중복 로그인 방지
This commit is contained in:
@ -74,6 +74,7 @@ func SessionTTL() time.Duration {
|
||||
|
||||
type maingateConfig struct {
|
||||
session.SessionConfig `json:",inline"`
|
||||
MustUseChecksum bool `json:"maingate_must_checksum"`
|
||||
Mongo string `json:"maingate_mongodb_url"`
|
||||
Autologin_ttl int64 `json:"autologin_ttl"`
|
||||
MaximumNumLinkAccount int64 `json:"maximum_num_link_account"`
|
||||
@ -407,6 +408,7 @@ func (mg *Maingate) RegisterHandlers(ctx context.Context, serveMux *http.ServeMu
|
||||
if len(allServices) > 0 {
|
||||
only := allServices[0]
|
||||
only.prepare(mg)
|
||||
only.mustUseChecksum = config.MustUseChecksum
|
||||
|
||||
atomic.StorePointer(&mg.serviceptr, unsafe.Pointer(only))
|
||||
} else {
|
||||
|
||||
@ -2,6 +2,8 @@ package core
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/md5"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
@ -113,6 +115,7 @@ type serviceDescription struct {
|
||||
divisionsSerialized []byte
|
||||
serviceSerialized []byte
|
||||
divisionsSplits map[string][]byte
|
||||
mustUseChecksum bool
|
||||
}
|
||||
|
||||
func (sh *serviceDescription) isValidToken(apiToken primitive.ObjectID) bool {
|
||||
@ -613,7 +616,23 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
||||
queryvals := r.URL.Query()
|
||||
authtype := queryvals.Get("type")
|
||||
uid := queryvals.Get("id")
|
||||
if sk := queryvals.Get("sk"); len(sk) > 0 {
|
||||
sk := queryvals.Get("sk")
|
||||
|
||||
checksum := r.Header.Get("AS-X-CHECKSUM")
|
||||
if len(checksum) > 0 || sh.mustUseChecksum {
|
||||
nonce := queryvals.Get("nonce")
|
||||
cookie := r.Header.Get("Cookie")
|
||||
|
||||
h := md5.New()
|
||||
h.Write([]byte(cookie + nonce + sk))
|
||||
|
||||
if checksum != hex.EncodeToString(h.Sum(nil)) {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if len(sk) > 0 {
|
||||
success, err := sh.sessionProvider.Touch(sk)
|
||||
if err != nil {
|
||||
logger.Error("authorize failed. sessionProvider.Touch err:", err)
|
||||
@ -723,7 +742,7 @@ func (sh *serviceDescription) authorize(w http.ResponseWriter, r *http.Request)
|
||||
return
|
||||
}
|
||||
|
||||
sk, err := sh.sessionProvider.New(&session.Authorization{
|
||||
sk, err = sh.sessionProvider.New(&session.Authorization{
|
||||
Account: accid,
|
||||
Platform: authtype,
|
||||
Uid: uid,
|
||||
|
||||
Reference in New Issue
Block a user