update profile api (#16)

* update profile api * rename * fix realip assertion * add waf api
2025-01-22 12:48:14 -05:00 · 2024-11-23 16:22:22 +08:00 · 2024-11-23 16:22:22 +08:00 · 885330e948
commit 885330e948
parent 22738b6244
7 changed files with 85 additions and 7 deletions
--- a/cmd/dashboard/controller/controller.go
+++ b/cmd/dashboard/controller/controller.go
@ -123,6 +123,9 @@ func routers(r *gin.Engine) {
 	auth.PATCH("/nat/:id", commonHandler(updateNAT))
 	auth.POST("/batch-delete/nat", commonHandler(batchDeleteNAT))

+	auth.GET("/waf", commonHandler(listBlockedAddress))
+	auth.POST("/batch-delete/waf", commonHandler(batchDeleteBlockedAddress))
+
 	auth.PATCH("/setting", commonHandler(updateConfig))

 	r.NoRoute(fallbackToFrontend)
--- a/cmd/dashboard/controller/server.go
+++ b/cmd/dashboard/controller/server.go
@ -116,8 +116,8 @@ func batchDeleteServer(c *gin.Context) (any, error) {
 				delete(singleton.AlertsCycleTransferStatsStore[alert.ID].NextUpdate, sid)
 			}
 		}
-		singleton.DB.Unscoped().Delete(&model.Transfer{}, "server_id = ?", sid)
 	}
+	singleton.DB.Unscoped().Delete(&model.Transfer{}, "server_id in (?)", servers)
 	singleton.AlertsLock.Unlock()

 	singleton.OnServerDelete(servers)
--- a/cmd/dashboard/controller/user.go
+++ b/cmd/dashboard/controller/user.go
@ -2,9 +2,10 @@ package controller

 import (
 	"github.com/gin-gonic/gin"
+	"golang.org/x/crypto/bcrypt"
+
 	"github.com/naiba/nezha/model"
 	"github.com/naiba/nezha/service/singleton"
-	"golang.org/x/crypto/bcrypt"
 )

 // Get profile
@ -14,14 +15,17 @@ import (
 // @Description Get profile
 // @Tags auth required
 // @Produce json
-// @Success 200 {object} model.CommonResponse[model.User]
+// @Success 200 {object} model.CommonResponse[model.Profile]
 // @Router /profile [get]
-func getProfile(c *gin.Context) (*model.User, error) {
+func getProfile(c *gin.Context) (*model.Profile, error) {
 	auth, ok := c.Get(model.CtxKeyAuthorizedUser)
 	if !ok {
 		return nil, singleton.Localizer.ErrorT("unauthorized")
 	}
-	return auth.(*model.User), nil
+	return &model.Profile{
+		User:    *auth.(*model.User),
+		LoginIP: c.GetString(model.CtxKeyRealIPStr),
+	}, nil
 }

 // List user
--- a/cmd/dashboard/controller/waf.go
+++ b/cmd/dashboard/controller/waf.go
@ -0,0 +1,50 @@
+package controller
+
+import (
+	"github.com/gin-gonic/gin"
+
+	"github.com/naiba/nezha/model"
+	"github.com/naiba/nezha/service/singleton"
+)
+
+// List blocked addresses
+// @Summary List blocked addresses
+// @Security BearerAuth
+// @Schemes
+// @Description List server
+// @Tags auth required
+// @Produce json
+// @Success 200 {object} model.CommonResponse[[]model.WAF]
+// @Router /waf [get]
+func listBlockedAddress(c *gin.Context) ([]*model.WAF, error) {
+	var waf []*model.WAF
+	if err := singleton.DB.Find(&waf).Error; err != nil {
+		return nil, err
+	}
+
+	return waf, nil
+}
+
+// Batch delete blocked addresses
+// @Summary Edit server
+// @Security BearerAuth
+// @Schemes
+// @Description Edit server
+// @Tags auth required
+// @Accept json
+// @Param request body []string true "block list"
+// @Produce json
+// @Success 200 {object} model.CommonResponse[any]
+// @Router /batch-delete/waf [patch]
+func batchDeleteBlockedAddress(c *gin.Context) (any, error) {
+	var list []string
+	if err := c.ShouldBindJSON(&list); err != nil {
+		return nil, err
+	}
+
+	if err := model.BatchClearIP(singleton.DB, list); err != nil {
+		return nil, newGormError("%v", err)
+	}
+
+	return nil, nil
+}
--- a/cmd/dashboard/rpc/rpc.go
+++ b/cmd/dashboard/rpc/rpc.go
@ -27,7 +27,8 @@ func ServeRPC() *grpc.Server {
 }

 func waf(ctx context.Context, req interface{}, info *grpc.UnaryServerInfo, handler grpc.UnaryHandler) (interface{}, error) {
-	if err := model.CheckIP(singleton.DB, ctx.Value(model.CtxKeyRealIP{}).(string)); err != nil {
+	realip, _ := ctx.Value(model.CtxKeyRealIP{}).(string)
+	if err := model.CheckIP(singleton.DB, realip); err != nil {
 		return nil, err
 	}
 	return handler(ctx, req)
--- a/model/user.go
+++ b/model/user.go
@ -5,3 +5,8 @@ type User struct {
 	Username string `json:"username,omitempty" gorm:"uniqueIndex"`
 	Password string `json:"password,omitempty" gorm:"type:char(72)"`
 }
+
+type Profile struct {
+	User
+	LoginIP string `json:"login_ip,omitempty"`
+}
--- a/model/waf.go
+++ b/model/waf.go
@ -56,7 +56,22 @@ func ClearIP(db *gorm.DB, ip string) error {
 	if err != nil {
 		return err
 	}
-	return db.Delete(&WAF{}, "ip = ?", ipBinary).Error
+	return db.Unscoped().Delete(&WAF{}, "ip = ?", ipBinary).Error
+}
+
+func BatchClearIP(db *gorm.DB, ip []string) error {
+	if len(ip) < 1 {
+		return nil
+	}
+	ips := make([][]byte, 0, len(ip))
+	for _, s := range ip {
+		ipBinary, err := utils.IPStringToBinary(s)
+		if err != nil {
+			continue
+		}
+		ips = append(ips, ipBinary)
+	}
+	return db.Unscoped().Delete(&WAF{}, "ip in (?)", ips).Error
 }

 func BlockIP(db *gorm.DB, ip string, reason uint8) error {