLogIns.Add(*ua, userAgent)
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
data := RequestData{Group: cr.GroupSelect, Groups: dbdata.GetGroupNamesNormal(), Error: "用户名或密码错误"}
|
||||
@@ -101,72 +117,63 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
tplRequest(tpl_request, w, data)
|
||||
return
|
||||
}
|
||||
dbdata.UserActLogIns.Add(ua, userAgent)
|
||||
// if !ok {
|
||||
// w.WriteHeader(http.StatusOK)
|
||||
// data := RequestData{Group: cr.GroupSelect, Groups: base.Cfg.UserGroups, Error: "请先激活用户"}
|
||||
// tplRequest(tpl_request, w, data)
|
||||
// return
|
||||
// }
|
||||
dbdata.UserActLogIns.Add(*ua, userAgent)
|
||||
|
||||
// 创建新的session信息
|
||||
sess := sessdata.NewSession("")
|
||||
sess.Username = cr.Auth.Username
|
||||
sess.Group = cr.GroupSelect
|
||||
oriMac := cr.MacAddressList.MacAddress
|
||||
sess.UniqueIdGlobal = cr.DeviceId.UniqueIdGlobal
|
||||
sess.UserAgent = userAgent
|
||||
sess.DeviceType = ua.DeviceType
|
||||
sess.PlatformVersion = ua.PlatformVersion
|
||||
sess.RemoteAddr = r.RemoteAddr
|
||||
// 获取客户端mac地址
|
||||
sess.UniqueMac = true
|
||||
macHw, err := net.ParseMAC(oriMac)
|
||||
v := &dbdata.User{}
|
||||
err = dbdata.One("Username", cr.Auth.Username, v)
|
||||
if err != nil {
|
||||
var sum [16]byte
|
||||
if sess.UniqueIdGlobal != "" {
|
||||
sum = md5.Sum([]byte(sess.UniqueIdGlobal))
|
||||
} else {
|
||||
sum = md5.Sum([]byte(sess.Token))
|
||||
sess.UniqueMac = false
|
||||
}
|
||||
macHw = sum[0:5] // 5个byte
|
||||
macHw = append([]byte{0x02}, macHw...)
|
||||
sess.MacAddr = macHw.String()
|
||||
base.Info("正在使用第三方认证方式登录")
|
||||
CreateSession(w, r, sessionData)
|
||||
return
|
||||
}
|
||||
sess.MacHw = macHw
|
||||
// 统一macAddr的格式
|
||||
sess.MacAddr = macHw.String()
|
||||
// 用户otp验证
|
||||
if base.Cfg.AuthAloneOtp && !v.DisableOtp {
|
||||
lockManager.UpdateLoginStatus(cr.Auth.Username, r.RemoteAddr, true) // 重置OTP验证计数
|
||||
|
||||
other := &dbdata.SettingOther{}
|
||||
_ = dbdata.SettingGet(other)
|
||||
rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token,
|
||||
Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash, CertHash: certHash}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
tplRequest(tpl_complete, w, rd)
|
||||
base.Info("login", cr.Auth.Username, userAgent)
|
||||
sessionID, err := GenerateSessionID()
|
||||
if err != nil {
|
||||
base.Error("Failed to generate session ID: ", err)
|
||||
http.Error(w, "Failed to generate session ID", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
sessionData.ClientRequest.Auth.OtpSecret = v.OtpSecret
|
||||
SessStore.SaveAuthSession(sessionID, sessionData)
|
||||
|
||||
SetCookie(w, "auth-session-id", sessionID, 0)
|
||||
|
||||
data := RequestData{}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
tplRequest(tpl_otp, w, data)
|
||||
return
|
||||
}
|
||||
|
||||
CreateSession(w, r, sessionData)
|
||||
}
|
||||
|
||||
const (
|
||||
tpl_request = iota
|
||||
tpl_complete
|
||||
tpl_otp
|
||||
)
|
||||
|
||||
func tplRequest(typ int, w io.Writer, data RequestData) {
|
||||
if typ == tpl_request {
|
||||
switch typ {
|
||||
case tpl_request:
|
||||
t, _ := template.New("auth_request").Parse(auth_request)
|
||||
_ = t.Execute(w, data)
|
||||
return
|
||||
case tpl_complete:
|
||||
if data.Banner != "" {
|
||||
buf := new(bytes.Buffer)
|
||||
_ = xml.EscapeText(buf, []byte(data.Banner))
|
||||
data.Banner = buf.String()
|
||||
}
|
||||
t, _ := template.New("auth_complete").Parse(auth_complete)
|
||||
_ = t.Execute(w, data)
|
||||
case tpl_otp:
|
||||
t, _ := template.New("auth_otp").Parse(auth_otp)
|
||||
_ = t.Execute(w, data)
|
||||
}
|
||||
|
||||
if data.Banner != "" {
|
||||
buf := new(bytes.Buffer)
|
||||
_ = xml.EscapeText(buf, []byte(data.Banner))
|
||||
data.Banner = buf.String()
|
||||
}
|
||||
|
||||
t, _ := template.New("auth_complete").Parse(auth_complete)
|
||||
_ = t.Execute(w, data)
|
||||
}
|
||||
|
||||
// 设置输出信息
|
||||
|
||||
242
server/handler/link_auth_otp.go
Normal file
242
server/handler/link_auth_otp.go
Normal file
@@ -0,0 +1,242 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"crypto/md5"
|
||||
"encoding/xml"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"sync"
|
||||
|
||||
"github.com/bjdgyc/anylink/admin"
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/bjdgyc/anylink/dbdata"
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
)
|
||||
|
||||
var SessStore = NewSessionStore()
|
||||
var lockManager = admin.GetLockManager()
|
||||
|
||||
// const maxOtpErrCount = 3
|
||||
|
||||
type AuthSession struct {
|
||||
ClientRequest *ClientRequest
|
||||
UserActLog *dbdata.UserActLog
|
||||
// OtpErrCount atomic.Uint32 // otp错误次数
|
||||
}
|
||||
|
||||
// 存储临时会话信息
|
||||
type SessionStore struct {
|
||||
session map[string]*AuthSession
|
||||
mu sync.Mutex
|
||||
}
|
||||
|
||||
func NewSessionStore() *SessionStore {
|
||||
return &SessionStore{
|
||||
session: make(map[string]*AuthSession),
|
||||
}
|
||||
}
|
||||
|
||||
func (s *SessionStore) SaveAuthSession(sessionID string, session *AuthSession) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
s.session[sessionID] = session
|
||||
}
|
||||
|
||||
func (s *SessionStore) GetAuthSession(sessionID string) (*AuthSession, error) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
|
||||
session, exists := s.session[sessionID]
|
||||
if !exists {
|
||||
return nil, fmt.Errorf("auth session not found")
|
||||
}
|
||||
|
||||
return session, nil
|
||||
}
|
||||
|
||||
func (s *SessionStore) DeleteAuthSession(sessionID string) {
|
||||
s.mu.Lock()
|
||||
defer s.mu.Unlock()
|
||||
delete(s.session, sessionID)
|
||||
}
|
||||
|
||||
// func (a *AuthSession) AddOtpErrCount(i int) int {
|
||||
// newI := a.OtpErrCount.Add(uint32(i))
|
||||
// return int(newI)
|
||||
// }
|
||||
|
||||
func GenerateSessionID() (string, error) {
|
||||
sessionID := utils.RandomRunes(32)
|
||||
if sessionID == "" {
|
||||
return "", fmt.Errorf("failed to generate session ID")
|
||||
}
|
||||
|
||||
return sessionID, nil
|
||||
}
|
||||
|
||||
func SetCookie(w http.ResponseWriter, name, value string, maxAge int) {
|
||||
cookie := &http.Cookie{
|
||||
Name: name,
|
||||
Value: value,
|
||||
MaxAge: maxAge,
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
Secure: true,
|
||||
SameSite: http.SameSiteLaxMode,
|
||||
}
|
||||
http.SetCookie(w, cookie)
|
||||
}
|
||||
|
||||
func GetCookie(r *http.Request, name string) (string, error) {
|
||||
cookie, err := r.Cookie(name)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to get cookie: %v", err)
|
||||
}
|
||||
return cookie.Value, nil
|
||||
}
|
||||
|
||||
func DeleteCookie(w http.ResponseWriter, name string) {
|
||||
cookie := &http.Cookie{
|
||||
Name: name,
|
||||
Value: "",
|
||||
MaxAge: -1,
|
||||
Path: "/",
|
||||
HttpOnly: true,
|
||||
Secure: true,
|
||||
SameSite: http.SameSiteStrictMode,
|
||||
}
|
||||
http.SetCookie(w, cookie)
|
||||
}
|
||||
func CreateSession(w http.ResponseWriter, r *http.Request, authSession *AuthSession) {
|
||||
cr := authSession.ClientRequest
|
||||
ua := authSession.UserActLog
|
||||
|
||||
lockManager.UpdateLoginStatus(cr.Auth.Username, r.RemoteAddr, true) // 更新登录成功状态
|
||||
|
||||
sess := sessdata.NewSession("")
|
||||
sess.Username = cr.Auth.Username
|
||||
sess.Group = cr.GroupSelect
|
||||
oriMac := cr.MacAddressList.MacAddress
|
||||
sess.UniqueIdGlobal = cr.DeviceId.UniqueIdGlobal
|
||||
sess.UserAgent = cr.UserAgent
|
||||
sess.DeviceType = ua.DeviceType
|
||||
sess.PlatformVersion = ua.PlatformVersion
|
||||
sess.RemoteAddr = cr.RemoteAddr
|
||||
// 获取客户端mac地址
|
||||
sess.UniqueMac = true
|
||||
macHw, err := net.ParseMAC(oriMac)
|
||||
if err != nil {
|
||||
var sum [16]byte
|
||||
if sess.UniqueIdGlobal != "" {
|
||||
sum = md5.Sum([]byte(sess.UniqueIdGlobal))
|
||||
} else {
|
||||
sum = md5.Sum([]byte(sess.Token))
|
||||
sess.UniqueMac = false
|
||||
}
|
||||
macHw = sum[0:5] // 5个byte
|
||||
macHw = append([]byte{0x02}, macHw...)
|
||||
sess.MacAddr = macHw.String()
|
||||
}
|
||||
sess.MacHw = macHw
|
||||
// 统一macAddr的格式
|
||||
sess.MacAddr = macHw.String()
|
||||
|
||||
other := &dbdata.SettingOther{}
|
||||
dbdata.SettingGet(other)
|
||||
rd := RequestData{
|
||||
SessionId: sess.Sid,
|
||||
SessionToken: sess.Sid + "@" + sess.Token,
|
||||
Banner: other.Banner,
|
||||
ProfileName: base.Cfg.ProfileName,
|
||||
ProfileHash: profileHash,
|
||||
CertHash: certHash,
|
||||
}
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
tplRequest(tpl_complete, w, rd)
|
||||
base.Info("login", cr.Auth.Username, cr.UserAgent)
|
||||
}
|
||||
|
||||
func LinkAuth_otp(w http.ResponseWriter, r *http.Request) {
|
||||
sessionID, err := GetCookie(r, "auth-session-id")
|
||||
if err != nil {
|
||||
http.Error(w, "Invalid session, please login again", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
sessionData, err := SessStore.GetAuthSession(sessionID)
|
||||
if err != nil {
|
||||
http.Error(w, "Invalid session, please login again", http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
body, err := io.ReadAll(r.Body)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
SessStore.DeleteAuthSession(sessionID)
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
defer r.Body.Close()
|
||||
|
||||
cr := ClientRequest{}
|
||||
err = xml.Unmarshal(body, &cr)
|
||||
if err != nil {
|
||||
base.Error(err)
|
||||
SessStore.DeleteAuthSession(sessionID)
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
|
||||
ua := sessionData.UserActLog
|
||||
username := sessionData.ClientRequest.Auth.Username
|
||||
otpSecret := sessionData.ClientRequest.Auth.OtpSecret
|
||||
otp := cr.Auth.SecondaryPassword
|
||||
|
||||
// 锁定状态判断
|
||||
if !lockManager.CheckLocked(username, r.RemoteAddr) {
|
||||
w.WriteHeader(http.StatusTooManyRequests)
|
||||
SessStore.DeleteAuthSession(sessionID)
|
||||
return
|
||||
}
|
||||
|
||||
// 动态码错误
|
||||
if !dbdata.CheckOtp(username, otp, otpSecret) {
|
||||
lockManager.UpdateLoginStatus(username, r.RemoteAddr, false) // 记录登录失败状态
|
||||
|
||||
base.Warn("OTP 动态码错误", username, r.RemoteAddr)
|
||||
ua.Info = "OTP 动态码错误"
|
||||
ua.Status = dbdata.UserAuthFail
|
||||
dbdata.UserActLogIns.Add(*ua, sessionData.ClientRequest.UserAgent)
|
||||
|
||||
w.WriteHeader(http.StatusOK)
|
||||
data := RequestData{Error: "请求错误"}
|
||||
if base.Cfg.DisplayError {
|
||||
data.Error = "OTP 动态码错误"
|
||||
}
|
||||
tplRequest(tpl_otp, w, data)
|
||||
return
|
||||
}
|
||||
CreateSession(w, r, sessionData)
|
||||
|
||||
// 删除临时会话信息
|
||||
SessStore.DeleteAuthSession(sessionID)
|
||||
// DeleteCookie(w, "auth-session-id")
|
||||
}
|
||||
|
||||
var auth_otp = `<?xml version="1.0" encoding="UTF-8"?>
|
||||
<config-auth client="vpn" type="auth-request" aggregate-auth-version="2">
|
||||
<auth id="otp-verification">
|
||||
<title>OTP 动态码验证</title>
|
||||
<message>请输入您的 OTP 动态码</message>
|
||||
{{if .Error}}
|
||||
<error id="otp-verification" param1="{{.Error}}" param2="">验证失败: %s</error>
|
||||
{{end}}
|
||||
<form method="post" action="/otp-verification">
|
||||
<input type="password" name="secondary_password" label="OTPCode:"/>
|
||||
</form>
|
||||
</auth>
|
||||
</config-auth>`
|
||||
@@ -17,6 +17,8 @@ type ClientRequest struct {
|
||||
Version string `xml:"version"` // 客户端版本号
|
||||
GroupAccess string `xml:"group-access"` // 请求的地址
|
||||
GroupSelect string `xml:"group-select"` // 选择的组名
|
||||
RemoteAddr string `xml:"remote_addr"`
|
||||
UserAgent string `xml:"user_agent"`
|
||||
SessionId string `xml:"session-id"`
|
||||
SessionToken string `xml:"session-token"`
|
||||
Auth auth `xml:"auth"`
|
||||
@@ -27,6 +29,7 @@ type ClientRequest struct {
|
||||
type auth struct {
|
||||
Username string `xml:"username"`
|
||||
Password string `xml:"password"`
|
||||
OtpSecret string `xml:"otp_secret"`
|
||||
SecondaryPassword string `xml:"secondary_password"`
|
||||
}
|
||||
|
||||
|
||||
@@ -28,11 +28,11 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if index.Homecode > 0 {
|
||||
if index.Homecode != http.StatusOK {
|
||||
w.WriteHeader(index.Homecode)
|
||||
} else {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
|
||||
// if index.Homeindex == "" {
|
||||
// index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
|
||||
|
||||
@@ -10,6 +10,7 @@ import (
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
gosysctl "github.com/lorenzosaino/go-sysctl"
|
||||
"github.com/songgao/packets/ethernet"
|
||||
"github.com/songgao/water"
|
||||
"github.com/songgao/water/waterutil"
|
||||
@@ -88,8 +89,12 @@ func LinkTap(cSess *sessdata.ConnSession) error {
|
||||
return err
|
||||
}
|
||||
|
||||
cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name())
|
||||
execCmd([]string{cmdstr3})
|
||||
// cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name())
|
||||
// execCmd([]string{cmdstr3})
|
||||
err = gosysctl.Set(fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6", ifce.Name()), "1")
|
||||
if err != nil {
|
||||
base.Warn(err)
|
||||
}
|
||||
|
||||
go allTapRead(ifce, cSess)
|
||||
go allTapWrite(ifce, cSess)
|
||||
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
"github.com/coreos/go-iptables/iptables"
|
||||
gosysctl "github.com/lorenzosaino/go-sysctl"
|
||||
"github.com/songgao/water"
|
||||
)
|
||||
|
||||
@@ -31,10 +32,10 @@ func checkTun() {
|
||||
base.Fatal("testTun err: ", err)
|
||||
}
|
||||
// 开启服务器转发
|
||||
err = execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
|
||||
if err != nil {
|
||||
base.Fatal(err)
|
||||
}
|
||||
// err = execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
|
||||
// if err != nil {
|
||||
// base.Fatal(err)
|
||||
// }
|
||||
if base.Cfg.IptablesNat {
|
||||
// 添加NAT转发规则
|
||||
ipt, err := iptables.New()
|
||||
@@ -100,8 +101,12 @@ func LinkTun(cSess *sessdata.ConnSession) error {
|
||||
return err
|
||||
}
|
||||
|
||||
cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name())
|
||||
execCmd([]string{cmdstr3})
|
||||
// cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name())
|
||||
// execCmd([]string{cmdstr3})
|
||||
err = gosysctl.Set(fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6", ifce.Name()), "1")
|
||||
if err != nil {
|
||||
base.Warn(err)
|
||||
}
|
||||
|
||||
go tunRead(ifce, cSess)
|
||||
go tunWrite(ifce, cSess)
|
||||
|
||||
@@ -87,8 +87,8 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
cSess.CstpDpd = cstpDpd
|
||||
|
||||
dtlsPort := "443"
|
||||
if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
|
||||
ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
|
||||
if strings.Contains(base.Cfg.AdvertiseDTLSAddr, ":") {
|
||||
ss := strings.Split(base.Cfg.AdvertiseDTLSAddr, ":")
|
||||
dtlsPort = ss[1]
|
||||
}
|
||||
|
||||
@@ -138,7 +138,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
// 允许的路由
|
||||
for _, v := range cSess.Group.RouteInclude {
|
||||
if strings.ToLower(v.Val) == dbdata.All {
|
||||
if strings.ToLower(v.Val) == dbdata.ALL {
|
||||
continue
|
||||
}
|
||||
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
|
||||
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
gosysctl "github.com/lorenzosaino/go-sysctl"
|
||||
)
|
||||
|
||||
// link vtap
|
||||
@@ -64,8 +65,12 @@ func LinkMacvtap(cSess *sessdata.ConnSession) error {
|
||||
base.Error(err)
|
||||
return err
|
||||
}
|
||||
cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifName)
|
||||
execCmd([]string{cmdstr3})
|
||||
// cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifName)
|
||||
// execCmd([]string{cmdstr3})
|
||||
err = gosysctl.Set(fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6", ifName), "1")
|
||||
if err != nil {
|
||||
base.Warn(err)
|
||||
}
|
||||
|
||||
return createVtap(cSess, ifName)
|
||||
}
|
||||
|
||||
@@ -86,27 +86,41 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
|
||||
}
|
||||
|
||||
for _, v := range group.LinkAcl {
|
||||
// 循环判断ip和端口
|
||||
if v.IpNet.Contains(ipDst) {
|
||||
// 放行允许ip的ping
|
||||
// if v.Ports == nil || len(v.Ports) == 0 {
|
||||
// //单端口历史数据兼容
|
||||
// port := uint16(v.Port.(float64))
|
||||
// if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
|
||||
// if v.Action == dbdata.Allow {
|
||||
// return true
|
||||
// } else {
|
||||
// return false
|
||||
// }
|
||||
// }
|
||||
// } else {
|
||||
|
||||
// 放行允许ip的ping
|
||||
// if v.Ports == nil || len(v.Ports) == 0 {
|
||||
// //单端口历史数据兼容
|
||||
// port := uint16(v.Port.(float64))
|
||||
// if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
|
||||
// if v.Action == dbdata.Allow {
|
||||
// return true
|
||||
// } else {
|
||||
// return false
|
||||
// }
|
||||
// }
|
||||
// } else {
|
||||
// 先判断协议
|
||||
// 兼容旧数据 v.Protocol == ""
|
||||
if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto {
|
||||
// 循环判断ip和端口
|
||||
if v.IpNet.Contains(ipDst) {
|
||||
// icmp 不判断端口
|
||||
if ipProto == waterutil.ICMP {
|
||||
if v.Action == dbdata.Allow {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) || ipProto == waterutil.ICMP {
|
||||
if v.Action == dbdata.Allow {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) {
|
||||
if v.Action == dbdata.Allow {
|
||||
// log.Println(dbdata.Allow, v.Ports)
|
||||
return true
|
||||
} else {
|
||||
// log.Println(dbdata.Deny, v.Ports)
|
||||
return false
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -106,6 +106,9 @@ func logAudit(userName string, pl *sessdata.Payload) {
|
||||
if err := recover(); err != nil {
|
||||
base.Error("logAudit is panic: ", err, "\n", string(debug.Stack()), "\n", pl.Data)
|
||||
}
|
||||
}()
|
||||
|
||||
defer func() {
|
||||
putPayload(pl)
|
||||
}()
|
||||
|
||||
|
||||
@@ -112,8 +112,11 @@ func initRoute() http.Handler {
|
||||
|
||||
r.HandleFunc("/", LinkHome).Methods(http.MethodGet)
|
||||
r.HandleFunc("/", LinkAuth).Methods(http.MethodPost)
|
||||
// r.Handle("/", antiBruteForce(http.HandlerFunc(LinkAuth))).Methods(http.MethodPost)
|
||||
r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect)
|
||||
r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet)
|
||||
r.HandleFunc("/otp-verification", LinkAuth_otp).Methods(http.MethodPost)
|
||||
// r.Handle("/otp-verification", antiBruteForce(http.HandlerFunc(LinkAuth_otp))).Methods(http.MethodPost)
|
||||
r.HandleFunc(fmt.Sprintf("/profile_%s.xml", base.Cfg.ProfileName), func(w http.ResponseWriter, r *http.Request) {
|
||||
b, _ := os.ReadFile(base.Cfg.Profile)
|
||||
w.Write(b)
|
||||
|
||||
@@ -3,6 +3,7 @@ package handler
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"encoding/hex"
|
||||
"log"
|
||||
"os"
|
||||
|
||||
"github.com/bjdgyc/anylink/admin"
|
||||
@@ -10,6 +11,7 @@ import (
|
||||
"github.com/bjdgyc/anylink/cron"
|
||||
"github.com/bjdgyc/anylink/dbdata"
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
gosysctl "github.com/lorenzosaino/go-sysctl"
|
||||
)
|
||||
|
||||
func Start() {
|
||||
@@ -17,12 +19,21 @@ func Start() {
|
||||
sessdata.Start()
|
||||
cron.Start()
|
||||
|
||||
admin.InitLockManager() // 初始化防爆破定时器和IP白名单
|
||||
|
||||
// 开启服务器转发
|
||||
err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
|
||||
err := gosysctl.Set("net.ipv4.ip_forward", "1")
|
||||
if err != nil {
|
||||
base.Fatal(err)
|
||||
base.Warn(err)
|
||||
}
|
||||
|
||||
val, err := gosysctl.Get("net.ipv4.ip_forward")
|
||||
if val != "1" {
|
||||
log.Fatal("Please exec 'sysctl -w net.ipv4.ip_forward=1' ")
|
||||
}
|
||||
// os.Exit(0)
|
||||
// execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
|
||||
|
||||
switch base.Cfg.LinkMode {
|
||||
case base.LinkModeTUN:
|
||||
checkTun()
|
||||
|
||||
@@ -14,6 +14,10 @@ func PasswordHash(password string) (string, error) {
|
||||
}
|
||||
|
||||
func PasswordVerify(password, hash string) bool {
|
||||
// 保留老用户明文验证
|
||||
if len(hash) != 60 {
|
||||
return password == hash
|
||||
}
|
||||
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
||||
return err == nil
|
||||
}
|
||||
|
||||
@@ -1,7 +1,10 @@
|
||||
package utils
|
||||
|
||||
import (
|
||||
crand "crypto/rand"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"log"
|
||||
"math/rand"
|
||||
"strings"
|
||||
"sync/atomic"
|
||||
@@ -83,9 +86,7 @@ func HumanByte(bf interface{}) string {
|
||||
|
||||
func RandomRunes(length int) string {
|
||||
letterRunes := []rune("abcdefghijklmnpqrstuvwxy1234567890")
|
||||
|
||||
bytes := make([]rune, length)
|
||||
|
||||
for i := range bytes {
|
||||
bytes[i] = letterRunes[rand.Intn(len(letterRunes))]
|
||||
}
|
||||
@@ -93,6 +94,17 @@ func RandomRunes(length int) string {
|
||||
return string(bytes)
|
||||
}
|
||||
|
||||
func RandomHex(length int) string {
|
||||
b := make([]byte, length)
|
||||
_, err := crand.Read(b)
|
||||
if err != nil {
|
||||
log.Println(err)
|
||||
return ""
|
||||
}
|
||||
|
||||
return hex.EncodeToString(b)
|
||||
}
|
||||
|
||||
func ParseName(name string) string {
|
||||
name = strings.ReplaceAll(name, " ", "-")
|
||||
name = strings.ReplaceAll(name, "'", "-")
|
||||
|
||||
@@ -13,11 +13,9 @@ import (
|
||||
var (
|
||||
IpPool = &ipPoolConfig{}
|
||||
ipActive = map[string]bool{}
|
||||
// ipKeep and ipLease ipAddr => type
|
||||
// ipLease = map[string]bool{}
|
||||
// ipKeep and ipLease ipAddr => macAddr
|
||||
// ipKeep = map[string]string{}
|
||||
ipPoolMux sync.Mutex
|
||||
// 记录循环点
|
||||
loopCurIp uint32
|
||||
)
|
||||
|
||||
type ipPoolConfig struct {
|
||||
@@ -73,21 +71,27 @@ func initIpPool() {
|
||||
// func getIpLease() {
|
||||
// xdb := dbdata.GetXdb()
|
||||
// keepIpMaps := []dbdata.IpMap{}
|
||||
// sNow := time.Now().Add(-1 * time.Duration(base.Cfg.IpLease) * time.Second)
|
||||
// err := xdb.Cols("ip_addr").Where("keep=?", true).
|
||||
// Or("unique_mac=? and last_login>?", true, sNow).Find(&keepIpMaps)
|
||||
// // sNow := time.Now().Add(-1 * time.Duration(base.Cfg.IpLease) * time.Second)
|
||||
// err := xdb.Cols("ip_addr", "mac_addr").Where("keep=?", true).Find(&keepIpMaps)
|
||||
// if err != nil {
|
||||
// base.Error(err)
|
||||
// }
|
||||
// // fmt.Println(keepIpMaps)
|
||||
// log.Println(keepIpMaps)
|
||||
// ipPoolMux.Lock()
|
||||
// ipLease = map[string]bool{}
|
||||
// ipKeep = map[string]string{}
|
||||
// for _, v := range keepIpMaps {
|
||||
// ipLease[v.IpAddr] = true
|
||||
// ipKeep[v.IpAddr] = v.MacAddr
|
||||
// }
|
||||
// ipPoolMux.Unlock()
|
||||
// }
|
||||
|
||||
func ipInPool(ip net.IP) bool {
|
||||
if utils.Ip2long(ip) >= IpPool.IpLongMin && utils.Ip2long(ip) <= IpPool.IpLongMax {
|
||||
return true
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// AcquireIp 获取动态ip
|
||||
func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
|
||||
base.Trace("AcquireIp start:", username, macAddr, uniqueMac)
|
||||
@@ -95,6 +99,7 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
|
||||
defer func() {
|
||||
ipPoolMux.Unlock()
|
||||
base.Trace("AcquireIp end:", username, macAddr, uniqueMac, newIp)
|
||||
base.Info("AcquireIp ip:", username, macAddr, uniqueMac, newIp)
|
||||
}()
|
||||
|
||||
var (
|
||||
@@ -102,6 +107,7 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
|
||||
tNow = time.Now()
|
||||
)
|
||||
|
||||
// 获取到客户端 macAddr 的情况
|
||||
if uniqueMac {
|
||||
// 判断是否已经分配过
|
||||
mi := &dbdata.IpMap{}
|
||||
@@ -124,9 +130,9 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
|
||||
_, ok := ipActive[ipStr]
|
||||
// 检测原有ip是否在新的ip池内
|
||||
// IpPool.Ipv4IPNet.Contains(ip) &&
|
||||
if !ok &&
|
||||
utils.Ip2long(ip) >= IpPool.IpLongMin &&
|
||||
utils.Ip2long(ip) <= IpPool.IpLongMax {
|
||||
// ip符合规范
|
||||
// 检测原有ip是否在新的ip池内
|
||||
if !ok && ipInPool(ip) {
|
||||
mi.Username = username
|
||||
mi.LastLogin = tNow
|
||||
mi.UniqueMac = uniqueMac
|
||||
@@ -135,61 +141,81 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
|
||||
ipActive[ipStr] = true
|
||||
return ip
|
||||
}
|
||||
// 删除当前macAddr
|
||||
mi = &dbdata.IpMap{MacAddr: macAddr}
|
||||
_ = dbdata.Del(mi)
|
||||
|
||||
} else {
|
||||
// 没有获取到mac的情况
|
||||
ipMaps := []dbdata.IpMap{}
|
||||
err = dbdata.FindWhere(&ipMaps, 50, 1, "username=? and unique_mac=?", username, false)
|
||||
if err != nil {
|
||||
// 没有查询到数据
|
||||
if dbdata.CheckErrNotFound(err) {
|
||||
return loopIp(username, macAddr, uniqueMac)
|
||||
}
|
||||
// 查询报错
|
||||
base.Error(err)
|
||||
// ip保留
|
||||
if mi.Keep {
|
||||
base.Error(username, macAddr, ipStr, "保留ip不匹配CIDR")
|
||||
return nil
|
||||
}
|
||||
|
||||
// 遍历mac记录
|
||||
for _, mi := range ipMaps {
|
||||
ipStr := mi.IpAddr
|
||||
ip := net.ParseIP(ipStr)
|
||||
// 删除当前macAddr
|
||||
mi = &dbdata.IpMap{MacAddr: macAddr}
|
||||
_ = dbdata.Del(mi)
|
||||
return loopIp(username, macAddr, uniqueMac)
|
||||
}
|
||||
|
||||
// 跳过活跃连接
|
||||
if _, ok := ipActive[ipStr]; ok {
|
||||
continue
|
||||
}
|
||||
// 跳过保留ip
|
||||
if mi.Keep {
|
||||
continue
|
||||
}
|
||||
// 没有mac的 不需要验证租期
|
||||
// mi.LastLogin.Before(leaseTime) &&
|
||||
if utils.Ip2long(ip) >= IpPool.IpLongMin &&
|
||||
utils.Ip2long(ip) <= IpPool.IpLongMax {
|
||||
mi.LastLogin = tNow
|
||||
mi.MacAddr = macAddr
|
||||
mi.UniqueMac = uniqueMac
|
||||
// 回写db数据
|
||||
_ = dbdata.Set(mi)
|
||||
ipActive[ipStr] = true
|
||||
return ip
|
||||
}
|
||||
// 没有获取到mac的情况
|
||||
ipMaps := []dbdata.IpMap{}
|
||||
err = dbdata.FindWhere(&ipMaps, 30, 1, "username=?", username)
|
||||
if err != nil {
|
||||
// 没有查询到数据
|
||||
if dbdata.CheckErrNotFound(err) {
|
||||
return loopIp(username, macAddr, uniqueMac)
|
||||
}
|
||||
// 查询报错
|
||||
base.Error(err)
|
||||
return nil
|
||||
}
|
||||
|
||||
// 遍历mac记录
|
||||
for _, mi := range ipMaps {
|
||||
ipStr := mi.IpAddr
|
||||
ip := net.ParseIP(ipStr)
|
||||
|
||||
// 跳过活跃连接
|
||||
if _, ok := ipActive[ipStr]; ok {
|
||||
continue
|
||||
}
|
||||
// 跳过保留ip
|
||||
if mi.Keep {
|
||||
continue
|
||||
}
|
||||
if mi.UniqueMac {
|
||||
continue
|
||||
}
|
||||
|
||||
// 没有mac的 不需要验证租期
|
||||
// mi.LastLogin.Before(leaseTime) &&
|
||||
if ipInPool(ip) {
|
||||
mi.Username = username
|
||||
mi.LastLogin = tNow
|
||||
mi.MacAddr = macAddr
|
||||
mi.UniqueMac = uniqueMac
|
||||
// 回写db数据
|
||||
_ = dbdata.Set(mi)
|
||||
ipActive[ipStr] = true
|
||||
return ip
|
||||
}
|
||||
}
|
||||
|
||||
return loopIp(username, macAddr, uniqueMac)
|
||||
}
|
||||
|
||||
var (
|
||||
// 记录循环点
|
||||
loopCurIp uint32
|
||||
loopFarIp *dbdata.IpMap
|
||||
)
|
||||
|
||||
func loopIp(username, macAddr string, uniqueMac bool) net.IP {
|
||||
var (
|
||||
i uint32
|
||||
ip net.IP
|
||||
)
|
||||
|
||||
// 重新赋值
|
||||
loopFarIp = &dbdata.IpMap{LastLogin: time.Now()}
|
||||
|
||||
i, ip = loopLong(loopCurIp, IpPool.IpLongMax, username, macAddr, uniqueMac)
|
||||
if ip != nil {
|
||||
loopCurIp = i
|
||||
@@ -202,6 +228,22 @@ func loopIp(username, macAddr string, uniqueMac bool) net.IP {
|
||||
return ip
|
||||
}
|
||||
|
||||
// ip分配完,从头开始
|
||||
loopCurIp = IpPool.IpLongMin
|
||||
|
||||
if loopFarIp.Id > 0 {
|
||||
// 使用最早登陆的 ip
|
||||
ipStr := loopFarIp.IpAddr
|
||||
ip = net.ParseIP(ipStr)
|
||||
mi := &dbdata.IpMap{IpAddr: ipStr, MacAddr: macAddr, UniqueMac: uniqueMac, Username: username, LastLogin: time.Now()}
|
||||
// 回写db数据
|
||||
_ = dbdata.Set(mi)
|
||||
ipActive[ipStr] = true
|
||||
|
||||
return ip
|
||||
}
|
||||
|
||||
// 全都在线,没有数据可用
|
||||
base.Warn("no ip available, please see ip_map table row", username, macAddr)
|
||||
return nil
|
||||
}
|
||||
@@ -247,6 +289,7 @@ func loopLong(start, end uint32, username, macAddr string, uniqueMac bool) (uint
|
||||
// 判断租期
|
||||
if mi.LastLogin.Before(leaseTime) {
|
||||
// 存在记录,说明已经超过租期,可以直接使用
|
||||
mi.Username = username
|
||||
mi.LastLogin = tNow
|
||||
mi.MacAddr = macAddr
|
||||
mi.UniqueMac = uniqueMac
|
||||
@@ -255,6 +298,10 @@ func loopLong(start, end uint32, username, macAddr string, uniqueMac bool) (uint
|
||||
ipActive[ipStr] = true
|
||||
return i, ip
|
||||
}
|
||||
// 其他情况判断最早登陆
|
||||
if mi.LastLogin.Before(loopFarIp.LastLogin) {
|
||||
loopFarIp = mi
|
||||
}
|
||||
}
|
||||
|
||||
return 0, nil
|
||||
|
||||
@@ -11,21 +11,22 @@ import (
|
||||
)
|
||||
|
||||
type Online struct {
|
||||
Token string `json:"token"`
|
||||
Username string `json:"username"`
|
||||
Group string `json:"group"`
|
||||
MacAddr string `json:"mac_addr"`
|
||||
UniqueMac bool `json:"unique_mac"`
|
||||
Ip net.IP `json:"ip"`
|
||||
RemoteAddr string `json:"remote_addr"`
|
||||
TunName string `json:"tun_name"`
|
||||
Mtu int `json:"mtu"`
|
||||
Client string `json:"client"`
|
||||
BandwidthUp string `json:"bandwidth_up"`
|
||||
BandwidthDown string `json:"bandwidth_down"`
|
||||
BandwidthUpAll string `json:"bandwidth_up_all"`
|
||||
BandwidthDownAll string `json:"bandwidth_down_all"`
|
||||
LastLogin time.Time `json:"last_login"`
|
||||
Token string `json:"token"`
|
||||
Username string `json:"username"`
|
||||
Group string `json:"group"`
|
||||
MacAddr string `json:"mac_addr"`
|
||||
UniqueMac bool `json:"unique_mac"`
|
||||
Ip net.IP `json:"ip"`
|
||||
RemoteAddr string `json:"remote_addr"`
|
||||
TransportProtocol string `json:"transport_protocol"`
|
||||
TunName string `json:"tun_name"`
|
||||
Mtu int `json:"mtu"`
|
||||
Client string `json:"client"`
|
||||
BandwidthUp string `json:"bandwidth_up"`
|
||||
BandwidthDown string `json:"bandwidth_down"`
|
||||
BandwidthUpAll string `json:"bandwidth_up_all"`
|
||||
BandwidthDownAll string `json:"bandwidth_down_all"`
|
||||
LastLogin time.Time `json:"last_login"`
|
||||
}
|
||||
|
||||
type Onlines []Online
|
||||
@@ -90,22 +91,28 @@ func GetOnlineSess(search_cate string, search_text string, show_sleeper bool) []
|
||||
}
|
||||
|
||||
if show_sleeper || v.IsActive {
|
||||
transportProtocol := "TCP"
|
||||
dSess := cSess.GetDtlsSession()
|
||||
if dSess != nil {
|
||||
transportProtocol = "UDP"
|
||||
}
|
||||
val := Online{
|
||||
Token: v.Token,
|
||||
Ip: cSess.IpAddr,
|
||||
Username: v.Username,
|
||||
Group: v.Group,
|
||||
MacAddr: v.MacAddr,
|
||||
UniqueMac: v.UniqueMac,
|
||||
RemoteAddr: cSess.RemoteAddr,
|
||||
TunName: cSess.IfName,
|
||||
Mtu: cSess.Mtu,
|
||||
Client: cSess.Client,
|
||||
BandwidthUp: utils.HumanByte(cSess.BandwidthUpPeriod.Load()) + "/s",
|
||||
BandwidthDown: utils.HumanByte(cSess.BandwidthDownPeriod.Load()) + "/s",
|
||||
BandwidthUpAll: utils.HumanByte(cSess.BandwidthUpAll.Load()),
|
||||
BandwidthDownAll: utils.HumanByte(cSess.BandwidthDownAll.Load()),
|
||||
LastLogin: v.LastLogin,
|
||||
Token: v.Token,
|
||||
Ip: cSess.IpAddr,
|
||||
Username: v.Username,
|
||||
Group: v.Group,
|
||||
MacAddr: v.MacAddr,
|
||||
UniqueMac: v.UniqueMac,
|
||||
RemoteAddr: cSess.RemoteAddr,
|
||||
TransportProtocol: transportProtocol,
|
||||
TunName: cSess.IfName,
|
||||
Mtu: cSess.Mtu,
|
||||
Client: cSess.Client,
|
||||
BandwidthUp: utils.HumanByte(cSess.BandwidthUpPeriod.Load()) + "/s",
|
||||
BandwidthDown: utils.HumanByte(cSess.BandwidthDownPeriod.Load()) + "/s",
|
||||
BandwidthUpAll: utils.HumanByte(cSess.BandwidthUpAll.Load()),
|
||||
BandwidthDownAll: utils.HumanByte(cSess.BandwidthDownAll.Load()),
|
||||
LastLogin: v.LastLogin,
|
||||
}
|
||||
datas = append(datas, val)
|
||||
}
|
||||
|
||||
@@ -2,7 +2,6 @@ package sessdata
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"math/rand"
|
||||
"net"
|
||||
"strconv"
|
||||
"strings"
|
||||
@@ -12,6 +11,7 @@ import (
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/bjdgyc/anylink/dbdata"
|
||||
"github.com/bjdgyc/anylink/pkg/utils"
|
||||
mapset "github.com/deckarep/golang-set"
|
||||
)
|
||||
|
||||
@@ -91,10 +91,6 @@ type Session struct {
|
||||
CSess *ConnSession
|
||||
}
|
||||
|
||||
func init() {
|
||||
rand.Seed(time.Now().UnixNano())
|
||||
}
|
||||
|
||||
func checkSession() {
|
||||
// 检测过期的session
|
||||
go func() {
|
||||
@@ -144,28 +140,16 @@ func CloseUserLimittimeSession() {
|
||||
}
|
||||
}
|
||||
|
||||
func GenToken() string {
|
||||
// 生成32位的 token
|
||||
bToken := make([]byte, 32)
|
||||
rand.Read(bToken)
|
||||
return fmt.Sprintf("%x", bToken)
|
||||
}
|
||||
|
||||
func NewSession(token string) *Session {
|
||||
if token == "" {
|
||||
btoken := make([]byte, 32)
|
||||
rand.Read(btoken)
|
||||
token = fmt.Sprintf("%x", btoken)
|
||||
token = utils.RandomHex(32)
|
||||
}
|
||||
|
||||
// 生成 dtlsn session_id
|
||||
dtlsid := make([]byte, 32)
|
||||
rand.Read(dtlsid)
|
||||
|
||||
sess := &Session{
|
||||
Sid: fmt.Sprintf("%d", time.Now().Unix()),
|
||||
Token: token,
|
||||
DtlsSid: fmt.Sprintf("%x", dtlsid),
|
||||
DtlsSid: utils.RandomHex(32),
|
||||
LastLogin: time.Now(),
|
||||
}
|
||||
|
||||
|
||||
@@ -15,7 +15,8 @@
|
||||
"qs": "^6.11.1",
|
||||
"vue": "^2.6.11",
|
||||
"vue-count-to": "^1.0.13",
|
||||
"vue-router": "^3.5.2"
|
||||
"vue-router": "^3.5.2",
|
||||
"vuedraggable": "^2.24.3"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@vue/cli-plugin-babel": "~4.5.0",
|
||||
|
||||
@@ -7,17 +7,9 @@
|
||||
|
||||
<!--<div class="layout-aside" :style="aside_style">-->
|
||||
|
||||
<el-menu :collapse="!is_active"
|
||||
:default-active="route_path"
|
||||
:style="is_active?'width:200px':''"
|
||||
router
|
||||
class="layout-menu"
|
||||
:collapse-transition="false"
|
||||
|
||||
background-color="#545c64"
|
||||
text-color="#fff"
|
||||
active-text-color="#ffd04b"
|
||||
>
|
||||
<el-menu :collapse="!is_active" :default-active="route_path" :style="is_active ? 'width:200px' : ''" router
|
||||
class="layout-menu" :collapse-transition="false" background-color="#545c64" text-color="#fff"
|
||||
active-text-color="#ffd04b">
|
||||
<el-menu-item index="/admin/home">
|
||||
<i class="el-icon-s-home"></i>
|
||||
<span slot="title">首页</span>
|
||||
@@ -44,6 +36,7 @@
|
||||
<el-menu-item index="/admin/user/list">用户列表</el-menu-item>
|
||||
<el-menu-item index="/admin/user/policy">用户策略</el-menu-item>
|
||||
<el-menu-item index="/admin/user/online">在线用户</el-menu-item>
|
||||
<el-menu-item index="/admin/user/lockmanager">锁定管理</el-menu-item>
|
||||
<el-menu-item index="/admin/user/ip_map">IP映射</el-menu-item>
|
||||
</el-submenu>
|
||||
|
||||
|
||||
@@ -191,7 +191,7 @@
|
||||
:close-on-click-modal="false"
|
||||
title="用户组"
|
||||
:visible.sync="user_edit_dialog"
|
||||
width="750px"
|
||||
width="850px"
|
||||
@close='closeDialog'
|
||||
center>
|
||||
|
||||
@@ -298,6 +298,9 @@
|
||||
:rules="this.ruleForm.auth.type== 'radius' ? this.rules['auth.radius.secret'] : [{ required: false }]">
|
||||
<el-input v-model="ruleForm.auth.radius.secret" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
<el-form-item label="Nasip" prop="auth.radius.nasip">
|
||||
<el-input v-model="ruleForm.auth.radius.nasip" placeholder=""></el-input>
|
||||
</el-form-item>
|
||||
</template>
|
||||
|
||||
<template v-if="ruleForm.auth.type == 'ldap'">
|
||||
@@ -401,7 +404,8 @@
|
||||
<el-form-item label="权限控制" prop="link_acl">
|
||||
<el-row class="msg-info">
|
||||
<el-col :span="22">输入CIDR格式如: 192.168.3.0/24
|
||||
端口0表示所有端口,多个端口用','号分隔,连续端口:1234-5678
|
||||
协议支持 all,tcp,udp,icmp
|
||||
端口0表示所有端口,多个端口:80,443,连续端口:1234-5678
|
||||
</el-col>
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="success" icon="el-icon-plus" circle
|
||||
@@ -409,9 +413,17 @@
|
||||
</el-col>
|
||||
</el-row>
|
||||
|
||||
<!-- 添加拖拽功能 -->
|
||||
<draggable v-model="ruleForm.link_acl" handle=".drag-handle" @end="onEnd">
|
||||
|
||||
<el-row v-for="(item,index) in ruleForm.link_acl"
|
||||
:key="index" style="margin-bottom: 5px" :gutter="1">
|
||||
<el-col :span="10">
|
||||
|
||||
<el-col :span="1" class="drag-handle">
|
||||
<i class="el-icon-rank"></i>
|
||||
</el-col>
|
||||
|
||||
<el-col :span="9">
|
||||
<el-input placeholder="请输入CIDR地址" v-model="item.val">
|
||||
<el-select v-model="item.action" slot="prepend">
|
||||
<el-option label="允许" value="allow"></el-option>
|
||||
@@ -419,18 +431,26 @@
|
||||
</el-select>
|
||||
</el-input>
|
||||
</el-col>
|
||||
<el-col :span="8">
|
||||
|
||||
<el-col :span="3">
|
||||
<el-input placeholder="协议" v-model="item.protocol">
|
||||
</el-col>
|
||||
|
||||
<el-col :span="6">
|
||||
<!-- type="textarea" :autosize="{ minRows: 1, maxRows: 2}" -->
|
||||
<el-input v-model="item.port" placeholder="多端口,号分隔"></el-input>
|
||||
</el-col>
|
||||
<el-col :span="4">
|
||||
<el-col :span="3">
|
||||
<el-input v-model="item.note" placeholder="备注"></el-input>
|
||||
</el-col>
|
||||
|
||||
<el-col :span="2">
|
||||
<el-button size="mini" type="danger" icon="el-icon-minus" circle
|
||||
@click.prevent="removeDomain(ruleForm.link_acl,index)"></el-button>
|
||||
</el-col>
|
||||
</el-row>
|
||||
</draggable>
|
||||
|
||||
</el-form-item>
|
||||
</el-tab-pane>
|
||||
|
||||
@@ -505,10 +525,11 @@
|
||||
|
||||
<script>
|
||||
import axios from "axios";
|
||||
import draggable from 'vuedraggable'
|
||||
|
||||
export default {
|
||||
name: "List",
|
||||
components: {},
|
||||
components: {draggable},
|
||||
mixins: [],
|
||||
created() {
|
||||
this.$emit('update:route_path', this.$route.path)
|
||||
@@ -529,7 +550,7 @@ export default {
|
||||
maxRouteRows: 2500,
|
||||
defAuth: {
|
||||
type: 'local',
|
||||
radius: {addr: "", secret: ""},
|
||||
radius: {addr: "", secret: "", nasip: ""},
|
||||
ldap: {
|
||||
addr: "",
|
||||
tls: false,
|
||||
@@ -614,6 +635,9 @@ export default {
|
||||
}
|
||||
},
|
||||
methods: {
|
||||
onEnd: function() {
|
||||
window.console.log("onEnd", this.ruleForm.link_acl);
|
||||
},
|
||||
setAuthData(row) {
|
||||
if (!row) {
|
||||
this.ruleForm.auth = JSON.parse(JSON.stringify(this.defAuth));
|
||||
@@ -692,7 +716,7 @@ export default {
|
||||
},
|
||||
addDomain(arr) {
|
||||
console.log("arr", arr)
|
||||
arr.push({val: "", action: "allow", port: "0", note: ""});
|
||||
arr.push({protocol:"all", val: "", action: "allow", port: "0", note: ""});
|
||||
},
|
||||
submitForm(formName) {
|
||||
this.$refs[formName].validate((valid) => {
|
||||
@@ -899,4 +923,9 @@ export default {
|
||||
flex: 1;
|
||||
overflow: auto;
|
||||
}
|
||||
|
||||
.drag-handle {
|
||||
cursor: move;
|
||||
}
|
||||
|
||||
</style>
|
||||
|
||||
@@ -48,6 +48,7 @@
|
||||
label="唯一MAC">
|
||||
<template slot-scope="scope">
|
||||
<el-tag v-if="scope.row.unique_mac" type="success">是</el-tag>
|
||||
<el-tag v-else type="info">否</el-tag>
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
|
||||
@@ -3,22 +3,13 @@
|
||||
<el-card>
|
||||
<el-form :inline="true">
|
||||
<el-form-item>
|
||||
<el-button
|
||||
size="small"
|
||||
type="primary"
|
||||
icon="el-icon-plus"
|
||||
@click="handleEdit('')">添加
|
||||
<el-button size="small" type="primary" icon="el-icon-plus" @click="handleEdit('')">添加
|
||||
</el-button>
|
||||
</el-form-item>
|
||||
<el-form-item>
|
||||
<el-dropdown size="small" placement="bottom">
|
||||
<el-upload
|
||||
class="uploaduser"
|
||||
action="uploaduser"
|
||||
accept=".xlsx, .xls"
|
||||
:http-request="upLoadUser"
|
||||
:limit="1"
|
||||
:show-file-list="false">
|
||||
<el-upload class="uploaduser" action="uploaduser" accept=".xlsx, .xls" :http-request="upLoadUser" :limit="1"
|
||||
:show-file-list="false">
|
||||
<el-button size="small" icon="el-icon-upload2" type="primary">批量添加</el-button>
|
||||
</el-upload>
|
||||
<el-dropdown-menu slot="dropdown">
|
||||
@@ -32,79 +23,45 @@
|
||||
</el-form-item>
|
||||
<el-form-item label="用户名或姓名或邮箱:">
|
||||
<el-input size="small" v-model="searchData" placeholder="请输入内容"
|
||||
@keydown.enter.native="searchEnterFun"></el-input>
|
||||
@keydown.enter.native="searchEnterFun"></el-input>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item>
|
||||
<el-button
|
||||
size="small"
|
||||
type="primary"
|
||||
icon="el-icon-search"
|
||||
@click="handleSearch()">搜索
|
||||
<el-button size="small" type="primary" icon="el-icon-search" @click="handleSearch()">搜索
|
||||
</el-button>
|
||||
<el-button
|
||||
size="small"
|
||||
icon="el-icon-refresh"
|
||||
@click="reset">重置搜索
|
||||
<el-button size="small" icon="el-icon-refresh" @click="reset">重置搜索
|
||||
</el-button>
|
||||
</el-form-item>
|
||||
</el-form>
|
||||
|
||||
<el-table
|
||||
ref="multipleTable"
|
||||
:data="tableData"
|
||||
border>
|
||||
<el-table ref="multipleTable" :data="tableData" border>
|
||||
|
||||
<el-table-column
|
||||
sortable="true"
|
||||
prop="id"
|
||||
label="ID"
|
||||
width="60">
|
||||
<el-table-column sortable="true" prop="id" label="ID" width="60">
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="username"
|
||||
label="用户名"
|
||||
width="150">
|
||||
<el-table-column prop="username" label="用户名" width="150">
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="nickname"
|
||||
label="姓名"
|
||||
width="100">
|
||||
<el-table-column prop="nickname" label="姓名" width="100">
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="email"
|
||||
label="邮箱">
|
||||
<el-table-column prop="email" label="邮箱">
|
||||
</el-table-column>
|
||||
<el-table-column
|
||||
prop="otp_secret"
|
||||
label="OTP密钥"
|
||||
width="110">
|
||||
<el-table-column prop="otp_secret" label="OTP密钥" width="110">
|
||||
<template slot-scope="scope">
|
||||
<el-button
|
||||
v-if="!scope.row.disable_otp"
|
||||
type="text"
|
||||
icon="el-icon-view"
|
||||
@click="getOtpImg(scope.row)">
|
||||
<el-button v-if="!scope.row.disable_otp" type="text" icon="el-icon-view" @click="getOtpImg(scope.row)">
|
||||
{{ scope.row.otp_secret.substring(0, 6) }}
|
||||
</el-button>
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="groups"
|
||||
label="用户组">
|
||||
<el-table-column prop="groups" label="用户组">
|
||||
<template slot-scope="scope">
|
||||
<el-row v-for="item in scope.row.groups" :key="item">{{ item }}</el-row>
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="status"
|
||||
label="状态"
|
||||
width="70">
|
||||
<el-table-column prop="status" label="状态" width="70">
|
||||
<template slot-scope="scope">
|
||||
<el-tag v-if="scope.row.status === 1" type="success">可用</el-tag>
|
||||
<el-tag v-if="scope.row.status === 0" type="danger">停用</el-tag>
|
||||
@@ -112,20 +69,12 @@
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="updated_at"
|
||||
label="更新时间"
|
||||
:formatter="tableDateFormat">
|
||||
<el-table-column prop="updated_at" label="更新时间" :formatter="tableDateFormat">
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
label="操作"
|
||||
width="210">
|
||||
<el-table-column label="操作" width="210">
|
||||
<template slot-scope="scope">
|
||||
<el-button
|
||||
size="mini"
|
||||
type="primary"
|
||||
@click="handleEdit(scope.row)">编辑
|
||||
<el-button size="mini" type="primary" @click="handleEdit(scope.row)">编辑
|
||||
</el-button>
|
||||
|
||||
<!-- <el-popconfirm
|
||||
@@ -139,14 +88,8 @@
|
||||
</el-button>
|
||||
</el-popconfirm>-->
|
||||
|
||||
<el-popconfirm
|
||||
class="m-left-10"
|
||||
@confirm="handleDel(scope.row)"
|
||||
title="确定要删除用户吗?">
|
||||
<el-button
|
||||
slot="reference"
|
||||
size="mini"
|
||||
type="danger">删除
|
||||
<el-popconfirm class="m-left-10" @confirm="handleDel(scope.row)" title="确定要删除用户吗?">
|
||||
<el-button slot="reference" size="mini" type="danger">删除
|
||||
</el-button>
|
||||
</el-popconfirm>
|
||||
|
||||
@@ -156,34 +99,20 @@
|
||||
|
||||
<div class="sh-20"></div>
|
||||
|
||||
<el-pagination
|
||||
background
|
||||
layout="prev, pager, next"
|
||||
:pager-count="11"
|
||||
@current-change="pageChange"
|
||||
:current-page="page"
|
||||
:total="count">
|
||||
<el-pagination background layout="prev, pager, next" :pager-count="11" @current-change="pageChange"
|
||||
:current-page="page" :total="count">
|
||||
</el-pagination>
|
||||
|
||||
</el-card>
|
||||
|
||||
<el-dialog
|
||||
title="OTP密钥"
|
||||
:visible.sync="otpImgData.visible"
|
||||
width="350px"
|
||||
center>
|
||||
<el-dialog title="OTP密钥" :visible.sync="otpImgData.visible" width="350px" center>
|
||||
<div style="text-align: center">{{ otpImgData.username }} : {{ otpImgData.nickname }}</div>
|
||||
<img :src="otpImgData.base64Img" alt="otp-img"/>
|
||||
<img :src="otpImgData.base64Img" alt="otp-img" />
|
||||
</el-dialog>
|
||||
|
||||
<!--新增、修改弹出框-->
|
||||
<el-dialog
|
||||
:close-on-click-modal="false"
|
||||
title="用户"
|
||||
:visible="user_edit_dialog"
|
||||
@close="disVisible"
|
||||
width="650px"
|
||||
center>
|
||||
<el-dialog :close-on-click-modal="false" title="用户" :visible="user_edit_dialog" @close="disVisible" width="650px"
|
||||
center>
|
||||
|
||||
<el-form :model="ruleForm" :rules="rules" ref="ruleForm" label-width="100px" class="ruleForm">
|
||||
<el-form-item label="用户ID" prop="id">
|
||||
@@ -204,21 +133,13 @@
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="过期时间" prop="limittime">
|
||||
<el-date-picker
|
||||
v-model="ruleForm.limittime"
|
||||
type="date"
|
||||
size="small"
|
||||
align="center"
|
||||
style="width:130px"
|
||||
:picker-options="pickerOptions"
|
||||
placeholder="选择日期">
|
||||
<el-date-picker v-model="ruleForm.limittime" type="date" size="small" align="center" style="width:130px"
|
||||
:picker-options="pickerOptions" placeholder="选择日期">
|
||||
</el-date-picker>
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="禁用OTP" prop="disable_otp">
|
||||
<el-switch
|
||||
v-model="ruleForm.disable_otp"
|
||||
active-text="开启OTP后,用户密码为【PIN码+OTP动态码】(中间没有+号)">
|
||||
<el-switch v-model="ruleForm.disable_otp" active-text="开启OTP后,用户密码为PIN码,OTP密码为扫码后生成的动态码">
|
||||
</el-switch>
|
||||
</el-form-item>
|
||||
|
||||
@@ -233,8 +154,7 @@
|
||||
</el-form-item>
|
||||
|
||||
<el-form-item label="发送邮件" prop="send_email">
|
||||
<el-switch
|
||||
v-model="ruleForm.send_email">
|
||||
<el-switch v-model="ruleForm.send_email">
|
||||
</el-switch>
|
||||
</el-form-item>
|
||||
|
||||
@@ -286,7 +206,7 @@ export default {
|
||||
}
|
||||
},
|
||||
searchData: '',
|
||||
otpImgData: {visible: false, username: '', nickname: '', base64Img: ''},
|
||||
otpImgData: { visible: false, username: '', nickname: '', base64Img: '' },
|
||||
ruleForm: {
|
||||
send_email: true,
|
||||
status: 1,
|
||||
@@ -294,30 +214,30 @@ export default {
|
||||
},
|
||||
rules: {
|
||||
username: [
|
||||
{required: true, message: '请输入用户名', trigger: 'blur'},
|
||||
{max: 50, message: '长度小于 50 个字符', trigger: 'blur'}
|
||||
{ required: true, message: '请输入用户名', trigger: 'blur' },
|
||||
{ max: 50, message: '长度小于 50 个字符', trigger: 'blur' }
|
||||
],
|
||||
nickname: [
|
||||
{required: true, message: '请输入用户姓名', trigger: 'blur'}
|
||||
{ required: true, message: '请输入用户姓名', trigger: 'blur' }
|
||||
],
|
||||
email: [
|
||||
{required: true, message: '请输入用户邮箱', trigger: 'blur'},
|
||||
{type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change']}
|
||||
{ required: true, message: '请输入用户邮箱', trigger: 'blur' },
|
||||
{ type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change'] }
|
||||
],
|
||||
password: [
|
||||
{min: 6, message: '长度大于 6 个字符', trigger: 'blur'}
|
||||
{ min: 6, message: '长度大于 6 个字符', trigger: 'blur' }
|
||||
],
|
||||
pin_code: [
|
||||
{min: 6, message: 'PIN码大于 6 个字符', trigger: 'blur'}
|
||||
{ min: 6, message: 'PIN码大于 6 个字符', trigger: 'blur' }
|
||||
],
|
||||
date1: [
|
||||
{type: 'date', required: true, message: '请选择日期', trigger: 'change'}
|
||||
{ type: 'date', required: true, message: '请选择日期', trigger: 'change' }
|
||||
],
|
||||
groups: [
|
||||
{type: 'array', required: true, message: '请至少选择一个组', trigger: 'change'}
|
||||
{ type: 'array', required: true, message: '请至少选择一个组', trigger: 'change' }
|
||||
],
|
||||
status: [
|
||||
{required: true}
|
||||
{ required: true }
|
||||
],
|
||||
},
|
||||
}
|
||||
@@ -473,6 +393,4 @@ export default {
|
||||
}
|
||||
</script>
|
||||
|
||||
<style scoped>
|
||||
|
||||
</style>
|
||||
<style scoped></style>
|
||||
|
||||
109
web/src/pages/user/LockManager.vue
Normal file
109
web/src/pages/user/LockManager.vue
Normal file
@@ -0,0 +1,109 @@
|
||||
<template>
|
||||
<div id="lock-manager">
|
||||
<el-card>
|
||||
<div slot="header">
|
||||
<el-button type="primary" @click="getLocks">刷新信息</el-button>
|
||||
</div>
|
||||
<el-table :data="locksInfo" style="width: 100%" border>
|
||||
<el-table-column type="index" label="序号" width="60"></el-table-column>
|
||||
<el-table-column prop="description" label="描述"></el-table-column>
|
||||
<el-table-column prop="username" label="用户名"></el-table-column>
|
||||
<el-table-column prop="ip" label="IP地址"></el-table-column>
|
||||
<el-table-column prop="state.locked" label="状态" width="100">
|
||||
<template slot-scope="scope">
|
||||
<el-tag :type="scope.row.state.locked ? 'danger' : 'success'">
|
||||
{{ scope.row.state.locked ? '已锁定' : '未锁定' }}
|
||||
</el-tag>
|
||||
</template>
|
||||
</el-table-column>
|
||||
<el-table-column prop="state.attempts" label="失败次数"></el-table-column>
|
||||
<el-table-column prop="state.lock_time" label="锁定截止时间">
|
||||
<template slot-scope="scope">
|
||||
{{ formatDate(scope.row.state.lock_time) }}
|
||||
</template>
|
||||
</el-table-column>
|
||||
<el-table-column prop="state.lastAttempt" label="最后尝试时间">
|
||||
<template slot-scope="scope">
|
||||
{{ formatDate(scope.row.state.lastAttempt) }}
|
||||
</template>
|
||||
</el-table-column>
|
||||
<el-table-column label="操作">
|
||||
<template slot-scope="scope">
|
||||
<div class="button">
|
||||
<el-button size="small" type="danger" @click="unlock(scope.row)">
|
||||
解锁
|
||||
</el-button>
|
||||
</div>
|
||||
</template>
|
||||
</el-table-column>
|
||||
</el-table>
|
||||
</el-card>
|
||||
</div>
|
||||
</template>
|
||||
|
||||
<script>
|
||||
import axios from 'axios';
|
||||
|
||||
export default {
|
||||
name: 'LockManager',
|
||||
data() {
|
||||
return {
|
||||
locksInfo: []
|
||||
};
|
||||
},
|
||||
methods: {
|
||||
getLocks() {
|
||||
axios.get('/locksinfo/list')
|
||||
.then(response => {
|
||||
this.locksInfo = response.data.data;
|
||||
})
|
||||
.catch(error => {
|
||||
console.error('Failed to get locks info:', error);
|
||||
this.$message.error('无法获取锁信息,请稍后再试。');
|
||||
});
|
||||
},
|
||||
unlock(lock) {
|
||||
const lockInfo = {
|
||||
state: { locked: false },
|
||||
username: lock.username,
|
||||
ip: lock.ip,
|
||||
description: lock.description
|
||||
};
|
||||
|
||||
axios.post('/locksinfo/unlok', lockInfo)
|
||||
.then(() => {
|
||||
this.$message.success('解锁成功!');
|
||||
this.getLocks();
|
||||
})
|
||||
.catch(error => {
|
||||
console.error('Failed to unlock:', error);
|
||||
this.$message.error('解锁失败,请稍后再试。');
|
||||
});
|
||||
},
|
||||
formatDate(dateString) {
|
||||
if (!dateString) return '';
|
||||
const date = new Date(dateString);
|
||||
return new Intl.DateTimeFormat('zh-CN', {
|
||||
year: 'numeric',
|
||||
month: '2-digit',
|
||||
day: '2-digit',
|
||||
hour: '2-digit',
|
||||
minute: '2-digit',
|
||||
second: '2-digit',
|
||||
hour12: false
|
||||
}).format(date);
|
||||
}
|
||||
},
|
||||
created() {
|
||||
this.getLocks();
|
||||
}
|
||||
};
|
||||
</script>
|
||||
|
||||
<style scoped>
|
||||
.button {
|
||||
display: flex;
|
||||
justify-content: center;
|
||||
align-items: center;
|
||||
}
|
||||
</style>
|
||||
@@ -86,6 +86,7 @@
|
||||
label="唯一MAC">
|
||||
<template slot-scope="scope">
|
||||
<el-tag v-if="scope.row.unique_mac" type="success">是</el-tag>
|
||||
<el-tag v-else type="info">否</el-tag>
|
||||
</template>
|
||||
</el-table-column>
|
||||
|
||||
@@ -99,7 +100,10 @@
|
||||
prop="remote_addr"
|
||||
label="远端地址">
|
||||
</el-table-column>
|
||||
|
||||
<el-table-column
|
||||
prop="transport_protocol"
|
||||
label="传输协议">
|
||||
</el-table-column>
|
||||
<el-table-column
|
||||
prop="tun_name"
|
||||
label="虚拟网卡">
|
||||
|
||||
@@ -1,35 +1,36 @@
|
||||
import Vue from "vue";
|
||||
import VueRouter from "vue-router";
|
||||
import {getToken} from "./token";
|
||||
import { getToken } from "./token";
|
||||
|
||||
Vue.use(VueRouter)
|
||||
|
||||
|
||||
const routes = [
|
||||
{path: '/login', component: () => import('@/pages/Login')},
|
||||
{ path: '/login', component: () => import('@/pages/Login') },
|
||||
{
|
||||
path: '/admin',
|
||||
component: () => import('@/layout/Layout'),
|
||||
redirect: '/admin/home',
|
||||
children: [
|
||||
{path: 'home', component: () => import('@/pages/Home')},
|
||||
{ path: 'home', component: () => import('@/pages/Home') },
|
||||
|
||||
{path: 'set/system', component: () => import('@/pages/set/System')},
|
||||
{path: 'set/soft', component: () => import('@/pages/set/Soft')},
|
||||
{path: 'set/other', component: () => import('@/pages/set/Other')},
|
||||
{path: 'set/audit', component: () => import('@/pages/set/Audit')},
|
||||
{ path: 'set/system', component: () => import('@/pages/set/System') },
|
||||
{ path: 'set/soft', component: () => import('@/pages/set/Soft') },
|
||||
{ path: 'set/other', component: () => import('@/pages/set/Other') },
|
||||
{ path: 'set/audit', component: () => import('@/pages/set/Audit') },
|
||||
|
||||
{path: 'user/list', component: () => import('@/pages/user/List')},
|
||||
{path: 'user/policy', component: () => import('@/pages/user/Policy')},
|
||||
{path: 'user/online', component: () => import('@/pages/user/Online')},
|
||||
{path: 'user/ip_map', component: () => import('@/pages/user/IpMap')},
|
||||
{ path: 'user/list', component: () => import('@/pages/user/List') },
|
||||
{ path: 'user/policy', component: () => import('@/pages/user/Policy') },
|
||||
{ path: 'user/online', component: () => import('@/pages/user/Online') },
|
||||
{ path: 'user/ip_map', component: () => import('@/pages/user/IpMap') },
|
||||
{ path: 'user/lockmanager', component: () => import('@/pages/user/LockManager') },
|
||||
|
||||
{path: 'group/list', component: () => import('@/pages/group/List')},
|
||||
{ path: 'group/list', component: () => import('@/pages/group/List') },
|
||||
|
||||
],
|
||||
},
|
||||
|
||||
{path: '*', redirect: '/admin/home'},
|
||||
{ path: '*', redirect: '/admin/home' },
|
||||
]
|
||||
|
||||
// 3. 创建 router 实例,然后传 `routes` 配置
|
||||
@@ -64,7 +65,7 @@ router.beforeEach((to, from, next) => {
|
||||
}
|
||||
|
||||
if (to.path === "/login") {
|
||||
next({path: '/admin/home'});
|
||||
next({ path: '/admin/home' });
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
@@ -7793,6 +7793,11 @@ sort-keys@^1.0.0:
|
||||
dependencies:
|
||||
is-plain-obj "^1.0.0"
|
||||
|
||||
sortablejs@1.10.2:
|
||||
version "1.10.2"
|
||||
resolved "https://registry.yarnpkg.com/sortablejs/-/sortablejs-1.10.2.tgz#6e40364d913f98b85a14f6678f92b5c1221f5290"
|
||||
integrity sha512-YkPGufevysvfwn5rfdlGyrGjt7/CRHwvRPogD/lC+TnvcN29jDpCifKP+rBqf+LRldfXSTh+0CGLcSg0VIxq3A==
|
||||
|
||||
source-list-map@^2.0.0:
|
||||
version "2.0.1"
|
||||
resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-2.0.1.tgz#3993bd873bfc48479cca9ea3a547835c7c154b34"
|
||||
@@ -8775,6 +8780,13 @@ vue@^2.6.11:
|
||||
"@vue/compiler-sfc" "2.7.16"
|
||||
csstype "^3.1.0"
|
||||
|
||||
vuedraggable@^2.24.3:
|
||||
version "2.24.3"
|
||||
resolved "https://registry.yarnpkg.com/vuedraggable/-/vuedraggable-2.24.3.tgz#43c93849b746a24ce503e123d5b259c701ba0d19"
|
||||
integrity sha512-6/HDXi92GzB+Hcs9fC6PAAozK1RLt1ewPTLjK0anTYguXLAeySDmcnqE8IC0xa7shvSzRjQXq3/+dsZ7ETGF3g==
|
||||
dependencies:
|
||||
sortablejs "1.10.2"
|
||||
|
||||
watchpack-chokidar2@^2.0.1:
|
||||
version "2.0.1"
|
||||
resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.1.tgz#38500072ee6ece66f3769936950ea1771be1c957"
|
||||
|
||||
Reference in New Issue
Block a user