세션 최적화
This commit is contained in:
@ -201,7 +201,7 @@ func (caller apiCaller) blockAPI(w http.ResponseWriter, r *http.Request) error {
|
|||||||
|
|
||||||
bi.Accid = accid
|
bi.Accid = accid
|
||||||
caller.mg.bl.add(&bi)
|
caller.mg.bl.add(&bi)
|
||||||
mg.sessionProvider.RevokeAll(accid)
|
mg.sessionProvider.Revoke(accid)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else if r.Method == "DELETE" {
|
} else if r.Method == "DELETE" {
|
||||||
|
|||||||
@ -681,7 +681,7 @@ func (sh *serviceDescription) authorize_dev(w http.ResponseWriter, r *http.Reque
|
|||||||
Accid: authinfo.Account,
|
Accid: authinfo.Account,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
sh.sessionProvider.RevokeAll(authinfo.Account)
|
sh.sessionProvider.Revoke(authinfo.Account)
|
||||||
}
|
}
|
||||||
|
|
||||||
return
|
return
|
||||||
@ -706,7 +706,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
|||||||
queryvals := r.URL.Query()
|
queryvals := r.URL.Query()
|
||||||
reqauthtype := queryvals.Get("type")
|
reqauthtype := queryvals.Get("type")
|
||||||
uid := queryvals.Get("id")
|
uid := queryvals.Get("id")
|
||||||
sk := queryvals.Get("sk")
|
|
||||||
|
|
||||||
checksum := r.Header.Get("AS-X-CHECKSUM")
|
checksum := r.Header.Get("AS-X-CHECKSUM")
|
||||||
if len(checksum) > 0 || sh.mustUseChecksum {
|
if len(checksum) > 0 || sh.mustUseChecksum {
|
||||||
@ -714,7 +713,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
|||||||
cookie := r.Header.Get("Cookie")
|
cookie := r.Header.Get("Cookie")
|
||||||
|
|
||||||
h := md5.New()
|
h := md5.New()
|
||||||
h.Write([]byte(cookie + nonce + sk))
|
h.Write([]byte(cookie + nonce))
|
||||||
|
|
||||||
if checksum != hex.EncodeToString(h.Sum(nil)) {
|
if checksum != hex.EncodeToString(h.Sum(nil)) {
|
||||||
w.WriteHeader(http.StatusBadRequest)
|
w.WriteHeader(http.StatusBadRequest)
|
||||||
@ -722,26 +721,6 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(sk) > 0 {
|
|
||||||
success, err := sh.sessionProvider.Touch(sk)
|
|
||||||
if err != nil {
|
|
||||||
logger.Error("authorize failed. sessionProvider.Touch err:", err)
|
|
||||||
w.WriteHeader(http.StatusInternalServerError)
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
// !success일 때 빈 body를 보내면 클라이언트는 로그아웃 된다.
|
|
||||||
if success {
|
|
||||||
json.NewEncoder(w).Encode(map[string]any{
|
|
||||||
"sk": sk,
|
|
||||||
"expirein": sh.sessionTTL.Seconds(),
|
|
||||||
})
|
|
||||||
} else {
|
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
|
||||||
}
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
var email string
|
var email string
|
||||||
if !*noauth && (*authtype == "on" || *authtype == "both") {
|
if !*noauth && (*authtype == "on" || *authtype == "both") {
|
||||||
if len(reqauthtype) > 0 {
|
if len(reqauthtype) > 0 {
|
||||||
@ -833,7 +812,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
|||||||
alias = email
|
alias = email
|
||||||
}
|
}
|
||||||
|
|
||||||
sk, err = sh.sessionProvider.New(&session.Authorization{
|
sk, err := sh.sessionProvider.New(&session.Authorization{
|
||||||
Account: accid,
|
Account: accid,
|
||||||
Platform: reqauthtype,
|
Platform: reqauthtype,
|
||||||
Uid: uid,
|
Uid: uid,
|
||||||
|
|||||||
Reference in New Issue
Block a user