update: 线程安全

2025-02-02 01:28:13 -05:00 · 2022-05-18 10:28:24 +08:00 · 2022-05-18 10:28:24 +08:00 · 73df5fa0de
commit 73df5fa0de
parent 990394bf46
3 changed files with 13 additions and 0 deletions
--- a/cmd/dashboard/controller/member_api.go
+++ b/cmd/dashboard/controller/member_api.go
@ -62,7 +62,9 @@ type apiResult struct {
 // getToken 获取 Token
 func (ma *memberAPI) getToken(c *gin.Context) {
 	u := c.MustGet(model.CtxKeyAuthorizedUser).(*model.User)
+	singleton.ApiLock.RLock()
 	tokenList := singleton.UserIDToApiTokenList[u.ID]
+	singleton.ApiLock.RUnlock()
 	res := make([]*apiResult, len(tokenList))
 	for i, token := range tokenList {
 		res[i] = &apiResult{
@ -84,8 +86,12 @@ func (ma *memberAPI) issueNewToken(c *gin.Context) {
 		Token:  utils.MD5(fmt.Sprintf("%d%d%s", time.Now().UnixNano(), u.ID, u.Login)),
 	}
 	singleton.DB.Create(token)
+
+	singleton.ApiLock.Lock()
 	singleton.ApiTokenList[token.Token] = token
 	singleton.UserIDToApiTokenList[u.ID] = append(singleton.UserIDToApiTokenList[u.ID], token.Token)
+	singleton.ApiLock.Unlock()
+
 	c.JSON(http.StatusOK, model.Response{
 		Code:    http.StatusOK,
 		Message: "success",
@ -105,6 +111,8 @@ func (ma *memberAPI) deleteToken(c *gin.Context) {
 		})
 		return
 	}
+	singleton.ApiLock.Lock()
+	defer singleton.ApiLock.Unlock()
 	if _, ok := singleton.ApiTokenList[token]; !ok {
 		c.JSON(http.StatusOK, model.Response{
 			Code:    http.StatusBadRequest,
@ -114,6 +122,7 @@ func (ma *memberAPI) deleteToken(c *gin.Context) {
 	}
 	// 在数据库中删除该Token
 	singleton.DB.Unscoped().Delete(&model.ApiToken{}, "token = ?", token)
+
 	// 在UserIDToApiTokenList中删除该Token
 	for i, t := range singleton.UserIDToApiTokenList[singleton.ApiTokenList[token].UserID] {
 		if t == token {
--- a/pkg/mygin/auth.go
+++ b/pkg/mygin/auth.go
@ -55,10 +55,12 @@ func Authorize(opt AuthorizeOption) func(*gin.Context) {
 			apiToken := c.GetHeader("Authorization")
 			if apiToken != "" {
 				var u model.User
+				singleton.ApiLock.RLock()
 				if _, ok := singleton.ApiTokenList[apiToken]; ok {
 					err := singleton.DB.First(&u).Where("id = ?", singleton.ApiTokenList[apiToken].UserID).Error
 					isLogin = err == nil
 				}
+				singleton.ApiLock.RUnlock()
 				if isLogin {
 					c.Set(model.CtxKeyAuthorizedUser, &u)
 					c.Set("isAPI", true)
--- a/service/singleton/api.go
+++ b/service/singleton/api.go
@ -3,11 +3,13 @@ package singleton
 import (
 	"github.com/naiba/nezha/model"
 	"github.com/naiba/nezha/pkg/utils"
+	"sync"
 )

 var (
 	ApiTokenList         = make(map[string]*model.ApiToken)
 	UserIDToApiTokenList = make(map[uint64][]string)
+	ApiLock              sync.RWMutex
 )

 type ServerAPI struct {