mirror of
https://github.com/yhl452493373/frps-panel.git
synced 2026-04-04 06:16:59 +08:00
add user and token format verify
This commit is contained in:
杨黄林
@@ -29,8 +29,8 @@
|
|||||||
"Other error": "Other error",
|
"Other error": "Other error",
|
||||||
"Param error": "Param error",
|
"Param error": "Param error",
|
||||||
"User exist": "User exist",
|
"User exist": "User exist",
|
||||||
"User cannot be empty": "User cannot be empty",
|
"User format error": "User cannot be empty or include space char. It only allowed alphanumeric and underline.",
|
||||||
"Token cannot be empty": "Token cannot be empty",
|
"Token format error": "Token cannot be empty or include space char. It allow include those special char: _!@#$%^&*()",
|
||||||
"Please check at least one user": "Please Check at least one user",
|
"Please check at least one user": "Please Check at least one user",
|
||||||
"Operation confirm": "Operation confirm",
|
"Operation confirm": "Operation confirm",
|
||||||
"Empty data": "Empty data",
|
"Empty data": "Empty data",
|
||||||
|
|||||||
@@ -29,8 +29,8 @@
|
|||||||
"Other error": "其他异常",
|
"Other error": "其他异常",
|
||||||
"Param error": "参数异常",
|
"Param error": "参数异常",
|
||||||
"User exist": "用户已经存在",
|
"User exist": "用户已经存在",
|
||||||
"User cannot be empty": "用户不能为空",
|
"User format error": "用户不能为空或包含空格。只允许英文数字、字母、下划线",
|
||||||
"Token cannot be empty": "Token 不能为空",
|
"Token format error": "Token不能为空或包含空格。允许的特殊符号:_!@#$%^&*()",
|
||||||
"Please check at least one user": "请选中需要操作的用户",
|
"Please check at least one user": "请选中需要操作的用户",
|
||||||
"Operation confirm": "操作确认",
|
"Operation confirm": "操作确认",
|
||||||
"Empty data": "无数据",
|
"Empty data": "无数据",
|
||||||
|
|||||||
@@ -12,7 +12,7 @@ $(function () {
|
|||||||
*/
|
*/
|
||||||
function verifyUser(username) {
|
function verifyUser(username) {
|
||||||
var valid = true;
|
var valid = true;
|
||||||
if (username.trim() === '' || !/\w/.test(username)) {
|
if (username.trim() === '' || !/^\w+$/.test(username)) {
|
||||||
valid = false;
|
valid = false;
|
||||||
}
|
}
|
||||||
return {
|
return {
|
||||||
@@ -27,12 +27,12 @@ $(function () {
|
|||||||
*/
|
*/
|
||||||
function verifyToken(token) {
|
function verifyToken(token) {
|
||||||
var valid = true;
|
var valid = true;
|
||||||
if (token.trim() === '' || !/\w/.test(token)) {
|
if (token.trim() === '' || !/^[\w!@#$%^&*()]+$/.test(token)) {
|
||||||
valid = false;
|
valid = false;
|
||||||
}
|
}
|
||||||
return {
|
return {
|
||||||
valid: valid,
|
valid: valid,
|
||||||
trim: token
|
trim: token.trim()
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -153,7 +153,7 @@ $(function () {
|
|||||||
user: function (value, item) {
|
user: function (value, item) {
|
||||||
var result = verifyUser(value);
|
var result = verifyUser(value);
|
||||||
if (!result.valid) {
|
if (!result.valid) {
|
||||||
return lang['UserEmpty'];
|
return lang['UserFormatError'];
|
||||||
}
|
}
|
||||||
if (item != null) {
|
if (item != null) {
|
||||||
if (typeof item === "function") {
|
if (typeof item === "function") {
|
||||||
@@ -166,7 +166,7 @@ $(function () {
|
|||||||
token: function (value, item) {
|
token: function (value, item) {
|
||||||
var result = verifyToken(value);
|
var result = verifyToken(value);
|
||||||
if (!result.valid) {
|
if (!result.valid) {
|
||||||
return lang['TokenEmpty'];
|
return lang['TokenFormatError'];
|
||||||
}
|
}
|
||||||
if (item != null) {
|
if (item != null) {
|
||||||
if (typeof item === "function") {
|
if (typeof item === "function") {
|
||||||
@@ -614,9 +614,9 @@ $(function () {
|
|||||||
else if (result.code === 3)
|
else if (result.code === 3)
|
||||||
reason = lang['ParamError'];
|
reason = lang['ParamError'];
|
||||||
else if (result.code === 4)
|
else if (result.code === 4)
|
||||||
reason = lang['UserEmpty'];
|
reason = lang['UserFormatError'];
|
||||||
else if (result.code === 5)
|
else if (result.code === 5)
|
||||||
reason = lang['TokenEmpty'];
|
reason = lang['TokenFormatError'];
|
||||||
layui.layer.msg(lang['OperateFailed'] + ',' + reason)
|
layui.layer.msg(lang['OperateFailed'] + ',' + reason)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -19,10 +19,12 @@ const (
|
|||||||
ParamError = 1
|
ParamError = 1
|
||||||
UserExist = 2
|
UserExist = 2
|
||||||
SaveError = 3
|
SaveError = 3
|
||||||
UserEmpty = 4
|
UserFormatError = 4
|
||||||
TokenEmpty = 5
|
TokenFormatError = 5
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var UserFormatReg = regexp.MustCompile("^\\w$")
|
||||||
|
var TokenFormatReg = regexp.MustCompile("^[\\w!@#$%^&*()]+$")
|
||||||
var TrimAllSpaceReg = regexp.MustCompile("[\\n\\t\\r\\s]")
|
var TrimAllSpaceReg = regexp.MustCompile("[\\n\\t\\r\\s]")
|
||||||
var TrimBreakLineReg = regexp.MustCompile("[\\n\\t\\r]")
|
var TrimBreakLineReg = regexp.MustCompile("[\\n\\t\\r]")
|
||||||
|
|
||||||
@@ -212,8 +214,8 @@ func (c *HandleController) MakeLangFunc() func(context *gin.Context) {
|
|||||||
"OperateError": ginI18n.MustGetMessage(context, "Operate error"),
|
"OperateError": ginI18n.MustGetMessage(context, "Operate error"),
|
||||||
"OperateFailed": ginI18n.MustGetMessage(context, "Operate failed"),
|
"OperateFailed": ginI18n.MustGetMessage(context, "Operate failed"),
|
||||||
"UserExist": ginI18n.MustGetMessage(context, "User exist"),
|
"UserExist": ginI18n.MustGetMessage(context, "User exist"),
|
||||||
"UserEmpty": ginI18n.MustGetMessage(context, "User cannot be empty"),
|
"UserFormatError": ginI18n.MustGetMessage(context, "User format error"),
|
||||||
"TokenEmpty": ginI18n.MustGetMessage(context, "Token cannot be empty"),
|
"TokenFormatError": ginI18n.MustGetMessage(context, "Token format error"),
|
||||||
"ShouldCheckUser": ginI18n.MustGetMessage(context, "Please check at least one user"),
|
"ShouldCheckUser": ginI18n.MustGetMessage(context, "Please check at least one user"),
|
||||||
"OperationConfirm": ginI18n.MustGetMessage(context, "Operation confirm"),
|
"OperationConfirm": ginI18n.MustGetMessage(context, "Operation confirm"),
|
||||||
"EmptyData": ginI18n.MustGetMessage(context, "Empty data"),
|
"EmptyData": ginI18n.MustGetMessage(context, "Empty data"),
|
||||||
@@ -317,11 +319,11 @@ func (c *HandleController) MakeAddTokenFunc() func(context *gin.Context) {
|
|||||||
context.JSON(http.StatusOK, &response)
|
context.JSON(http.StatusOK, &response)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if strings.TrimSpace(info.User) == "" {
|
if !UserFormatReg.MatchString(info.User) {
|
||||||
log.Printf("user add failed, user cannot be empty")
|
log.Printf("user add failed, user format error")
|
||||||
response.Success = false
|
response.Success = false
|
||||||
response.Code = UserEmpty
|
response.Code = UserFormatError
|
||||||
response.Message = fmt.Sprintf("user add failed, user cannot be empty")
|
response.Message = fmt.Sprintf("user add failed, user format error")
|
||||||
context.JSON(http.StatusOK, &response)
|
context.JSON(http.StatusOK, &response)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
@@ -333,14 +335,16 @@ func (c *HandleController) MakeAddTokenFunc() func(context *gin.Context) {
|
|||||||
context.JSON(http.StatusOK, &response)
|
context.JSON(http.StatusOK, &response)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if strings.TrimSpace(info.Token) == "" {
|
if !TokenFormatReg.MatchString(info.Token) {
|
||||||
log.Printf("user add failed, token cannot be empty")
|
log.Printf("user add failed, token format error")
|
||||||
response.Success = false
|
response.Success = false
|
||||||
response.Code = TokenEmpty
|
response.Code = TokenFormatError
|
||||||
response.Message = fmt.Sprintf("user add failed, token cannot be empty")
|
response.Message = fmt.Sprintf("user add failed, token format error")
|
||||||
context.JSON(http.StatusOK, &response)
|
context.JSON(http.StatusOK, &response)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(info.Token, "")
|
||||||
|
info.Token = replaceSpaceToken
|
||||||
c.Tokens[info.User] = info
|
c.Tokens[info.User] = info
|
||||||
|
|
||||||
usersSection, _ := c.IniFile.GetSection("users")
|
usersSection, _ := c.IniFile.GetSection("users")
|
||||||
@@ -408,7 +412,18 @@ func (c *HandleController) MakeUpdateTokensFunc() func(context *gin.Context) {
|
|||||||
comment := TrimBreakLineReg.ReplaceAllString(after.Comment, "")
|
comment := TrimBreakLineReg.ReplaceAllString(after.Comment, "")
|
||||||
after.Comment = comment
|
after.Comment = comment
|
||||||
key.Comment = comment
|
key.Comment = comment
|
||||||
key.SetValue(after.Token)
|
|
||||||
|
if !TokenFormatReg.MatchString(after.Token) {
|
||||||
|
log.Printf("update failed, token format error")
|
||||||
|
response.Success = false
|
||||||
|
response.Code = TokenFormatError
|
||||||
|
response.Message = "user update failed, token format error "
|
||||||
|
context.JSON(http.StatusOK, &response)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(after.Token, "")
|
||||||
|
after.Token = replaceSpaceToken
|
||||||
|
key.SetValue(replaceSpaceToken)
|
||||||
|
|
||||||
if before.Ports != after.Ports {
|
if before.Ports != after.Ports {
|
||||||
portsSection, _ := c.IniFile.GetSection("ports")
|
portsSection, _ := c.IniFile.GetSection("ports")
|
||||||
|
|||||||
Reference in New Issue
Block a user