diff --git a/README.md b/README.md index 4787fe5..c768d36 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@
LOGO designed by 熊大 .

-    +   

:trollface: 哪吒监控 一站式轻监控轻运维系统。支持系统状态、HTTP(SSL 证书变更、即将到期、到期)、TCP、Ping 监控报警,计划任务和在线终端。

diff --git a/cmd/dashboard/controller/oauth2.go b/cmd/dashboard/controller/oauth2.go index 16b9490..200809b 100644 --- a/cmd/dashboard/controller/oauth2.go +++ b/cmd/dashboard/controller/oauth2.go @@ -9,6 +9,7 @@ import ( "github.com/gin-gonic/gin" GitHubAPI "github.com/google/go-github/github" + "github.com/patrickmn/go-cache" "golang.org/x/oauth2" GitHubOauth2 "golang.org/x/oauth2/github" @@ -58,18 +59,25 @@ func (oa *oauth2controller) getRedirectURL(c *gin.Context) string { } func (oa *oauth2controller) login(c *gin.Context) { - state := utils.RandStringBytesMaskImprSrcUnsafe(6) - singleton.Cache.Set(fmt.Sprintf("%s%s", model.CacheKeyOauth2State, c.ClientIP()), state, 0) + randomString := utils.RandStringBytesMaskImprSrcUnsafe(32) + state, stateKey := randomString[:16], randomString[16:] + singleton.Cache.Set(fmt.Sprintf("%s%s", model.CacheKeyOauth2State, stateKey), state, cache.DefaultExpiration) url := oa.getCommonOauth2Config(c).AuthCodeURL(state, oauth2.AccessTypeOnline) - c.Redirect(http.StatusFound, url) + c.SetCookie(singleton.Conf.Site.CookieName+"-sk", stateKey, 60*5, "", "", false, false) + c.HTML(http.StatusOK, "dashboard/redirect", gin.H{ + "URL": url, + }) } func (oa *oauth2controller) callback(c *gin.Context) { var err error // 验证登录跳转时的 State - state, ok := singleton.Cache.Get(fmt.Sprintf("%s%s", model.CacheKeyOauth2State, c.ClientIP())) - if !ok || state.(string) != c.Query("state") { - err = errors.New("非法的登录方式") + stateKey, err := c.Cookie(singleton.Conf.Site.CookieName + "-sk") + if err == nil { + state, ok := singleton.Cache.Get(fmt.Sprintf("%s%s", model.CacheKeyOauth2State, stateKey)) + if !ok || state.(string) != c.Query("state") { + err = errors.New("非法的登录方式") + } } oauth2Config := oa.getCommonOauth2Config(c) ctx := context.Background() @@ -117,6 +125,7 @@ func (oa *oauth2controller) callback(c *gin.Context) { user.IssueNewToken() singleton.DB.Save(&user) c.SetCookie(singleton.Conf.Site.CookieName, user.Token, 60*60*24, "", "", false, false) - c.Status(http.StatusOK) - c.Writer.WriteString("") + c.HTML(http.StatusOK, "dashboard/redirect", gin.H{ + "URL": "/", + }) } diff --git a/resource/template/dashboard/redirect.html b/resource/template/dashboard/redirect.html new file mode 100644 index 0000000..ff86348 --- /dev/null +++ b/resource/template/dashboard/redirect.html @@ -0,0 +1,17 @@ +{{define "dashboard/redirect"}} + + + + + + + + Redireting.. + + + + + + + +{{end}} \ No newline at end of file diff --git a/service/singleton/singleton.go b/service/singleton/singleton.go index 116171e..fa03bfc 100644 --- a/service/singleton/singleton.go +++ b/service/singleton/singleton.go @@ -12,7 +12,7 @@ import ( "github.com/naiba/nezha/pkg/utils" ) -var Version = "v0.12.24" // !!记得修改 README 中的 badge 版本!! +var Version = "v0.12.25" // !!记得修改 README 中的 badge 版本!! var ( Conf *model.Config