实现Ticket登录

Author: goedgecloud

internal/rpc/rpc_client.go

@@ -385,6 +385,10 @@ func (this *RPCClient) LoginSessionRPC() pb.LoginSessionServiceClient {
 	return pb.NewLoginSessionServiceClient(this.pickConn())
 }
 
+func (this *RPCClient) LoginTicketRPC() pb.LoginTicketServiceClient {
+	return pb.NewLoginTicketServiceClient(this.pickConn())
+}
+
 func (this *RPCClient) NodeTaskRPC() pb.NodeTaskServiceClient {
 	return pb.NewNodeTaskServiceClient(this.pickConn())
 }

internal/web/actions/default/login/init.go

@@ -9,6 +9,7 @@ func init() {
 		server.
 			Prefix("/login").
 			GetPost("/validate", new(ValidateAction)).
+			Get("/ticket", new(TicketAction)).
 			EndAll()
 	})
 }

internal/web/actions/default/login/ticket.go

@@ -0,0 +1,68 @@
+// Copyright 2024 GoEdge CDN [email protected]. All rights reserved. Official site: https://goedge.cn .
+
+package login
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/rands"
+)
+
+type TicketAction struct {
+	actionutils.ParentAction
+}
+
+func (this *TicketAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *TicketAction) RunGet(params struct {
+	Ticket   string
+	Redirect string
+	Auth     *helpers.UserShouldAuth
+}) {
+	this.Data["redirect"] = params.Redirect
+	var errorMsg string
+
+	defer func() {
+		this.Data["errorMsg"] = errorMsg
+		this.Show()
+	}()
+
+	if len(params.Ticket) == 0 {
+		errorMsg = "invalid ticket: wrong format"
+		return
+	}
+
+	// TODO 对于错误尝试太多的IP进行处罚
+
+	resp, err := this.RPC().LoginTicketRPC().FindLoginTicketWithValue(this.AdminContext(), &pb.FindLoginTicketWithValueRequest{Value: params.Ticket})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	if resp.LoginTicket == nil {
+		errorMsg = "invalid ticket: not found"
+		return
+	}
+
+	if resp.LoginTicket.AdminId <= 0 {
+		errorMsg = "invalid ticket: invalid admin id"
+		return
+	}
+
+	var currentIP = loginutils.RemoteIP(&this.ActionObject)
+	if len(resp.LoginTicket.Ip) > 0 && resp.LoginTicket.Ip != currentIP {
+		errorMsg = "invalid ticket: wrong client ip"
+		return
+	}
+
+	var localSid = rands.HexString(32)
+	this.Data["localSid"] = localSid
+	this.Data["ip"] = currentIP
+
+	params.Auth.StoreAdmin(resp.LoginTicket.AdminId, false, localSid)
+}

web/views/@default/login/ticket.html

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html lang="zh">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0">
+    {$TEA.VUE}
+    {$TEA.SEMANTIC}
+</head>
+<body>
+
+<div class="ui message warning" v-if="errorMsg.length > 0">ERROR: {{errorMsg}}</div>
+
+</body>
+</html>

web/views/@default/login/ticket.js

@@ -0,0 +1,13 @@
+Tea.context(function () {
+	// store information to local
+	localStorage.setItem("sid", this.localSid)
+	localStorage.setItem("ip", this.ip)
+
+	if (this.errorMsg.length == 0) {
+		if (this.redirect.length > 0) {
+			window.location = this.redirect
+		} else {
+			window.location = "/dashboard"
+		}
+	}
+})