fix problems
This commit is contained in:
parent
8537d9c3a0
commit
5392c13086
|
|
@ -100,6 +100,11 @@ func stop(c *gin.Context) {
|
||||||
name := c.Param("name")
|
name := c.Param("name")
|
||||||
if name != "" {
|
if name != "" {
|
||||||
serverConf := model.GetServerConfig(name)
|
serverConf := model.GetServerConfig(name)
|
||||||
|
if serverConf == nil {
|
||||||
|
c.Writer.WriteHeader(http.StatusNotFound)
|
||||||
|
c.Writer.Write(server.NewErrorResult(errors.New("server not found")))
|
||||||
|
return
|
||||||
|
}
|
||||||
server.StopServer(name, serverConf.Port)
|
server.StopServer(name, serverConf.Port)
|
||||||
c.Writer.WriteHeader(http.StatusOK)
|
c.Writer.WriteHeader(http.StatusOK)
|
||||||
data := "stopped"
|
data := "stopped"
|
||||||
|
|
@ -113,6 +118,11 @@ func start(c *gin.Context) {
|
||||||
name := c.Param("name")
|
name := c.Param("name")
|
||||||
if name != "" {
|
if name != "" {
|
||||||
serverConf := model.GetServerConfig(name)
|
serverConf := model.GetServerConfig(name)
|
||||||
|
if serverConf == nil {
|
||||||
|
c.Writer.WriteHeader(http.StatusNotFound)
|
||||||
|
c.Writer.Write(server.NewErrorResult(errors.New("server not found")))
|
||||||
|
return
|
||||||
|
}
|
||||||
server.StartServer(name, serverConf.Port)
|
server.StartServer(name, serverConf.Port)
|
||||||
c.Writer.WriteHeader(http.StatusOK)
|
c.Writer.WriteHeader(http.StatusOK)
|
||||||
data := "started"
|
data := "started"
|
||||||
|
|
|
||||||
|
|
@ -44,7 +44,12 @@ func login(c *gin.Context) {
|
||||||
// 验证是否为管理员账号
|
// 验证是否为管理员账号
|
||||||
if loginModel.Username == "admin" {
|
if loginModel.Username == "admin" {
|
||||||
// 解密密码并验证与配置文件中密码是否匹配
|
// 解密密码并验证与配置文件中密码是否匹配
|
||||||
decryptText, _ := Decrypt(loginModel.Encrypt)
|
decryptText, err := Decrypt(loginModel.Encrypt)
|
||||||
|
if err != nil {
|
||||||
|
c.Writer.WriteHeader(http.StatusUnauthorized)
|
||||||
|
c.Writer.Write(server.NewErrorResult(err))
|
||||||
|
return
|
||||||
|
}
|
||||||
if decryptText == model.GetConfig().Admin.Password {
|
if decryptText == model.GetConfig().Admin.Password {
|
||||||
// 生成JWT令牌
|
// 生成JWT令牌
|
||||||
token, err := GenerateToken(loginModel.Username)
|
token, err := GenerateToken(loginModel.Username)
|
||||||
|
|
@ -55,7 +60,7 @@ func login(c *gin.Context) {
|
||||||
}
|
}
|
||||||
// 设置认证Cookie并返回成功响应
|
// 设置认证Cookie并返回成功响应
|
||||||
cookie := &http.Cookie{
|
cookie := &http.Cookie{
|
||||||
Name: "token",
|
Name: "auth_token",
|
||||||
Value: token,
|
Value: token,
|
||||||
Path: "/",
|
Path: "/",
|
||||||
SameSite: http.SameSiteStrictMode,
|
SameSite: http.SameSiteStrictMode,
|
||||||
|
|
@ -103,6 +108,9 @@ func Decrypt(ciphertext string) (string, error) {
|
||||||
plaintext = append(plaintext, dd[0]^0xFF)
|
plaintext = append(plaintext, dd[0]^0xFF)
|
||||||
}
|
}
|
||||||
//去除末尾13个字节
|
//去除末尾13个字节
|
||||||
|
if len(plaintext) <= 13 {
|
||||||
|
return "", errors.New("ciphertext too short")
|
||||||
|
}
|
||||||
plaintext = plaintext[1 : len(plaintext)-13]
|
plaintext = plaintext[1 : len(plaintext)-13]
|
||||||
return string(plaintext), nil
|
return string(plaintext), nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
6
go.sum
6
go.sum
|
|
@ -1,13 +1,7 @@
|
||||||
git.kingecg.top/kingecg/cmux v1.0.1 h1:Opon5dTuXqMij8SmPZ8fXH7X60L0VfTYvcGy527dYK8=
|
git.kingecg.top/kingecg/cmux v1.0.1 h1:Opon5dTuXqMij8SmPZ8fXH7X60L0VfTYvcGy527dYK8=
|
||||||
git.kingecg.top/kingecg/cmux v1.0.1/go.mod h1:a+F13YErFNop1u5s445sxaJkDqnZ8Vy7aIvWncbn+tM=
|
git.kingecg.top/kingecg/cmux v1.0.1/go.mod h1:a+F13YErFNop1u5s445sxaJkDqnZ8Vy7aIvWncbn+tM=
|
||||||
git.kingecg.top/kingecg/godaemon v1.0.4 h1:YBVdrgWoSShFAkltD89iLuylvTaq1/pbo/LJ7ezIB9w=
|
|
||||||
git.kingecg.top/kingecg/godaemon v1.0.4/go.mod h1:IinFiox6YMmObc0Tw9B+XMRamZKTP0TQ5ZenhPAu+Sk=
|
|
||||||
git.kingecg.top/kingecg/godaemon v1.0.6 h1:pQ8S8U+zJHG7N1CM5l1fsPKHOJj94GuoK1E/iQqX4P0=
|
git.kingecg.top/kingecg/godaemon v1.0.6 h1:pQ8S8U+zJHG7N1CM5l1fsPKHOJj94GuoK1E/iQqX4P0=
|
||||||
git.kingecg.top/kingecg/godaemon v1.0.6/go.mod h1:/XanR1ZQVEEuaA3/jB2W49mrczvCwXGh27HcNBR/xT4=
|
git.kingecg.top/kingecg/godaemon v1.0.6/go.mod h1:/XanR1ZQVEEuaA3/jB2W49mrczvCwXGh27HcNBR/xT4=
|
||||||
git.kingecg.top/kingecg/gologger v1.0.10 h1:o6CNJ3TM9wOnKsV0hNasSSmZXEOMl5mBXZDnKJnC0a0=
|
|
||||||
git.kingecg.top/kingecg/gologger v1.0.10/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
|
|
||||||
git.kingecg.top/kingecg/gologger v1.0.11 h1:/GmDOvHJyaBRFXjsk2DqqawwraCBVrOpNRBHf1B6Do0=
|
|
||||||
git.kingecg.top/kingecg/gologger v1.0.11/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
|
|
||||||
git.kingecg.top/kingecg/gologger v1.0.12 h1:SRmpJY1v6joia6AEe9AIInusRiSwve7Rt1tZQMPrBqg=
|
git.kingecg.top/kingecg/gologger v1.0.12 h1:SRmpJY1v6joia6AEe9AIInusRiSwve7Rt1tZQMPrBqg=
|
||||||
git.kingecg.top/kingecg/gologger v1.0.12/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
|
git.kingecg.top/kingecg/gologger v1.0.12/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
|
||||||
github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
|
github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
|
||||||
|
|
|
||||||
10
gohttp.go
10
gohttp.go
|
|
@ -98,11 +98,15 @@ func LoadConfig() {
|
||||||
cpath := utils.NormalizePath("./config.json")
|
cpath := utils.NormalizePath("./config.json")
|
||||||
|
|
||||||
// 从指定路径读取配置文件的内容
|
// 从指定路径读取配置文件的内容
|
||||||
// 忽略可能的错误,实际应用中应处理错误
|
content, err := os.ReadFile(cpath)
|
||||||
content, _ := os.ReadFile(cpath)
|
if err != nil {
|
||||||
|
panic("failed to read config file: " + err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
// 将读取的 JSON 内容解析到 model.Config 结构体中
|
// 将读取的 JSON 内容解析到 model.Config 结构体中
|
||||||
json.Unmarshal(content, &model.Config)
|
if err := json.Unmarshal(content, &model.Config); err != nil {
|
||||||
|
panic("failed to parse config file: " + err.Error())
|
||||||
|
}
|
||||||
|
|
||||||
// 规范化配置中日志追加器的文件路径
|
// 规范化配置中日志追加器的文件路径
|
||||||
// 遍历配置中的所有日志追加器
|
// 遍历配置中的所有日志追加器
|
||||||
|
|
|
||||||
|
|
@ -47,8 +47,16 @@ func (f FileHandler) Open(name string) (http.File, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Resolve symlinks and clean path to prevent path traversal
|
// Resolve symlinks and clean path to prevent path traversal
|
||||||
realRoot, _ := filepath.EvalSymlinks(f.Root)
|
realRoot, err := filepath.EvalSymlinks(f.Root)
|
||||||
realRPath, _ := filepath.EvalSymlinks(rPath)
|
if err != nil {
|
||||||
|
l.Error("failed to resolve root symlinks:", err)
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
realRPath, err := filepath.EvalSymlinks(rPath)
|
||||||
|
if err != nil {
|
||||||
|
l.Error("failed to resolve path symlinks:", err)
|
||||||
|
return nil, errors.New("not permitted")
|
||||||
|
}
|
||||||
|
|
||||||
// Check if the resolved path is within root
|
// Check if the resolved path is within root
|
||||||
if realRPath != realRoot && !strings.HasPrefix(realRPath, realRoot+string(filepath.Separator)) {
|
if realRPath != realRoot && !strings.HasPrefix(realRPath, realRoot+string(filepath.Separator)) {
|
||||||
|
|
|
||||||
|
|
@ -41,6 +41,11 @@ func (p *ProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Bounds check to prevent out of bounds access
|
||||||
|
if proxyIndex < 0 || int(proxyIndex) >= len(p.Upstreams) {
|
||||||
|
proxyIndex = 0
|
||||||
|
}
|
||||||
|
|
||||||
// 如果选中的上游服务器不健康,则进行重试
|
// 如果选中的上游服务器不健康,则进行重试
|
||||||
maxRetries := 3
|
maxRetries := 3
|
||||||
for i := 0; i < maxRetries; i++ {
|
for i := 0; i < maxRetries; i++ {
|
||||||
|
|
|
||||||
|
|
@ -131,7 +131,7 @@ func JwtAuth(w http.ResponseWriter, r *http.Request, next http.Handler) {
|
||||||
return []byte(jwtConfig.Secret), nil
|
return []byte(jwtConfig.Secret), nil
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
l.Error("Failed to parse JWT: %v", err)
|
l.Error(fmt.Sprintf("Failed to parse JWT: %v", err))
|
||||||
http.Error(w, "Unauthorized.", http.StatusUnauthorized)
|
http.Error(w, "Unauthorized.", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue