ayo/maingate
8
1
Fork 3
Code Issues Pull Requests Projects Releases Wiki Activity

세션 최적화

Browse Source
This commit is contained in:
mountain
2024-08-20 22:53:58 +09:00
parent cc6115f30c
commit 7c41346f51
2 changed files with 4 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
core/service.go
View File

@ -681,7 +681,7 @@ func (sh *serviceDescription) authorize_dev(w http.ResponseWriter, r *http.Reque
Accid: authinfo.Account,
})
}
sh.sessionProvider.RevokeAll(authinfo.Account)
sh.sessionProvider.Revoke(authinfo.Account)
}
return
@ -706,7 +706,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
queryvals := r.URL.Query()
reqauthtype := queryvals.Get("type")
uid := queryvals.Get("id")
sk := queryvals.Get("sk")
checksum := r.Header.Get("AS-X-CHECKSUM")
if len(checksum) > 0 || sh.mustUseChecksum {
@ -714,7 +713,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
cookie := r.Header.Get("Cookie")
h := md5.New()
h.Write([]byte(cookie + nonce + sk))
h.Write([]byte(cookie + nonce))
if checksum != hex.EncodeToString(h.Sum(nil)) {
w.WriteHeader(http.StatusBadRequest)
@ -722,26 +721,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
}
}
if len(sk) > 0 {
success, err := sh.sessionProvider.Touch(sk)
if err != nil {
logger.Error("authorize failed. sessionProvider.Touch err:", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
// !success일 때 빈 body를 보내면 클라이언트는 로그아웃 된다.
if success {
json.NewEncoder(w).Encode(map[string]any{
"sk": sk,
"expirein": sh.sessionTTL.Seconds(),
})
} else {
w.WriteHeader(http.StatusUnauthorized)
}
return
}
var email string
if !*noauth && (*authtype == "on" || *authtype == "both") {
if len(reqauthtype) > 0 {
@ -833,7 +812,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
alias = email
}
sk, err = sh.sessionProvider.New(&session.Authorization{
sk, err := sh.sessionProvider.New(&session.Authorization{
Account: accid,
Platform: reqauthtype,
Uid: uid,