♻️ 重构本地数据库-keyConfig模块
This commit is contained in:
chaos-zhu
parent
90ee38ff44
commit
cdd741b7fd
@ -1,14 +1,14 @@
|
|||||||
const jwt = require('jsonwebtoken')
|
const jwt = require('jsonwebtoken')
|
||||||
const axios = require('axios')
|
const axios = require('axios')
|
||||||
const { asyncSendNotice } = require('../utils/notify')
|
const { sendNoticeAsync } = require('../utils/notify')
|
||||||
const { readKey, writeKey } = require('../utils/storage')
|
|
||||||
const { RSADecryptAsync, AESEncryptAsync, SHA1Encrypt } = require('../utils/encrypt')
|
const { RSADecryptAsync, AESEncryptAsync, SHA1Encrypt } = require('../utils/encrypt')
|
||||||
const { getNetIPInfo } = require('../utils/tools')
|
const { getNetIPInfo } = require('../utils/tools')
|
||||||
const { LogDB } = require('../utils/db-class')
|
const { KeyDB, LogDB } = require('../utils/db-class')
|
||||||
|
const keyDB = new KeyDB().getInstance()
|
||||||
const logDB = new LogDB().getInstance()
|
const logDB = new LogDB().getInstance()
|
||||||
|
|
||||||
const getpublicKey = async ({ res }) => {
|
const getpublicKey = async ({ res }) => {
|
||||||
let { publicKey: data } = await readKey()
|
let { publicKey: data } = await keyDB.findOneAsync({})
|
||||||
if (!data) return res.fail({ msg: 'publicKey not found, Try to restart the server', status: 500 })
|
if (!data) return res.fail({ msg: 'publicKey not found, Try to restart the server', status: 500 })
|
||||||
res.success({ data })
|
res.success({ data })
|
||||||
}
|
}
|
||||||
@ -30,7 +30,7 @@ const login = async ({ res, request }) => {
|
|||||||
if (loginErrCount >= allowErrCount) {
|
if (loginErrCount >= allowErrCount) {
|
||||||
const { ip, country, city } = await getNetIPInfo(clientIp)
|
const { ip, country, city } = await getNetIPInfo(clientIp)
|
||||||
// 异步发送通知&禁止登录
|
// 异步发送通知&禁止登录
|
||||||
asyncSendNotice('err_login', '登录错误提醒', `错误登录次数: ${ loginErrTotal }\n地点:${ country + city }\nIP: ${ ip }`)
|
sendNoticeAsync('err_login', '登录错误提醒', `错误登录次数: ${ loginErrTotal }\n地点:${ country + city }\nIP: ${ ip }`)
|
||||||
forbidLogin = true
|
forbidLogin = true
|
||||||
loginErrCount = 0
|
loginErrCount = 0
|
||||||
|
|
||||||
@ -56,7 +56,7 @@ const login = async ({ res, request }) => {
|
|||||||
// console.log('ciphertext', ciphertext)
|
// console.log('ciphertext', ciphertext)
|
||||||
let loginPwd = await RSADecryptAsync(ciphertext)
|
let loginPwd = await RSADecryptAsync(ciphertext)
|
||||||
// console.log('Decrypt解密password:', loginPwd)
|
// console.log('Decrypt解密password:', loginPwd)
|
||||||
let { user, pwd } = await readKey()
|
let { user, pwd } = await keyDB.findOneAsync({})
|
||||||
if (loginName === user && loginPwd === 'admin' && pwd === 'admin') {
|
if (loginName === user && loginPwd === 'admin' && pwd === 'admin') {
|
||||||
const token = await beforeLoginHandler(clientIp, jwtExpires)
|
const token = await beforeLoginHandler(clientIp, jwtExpires)
|
||||||
return res.success({ data: { token, jwtExpires }, msg: '登录成功,请及时修改默认用户名和密码' })
|
return res.success({ data: { token, jwtExpires }, msg: '登录成功,请及时修改默认用户名和密码' })
|
||||||
@ -76,7 +76,7 @@ const beforeLoginHandler = async (clientIp, jwtExpires) => {
|
|||||||
|
|
||||||
// consola.success('登录成功, 准备生成token', new Date())
|
// consola.success('登录成功, 准备生成token', new Date())
|
||||||
// 生产token
|
// 生产token
|
||||||
let { commonKey } = await readKey()
|
let { commonKey } = await keyDB.findOneAsync({})
|
||||||
let token = jwt.sign({ date: Date.now() }, commonKey, { expiresIn: jwtExpires }) // 生成token
|
let token = jwt.sign({ date: Date.now() }, commonKey, { expiresIn: jwtExpires }) // 生成token
|
||||||
token = await AESEncryptAsync(token) // 对称加密token后再传输给前端
|
token = await AESEncryptAsync(token) // 对称加密token后再传输给前端
|
||||||
|
|
||||||
@ -86,7 +86,7 @@ const beforeLoginHandler = async (clientIp, jwtExpires) => {
|
|||||||
consola.info('登录成功:', new Date(), { ip, country, city })
|
consola.info('登录成功:', new Date(), { ip, country, city })
|
||||||
|
|
||||||
// 邮件登录通知
|
// 邮件登录通知
|
||||||
asyncSendNotice('login', '登录提醒', `地点:${ country + city }\nIP: ${ ip }`)
|
sendNoticeAsync('login', '登录提醒', `地点:${ country + city }\nIP: ${ ip }`)
|
||||||
|
|
||||||
await logDB.insertAsync({ ip, country, city, date: Date.now(), type: 'login' })
|
await logDB.insertAsync({ ip, country, city, date: Date.now(), type: 'login' })
|
||||||
return token
|
return token
|
||||||
@ -96,17 +96,15 @@ const updatePwd = async ({ res, request }) => {
|
|||||||
let { body: { oldLoginName, oldPwd, newLoginName, newPwd } } = request
|
let { body: { oldLoginName, oldPwd, newLoginName, newPwd } } = request
|
||||||
let rsaOldPwd = await RSADecryptAsync(oldPwd)
|
let rsaOldPwd = await RSADecryptAsync(oldPwd)
|
||||||
oldPwd = rsaOldPwd === 'admin' ? 'admin' : SHA1Encrypt(rsaOldPwd)
|
oldPwd = rsaOldPwd === 'admin' ? 'admin' : SHA1Encrypt(rsaOldPwd)
|
||||||
let keyObj = await readKey()
|
let keyObj = await keyDB.findOneAsync({})
|
||||||
let { user, pwd } = keyObj
|
let { user, pwd } = keyObj
|
||||||
if (oldLoginName !== user || oldPwd !== pwd) return res.fail({ data: false, msg: '原用户名或密码校验失败' })
|
if (oldLoginName !== user || oldPwd !== pwd) return res.fail({ data: false, msg: '原用户名或密码校验失败' })
|
||||||
// 旧密钥校验通过,加密保存新密码
|
// 旧密钥校验通过,加密保存新密码
|
||||||
newPwd = await RSADecryptAsync(newPwd) === 'admin' ? 'admin' : SHA1Encrypt(await RSADecryptAsync(newPwd))
|
newPwd = await RSADecryptAsync(newPwd) === 'admin' ? 'admin' : SHA1Encrypt(await RSADecryptAsync(newPwd))
|
||||||
keyObj.user = newLoginName
|
keyObj.user = newLoginName
|
||||||
keyObj.pwd = newPwd
|
keyObj.pwd = newPwd
|
||||||
await writeKey(keyObj)
|
await keyDB.updateAsync({}, keyObj)
|
||||||
|
sendNoticeAsync('updatePwd', '用户密码修改提醒', `原用户名:${ user }\n更新用户名: ${ newLoginName }`)
|
||||||
asyncSendNotice('updatePwd', '用户密码修改提醒', `原用户名:${ user }\n更新用户名: ${ newLoginName }`)
|
|
||||||
|
|
||||||
res.success({ data: true, msg: 'success' })
|
res.success({ data: true, msg: 'success' })
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -1,29 +1,28 @@
|
|||||||
const { writeKey } = require('./utils/storage')
|
const NodeRSA = require('node-rsa')
|
||||||
|
const { randomStr } = require('./utils/tools')
|
||||||
|
const { AESEncryptAsync } = require('./utils/encrypt')
|
||||||
const { KeyDB, GroupDB, NotifyDB, NotifyConfigDB } = require('./utils/db-class')
|
const { KeyDB, GroupDB, NotifyDB, NotifyConfigDB } = require('./utils/db-class')
|
||||||
|
|
||||||
function initKeyDB() {
|
async function initKeyDB() {
|
||||||
return new Promise((resolve, reject) => {
|
const keyDB = new KeyDB().getInstance()
|
||||||
const keyDB = new KeyDB().getInstance()
|
let count = await keyDB.countAsync({})
|
||||||
keyDB.count({}, async (err, count) => {
|
if (count !== 0) return consola.info('公私钥已存在[重新生成会导致已保存的ssh密钥信息失效]')
|
||||||
if (err) {
|
let newConfig = {
|
||||||
consola.log('初始化keyDB错误:', err)
|
user: 'admin',
|
||||||
reject(err)
|
pwd: 'admin',
|
||||||
} else {
|
commonKey: randomStr(16),
|
||||||
if (count === 0) {
|
publicKey: '',
|
||||||
consola.log('初始化keyDB✔')
|
privateKey: ''
|
||||||
const defaultData = {
|
}
|
||||||
user: 'admin',
|
await keyDB.insertAsync(newConfig)
|
||||||
pwd: 'admin',
|
let key = new NodeRSA({ b: 1024 })
|
||||||
commonKey: '',
|
key.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' })
|
||||||
publicKey: '',
|
let privateKey = key.exportKey('pkcs1-private-pem')
|
||||||
privateKey: ''
|
let publicKey = key.exportKey('pkcs8-public-pem')
|
||||||
}
|
newConfig.privateKey = await AESEncryptAsync(privateKey, newConfig.commonKey) // 加密私钥
|
||||||
await writeKey(defaultData)
|
newConfig.publicKey = publicKey // 公开公钥
|
||||||
}
|
await keyDB.updateAsync({}, { $set: newConfig }, { upsert: true })
|
||||||
}
|
consola.info('Task: 已生成新的非对称加密公私钥')
|
||||||
resolve()
|
|
||||||
})
|
|
||||||
})
|
|
||||||
}
|
}
|
||||||
|
|
||||||
async function initGroupDB() {
|
async function initGroupDB() {
|
||||||
|
|||||||
@ -1,33 +0,0 @@
|
|||||||
const NodeRSA = require('node-rsa')
|
|
||||||
const { readKey, writeKey } = require('./utils/storage')
|
|
||||||
const { randomStr } = require('./utils/tools')
|
|
||||||
const { AESEncryptAsync } = require('./utils/encrypt')
|
|
||||||
|
|
||||||
// 初始化公私钥, 供登录、保存ssh密钥/密码等加解密
|
|
||||||
async function initRsa() {
|
|
||||||
let keyObj = await readKey()
|
|
||||||
if (keyObj.privateKey && keyObj.publicKey) return consola.info('公私钥已存在[重新生成会导致已保存的ssh密钥信息失效]')
|
|
||||||
let key = new NodeRSA({ b: 1024 })
|
|
||||||
key.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' })
|
|
||||||
let privateKey = key.exportKey('pkcs1-private-pem')
|
|
||||||
let publicKey = key.exportKey('pkcs8-public-pem')
|
|
||||||
keyObj.privateKey = await AESEncryptAsync(privateKey) // 加密私钥
|
|
||||||
keyObj.publicKey = publicKey // 公开公钥
|
|
||||||
await writeKey(keyObj)
|
|
||||||
consola.info('Task: 已生成新的非对称加密公私钥')
|
|
||||||
}
|
|
||||||
|
|
||||||
// 随机的commonKey secret
|
|
||||||
async function randomJWTSecret() {
|
|
||||||
let keyObj = await readKey()
|
|
||||||
if (keyObj?.commonKey) return consola.info('commonKey密钥已存在')
|
|
||||||
|
|
||||||
keyObj.commonKey = randomStr(16)
|
|
||||||
await writeKey(keyObj)
|
|
||||||
consola.info('Task: 已生成新的随机commonKey密钥')
|
|
||||||
}
|
|
||||||
|
|
||||||
module.exports = async () => {
|
|
||||||
await randomJWTSecret() // 全局密钥
|
|
||||||
await initRsa() // 全局公钥密钥
|
|
||||||
}
|
|
||||||
@ -2,12 +2,10 @@ const consola = require('consola')
|
|||||||
global.consola = consola
|
global.consola = consola
|
||||||
const { httpServer } = require('./server')
|
const { httpServer } = require('./server')
|
||||||
const initDB = require('./db')
|
const initDB = require('./db')
|
||||||
const initEncryptConf = require('./init')
|
|
||||||
const scheduleJob = require('./schedule')
|
const scheduleJob = require('./schedule')
|
||||||
|
|
||||||
async function main() {
|
async function main() {
|
||||||
await initDB()
|
await initDB()
|
||||||
await initEncryptConf()
|
|
||||||
httpServer()
|
httpServer()
|
||||||
scheduleJob()
|
scheduleJob()
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
const schedule = require('node-schedule')
|
const schedule = require('node-schedule')
|
||||||
const { asyncSendNotice } = require('../utils/notify')
|
const { sendNoticeAsync } = require('../utils/notify')
|
||||||
const { formatTimestamp } = require('../utils/tools')
|
const { formatTimestamp } = require('../utils/tools')
|
||||||
const { HostListDB } = require('../utils/db-class')
|
const { HostListDB } = require('../utils/db-class')
|
||||||
const hostListDB = new HostListDB().getInstance()
|
const hostListDB = new HostListDB().getInstance()
|
||||||
@ -16,13 +16,13 @@ const expiredNotifyJob = async () => {
|
|||||||
let content = `别名: ${ name }\nIP: ${ host }\n到期时间:${ formatTimestamp(expired, 'week') }\n控制台: ${ consoleUrl || '未填写' }`
|
let content = `别名: ${ name }\nIP: ${ host }\n到期时间:${ formatTimestamp(expired, 'week') }\n控制台: ${ consoleUrl || '未填写' }`
|
||||||
if (0 <= restDay && restDay <= 1) {
|
if (0 <= restDay && restDay <= 1) {
|
||||||
let temp = '有服务器将在一天后到期,请关注\n'
|
let temp = '有服务器将在一天后到期,请关注\n'
|
||||||
asyncSendNotice('host_expired', title, temp + content)
|
sendNoticeAsync('host_expired', title, temp + content)
|
||||||
} else if (3 <= restDay && restDay < 4) {
|
} else if (3 <= restDay && restDay < 4) {
|
||||||
let temp = '有服务器将在三天后到期,请关注\n'
|
let temp = '有服务器将在三天后到期,请关注\n'
|
||||||
asyncSendNotice('host_expired', title, temp + content)
|
sendNoticeAsync('host_expired', title, temp + content)
|
||||||
} else if (7 <= restDay && restDay < 8) {
|
} else if (7 <= restDay && restDay < 8) {
|
||||||
let temp = '有服务器将在七天后到期,请关注\n'
|
let temp = '有服务器将在七天后到期,请关注\n'
|
||||||
asyncSendNotice('host_expired', title, temp + content)
|
sendNoticeAsync('host_expired', title, temp + content)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
const { Server } = require('socket.io')
|
const { Server } = require('socket.io')
|
||||||
const { Client: SSHClient } = require('ssh2')
|
const { Client: SSHClient } = require('ssh2')
|
||||||
const { asyncSendNotice } = require('../utils/notify')
|
const { sendNoticeAsync } = require('../utils/notify')
|
||||||
const { readSSHRecord } = require('../utils/storage')
|
const { readSSHRecord } = require('../utils/storage')
|
||||||
const { verifyAuthSync } = require('../utils/verify-auth')
|
const { verifyAuthSync } = require('../utils/verify-auth')
|
||||||
const { shellThrottle } = require('../utils/tools')
|
const { shellThrottle } = require('../utils/tools')
|
||||||
@ -124,7 +124,7 @@ module.exports = (httpServer) => {
|
|||||||
}
|
}
|
||||||
})
|
})
|
||||||
let reason = `执行超时,已强制终止执行 - 超时时间${ timeout }秒`
|
let reason = `执行超时,已强制终止执行 - 超时时间${ timeout }秒`
|
||||||
asyncSendNotice('onekey_complete', '批量指令执行超时', reason)
|
sendNoticeAsync('onekey_complete', '批量指令执行超时', reason)
|
||||||
socket.emit('timeout', { reason, result: execResult })
|
socket.emit('timeout', { reason, result: execResult })
|
||||||
socket.disconnect()
|
socket.disconnect()
|
||||||
disconnectAllExecClient()
|
disconnectAllExecClient()
|
||||||
@ -191,7 +191,7 @@ module.exports = (httpServer) => {
|
|||||||
await Promise.all(execPromise)
|
await Promise.all(execPromise)
|
||||||
consola.success('onekey执行完成')
|
consola.success('onekey执行完成')
|
||||||
socket.emit('exec_complete')
|
socket.emit('exec_complete')
|
||||||
asyncSendNotice('onekey_complete', '批量指令执行完成', '请登录面板查看执行结果')
|
sendNoticeAsync('onekey_complete', '批量指令执行完成', '请登录面板查看执行结果')
|
||||||
socket.disconnect()
|
socket.disconnect()
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
consola.error('onekey执行失败', error)
|
consola.error('onekey执行失败', error)
|
||||||
|
|||||||
@ -3,7 +3,7 @@ const { Client: SSHClient } = require('ssh2')
|
|||||||
const { verifyAuthSync } = require('../utils/verify-auth')
|
const { verifyAuthSync } = require('../utils/verify-auth')
|
||||||
const { AESDecryptAsync } = require('../utils/encrypt')
|
const { AESDecryptAsync } = require('../utils/encrypt')
|
||||||
const { readSSHRecord } = require('../utils/storage')
|
const { readSSHRecord } = require('../utils/storage')
|
||||||
const { asyncSendNotice } = require('../utils/notify')
|
const { sendNoticeAsync } = require('../utils/notify')
|
||||||
const { isAllowedIp, ping } = require('../utils/tools')
|
const { isAllowedIp, ping } = require('../utils/tools')
|
||||||
const { HostListDB } = require('../utils/db-class')
|
const { HostListDB } = require('../utils/db-class')
|
||||||
const hostListDB = new HostListDB().getInstance()
|
const hostListDB = new HostListDB().getInstance()
|
||||||
@ -75,7 +75,7 @@ async function createTerminal(hostId, socket, sshClient) {
|
|||||||
consola.log('连接信息', { username, port, authType })
|
consola.log('连接信息', { username, port, authType })
|
||||||
sshClient
|
sshClient
|
||||||
.on('ready', async() => {
|
.on('ready', async() => {
|
||||||
asyncSendNotice('host_login', '终端登录', `别名: ${ name } \n IP:${ host } \n 端口:${ port } \n 状态: 登录成功`)
|
sendNoticeAsync('host_login', '终端登录', `别名: ${ name } \n IP:${ host } \n 端口:${ port } \n 状态: 登录成功`)
|
||||||
consola.success('终端连接成功:', host)
|
consola.success('终端连接成功:', host)
|
||||||
socket.emit('connect_terminal_success', `终端连接成功:${ host }`)
|
socket.emit('connect_terminal_success', `终端连接成功:${ host }`)
|
||||||
let stream = await createInteractiveShell(socket, sshClient)
|
let stream = await createInteractiveShell(socket, sshClient)
|
||||||
@ -92,7 +92,7 @@ async function createTerminal(hostId, socket, sshClient) {
|
|||||||
})
|
})
|
||||||
.on('error', (err) => {
|
.on('error', (err) => {
|
||||||
consola.log(err)
|
consola.log(err)
|
||||||
asyncSendNotice('host_login', '终端登录', `别名: ${ name } \n IP:${ host } \n 端口:${ port } \n 状态: 登录失败`)
|
sendNoticeAsync('host_login', '终端登录', `别名: ${ name } \n IP:${ host } \n 端口:${ port } \n 状态: 登录失败`)
|
||||||
consola.error('连接终端失败:', host, err.message)
|
consola.error('连接终端失败:', host, err.message)
|
||||||
socket.emit('connect_fail', err.message)
|
socket.emit('connect_fail', err.message)
|
||||||
})
|
})
|
||||||
|
|||||||
@ -1,12 +1,13 @@
|
|||||||
const CryptoJS = require('crypto-js')
|
const CryptoJS = require('crypto-js')
|
||||||
const rawCrypto = require('crypto')
|
const rawCrypto = require('crypto')
|
||||||
const NodeRSA = require('node-rsa')
|
const NodeRSA = require('node-rsa')
|
||||||
const { readKey } = require('./storage.js')
|
const { KeyDB } = require('./db-class')
|
||||||
|
const keyDB = new KeyDB().getInstance()
|
||||||
|
|
||||||
// rsa非对称 私钥解密
|
// rsa非对称 私钥解密
|
||||||
const RSADecryptAsync = async (ciphertext) => {
|
const RSADecryptAsync = async (ciphertext) => {
|
||||||
if (!ciphertext) return
|
if (!ciphertext) return
|
||||||
let { privateKey } = await readKey()
|
let { privateKey } = await keyDB.findOneAsync({})
|
||||||
privateKey = await AESDecryptAsync(privateKey) // 先解密私钥
|
privateKey = await AESDecryptAsync(privateKey) // 先解密私钥
|
||||||
const rsakey = new NodeRSA(privateKey)
|
const rsakey = new NodeRSA(privateKey)
|
||||||
rsakey.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' }) // Must Set It When Frontend Use jsencrypt
|
rsakey.setOptions({ encryptionScheme: 'pkcs1', environment: 'browser' }) // Must Set It When Frontend Use jsencrypt
|
||||||
@ -17,7 +18,7 @@ const RSADecryptAsync = async (ciphertext) => {
|
|||||||
// aes对称 加密(default commonKey)
|
// aes对称 加密(default commonKey)
|
||||||
const AESEncryptAsync = async (text, key) => {
|
const AESEncryptAsync = async (text, key) => {
|
||||||
if (!text) return
|
if (!text) return
|
||||||
let { commonKey } = await readKey()
|
let { commonKey } = await keyDB.findOneAsync({})
|
||||||
let ciphertext = CryptoJS.AES.encrypt(text, key || commonKey).toString()
|
let ciphertext = CryptoJS.AES.encrypt(text, key || commonKey).toString()
|
||||||
return ciphertext
|
return ciphertext
|
||||||
}
|
}
|
||||||
@ -25,7 +26,7 @@ const AESEncryptAsync = async (text, key) => {
|
|||||||
// aes对称 解密(default commonKey)
|
// aes对称 解密(default commonKey)
|
||||||
const AESDecryptAsync = async (ciphertext, key) => {
|
const AESDecryptAsync = async (ciphertext, key) => {
|
||||||
if (!ciphertext) return
|
if (!ciphertext) return
|
||||||
let { commonKey } = await readKey()
|
let { commonKey } = await keyDB.findOneAsync({})
|
||||||
let bytes = CryptoJS.AES.decrypt(ciphertext, key || commonKey)
|
let bytes = CryptoJS.AES.decrypt(ciphertext, key || commonKey)
|
||||||
let originalText = bytes.toString(CryptoJS.enc.Utf8)
|
let originalText = bytes.toString(CryptoJS.enc.Utf8)
|
||||||
return originalText
|
return originalText
|
||||||
|
|||||||
@ -56,7 +56,7 @@ function sendEmail({ service, user, pass }, title, content) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 异步发送通知
|
// 异步发送通知
|
||||||
async function asyncSendNotice(noticeAction, title, content) {
|
async function sendNoticeAsync(noticeAction, title, content) {
|
||||||
try {
|
try {
|
||||||
let notifyList = await notifyDB.findAsync({})
|
let notifyList = await notifyDB.findAsync({})
|
||||||
let { sw } = notifyList.find((item) => item.type === noticeAction) // 获取对应动作的通知开关
|
let { sw } = notifyList.find((item) => item.type === noticeAction) // 获取对应动作的通知开关
|
||||||
@ -87,7 +87,7 @@ async function asyncSendNotice(noticeAction, title, content) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
asyncSendNotice,
|
sendNoticeAsync,
|
||||||
sendServerChan,
|
sendServerChan,
|
||||||
sendEmail
|
sendEmail
|
||||||
}
|
}
|
||||||
@ -1,31 +1,4 @@
|
|||||||
const { KeyDB, SshRecordDB, OnekeyDB } = require('./db-class')
|
const { SshRecordDB } = require('./db-class')
|
||||||
|
|
||||||
const readKey = async () => {
|
|
||||||
return new Promise((resolve, reject) => {
|
|
||||||
const keyDB = new KeyDB().getInstance()
|
|
||||||
keyDB.findOne({}, (err, doc) => {
|
|
||||||
if (err) {
|
|
||||||
reject(err)
|
|
||||||
} else {
|
|
||||||
resolve(doc)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
const writeKey = async (keyObj = {}) => {
|
|
||||||
const keyDB = new KeyDB().getInstance()
|
|
||||||
return new Promise((resolve, reject) => {
|
|
||||||
keyDB.update({}, { $set: keyObj }, { upsert: true }, (err, numReplaced) => {
|
|
||||||
if (err) {
|
|
||||||
reject(err)
|
|
||||||
} else {
|
|
||||||
keyDB.compactDatafile()
|
|
||||||
resolve(numReplaced)
|
|
||||||
}
|
|
||||||
})
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
const readSSHRecord = async () => {
|
const readSSHRecord = async () => {
|
||||||
const sshRecordDB = new SshRecordDB().getInstance()
|
const sshRecordDB = new SshRecordDB().getInstance()
|
||||||
@ -65,6 +38,5 @@ const writeSSHRecord = async (record = []) => {
|
|||||||
}
|
}
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
readSSHRecord, writeSSHRecord,
|
readSSHRecord, writeSSHRecord
|
||||||
readKey, writeKey
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,7 +1,8 @@
|
|||||||
|
|
||||||
const { AESDecryptAsync } = require('./encrypt')
|
const { AESDecryptAsync } = require('./encrypt')
|
||||||
const { readKey } = require('./storage')
|
|
||||||
const jwt = require('jsonwebtoken')
|
const jwt = require('jsonwebtoken')
|
||||||
|
const { KeyDB } = require('./db-class')
|
||||||
|
const keyDB = new KeyDB().getInstance()
|
||||||
|
|
||||||
const enumLoginCode = {
|
const enumLoginCode = {
|
||||||
SUCCESS: 1,
|
SUCCESS: 1,
|
||||||
@ -14,7 +15,7 @@ const verifyAuthSync = async (token, clientIp) => {
|
|||||||
consola.info('verifyAuthSync IP:', clientIp)
|
consola.info('verifyAuthSync IP:', clientIp)
|
||||||
try {
|
try {
|
||||||
token = await AESDecryptAsync(token) // 先aes解密
|
token = await AESDecryptAsync(token) // 先aes解密
|
||||||
const { commonKey } = await readKey()
|
const { commonKey } = await keyDB.findOneAsync({})
|
||||||
const { exp } = jwt.verify(token, commonKey)
|
const { exp } = jwt.verify(token, commonKey)
|
||||||
if (Date.now() > (exp * 1000)) return { code: -1, msg: 'token expires' } // 过期
|
if (Date.now() > (exp * 1000)) return { code: -1, msg: 'token expires' } // 过期
|
||||||
return { code: enumLoginCode.SUCCESS, msg: 'success' } // 验证成功
|
return { code: enumLoginCode.SUCCESS, msg: 'success' } // 验证成功
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user