yhl452493373/frps-panel
1
0
Fork 0
mirror of https://github.com/yhl452493373/frps-panel.git synced 2026-04-04 06:16:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

add user and token format verify

Browse Source
This commit is contained in:
杨黄林
2023-08-30 23:56:24 +08:00
parent d09fc2fe91
commit 1fdc0fc63a
4 changed files with 43 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
assets/lang/en.json
View File

@@ -29,8 +29,8 @@
"Other error": "Other error",
"Param error": "Param error",
"User exist": "User exist",
"User cannot be empty": "User cannot be empty",
"Token cannot be empty": "Token cannot be empty",
"User format error": "User cannot be empty or include space char. It only allowed alphanumeric and underline.",
"Token format error": "Token cannot be empty or include space char. It allow include those special char: _!@#$%^&*()",
"Please check at least one user": "Please Check at least one user",
"Operation confirm": "Operation confirm",
"Empty data": "Empty data",

4
assets/lang/zh.json
View File

@@ -29,8 +29,8 @@
"Other error": "其他异常",
"Param error": "参数异常",
"User exist": "用户已经存在",
"User cannot be empty": "用户不能为空",
"Token cannot be empty": "Token 不能为空",
"User format error": "用户不能为空或包含空格。只允许英文数字、字母、下划线",
"Token format error": "Token不能为空或包含空格。允许的特殊符号_!@#$%^&*()",
"Please check at least one user": "请选中需要操作的用户",
"Operation confirm": "操作确认",
"Empty data": "无数据",

14
assets/static/js/index.js
View File

@@ -12,7 +12,7 @@ $(function () {
*/
function verifyUser(username) {
var valid = true;
if (username.trim() === '' || !/\w/.test(username)) {
if (username.trim() === '' || !/^\w+$/.test(username)) {
valid = false;
}
return {
@@ -27,12 +27,12 @@ $(function () {
*/
function verifyToken(token) {
var valid = true;
if (token.trim() === '' || !/\w/.test(token)) {
if (token.trim() === '' || !/^[\w!@#$%^&*()]+$/.test(token)) {
valid = false;
}
return {
valid: valid,
trim: token
trim: token.trim()
};
}
@@ -153,7 +153,7 @@ $(function () {
user: function (value, item) {
var result = verifyUser(value);
if (!result.valid) {
return lang['UserEmpty'];
return lang['UserFormatError'];
}
if (item != null) {
if (typeof item === "function") {
@@ -166,7 +166,7 @@ $(function () {
token: function (value, item) {
var result = verifyToken(value);
if (!result.valid) {
return lang['TokenEmpty'];
return lang['TokenFormatError'];
}
if (item != null) {
if (typeof item === "function") {
@@ -614,9 +614,9 @@ $(function () {
else if (result.code === 3)
reason = lang['ParamError'];
else if (result.code === 4)
reason = lang['UserEmpty'];
reason = lang['UserFormatError'];
else if (result.code === 5)
reason = lang['TokenEmpty'];
reason = lang['TokenFormatError'];
layui.layer.msg(lang['OperateFailed'] + ',' + reason)
}

41
pkg/server/controller/controller.go
View File

@@ -19,10 +19,12 @@ const (
ParamError = 1
UserExist = 2
SaveError = 3
UserEmpty = 4
TokenEmpty = 5
UserFormatError = 4
TokenFormatError = 5
)
var UserFormatReg = regexp.MustCompile("^\\w$")
var TokenFormatReg = regexp.MustCompile("^[\\w!@#$%^&*()]+$")
var TrimAllSpaceReg = regexp.MustCompile("[\\n\\t\\r\\s]")
var TrimBreakLineReg = regexp.MustCompile("[\\n\\t\\r]")
@@ -212,8 +214,8 @@ func (c *HandleController) MakeLangFunc() func(context *gin.Context) {
"OperateError": ginI18n.MustGetMessage(context, "Operate error"),
"OperateFailed": ginI18n.MustGetMessage(context, "Operate failed"),
"UserExist": ginI18n.MustGetMessage(context, "User exist"),
"UserEmpty": ginI18n.MustGetMessage(context, "User cannot be empty"),
"TokenEmpty": ginI18n.MustGetMessage(context, "Token cannot be empty"),
"UserFormatError": ginI18n.MustGetMessage(context, "User format error"),
"TokenFormatError": ginI18n.MustGetMessage(context, "Token format error"),
"ShouldCheckUser": ginI18n.MustGetMessage(context, "Please check at least one user"),
"OperationConfirm": ginI18n.MustGetMessage(context, "Operation confirm"),
"EmptyData": ginI18n.MustGetMessage(context, "Empty data"),
@@ -317,11 +319,11 @@ func (c *HandleController) MakeAddTokenFunc() func(context *gin.Context) {
context.JSON(http.StatusOK, &response)
return
}
if strings.TrimSpace(info.User) == "" {
log.Printf("user add failed, user cannot be empty")
if !UserFormatReg.MatchString(info.User) {
log.Printf("user add failed, user format error")
response.Success = false
response.Code = UserEmpty
response.Message = fmt.Sprintf("user add failed, user cannot be empty")
response.Code = UserFormatError
response.Message = fmt.Sprintf("user add failed, user format error")
context.JSON(http.StatusOK, &response)
return
}
@@ -333,14 +335,16 @@ func (c *HandleController) MakeAddTokenFunc() func(context *gin.Context) {
context.JSON(http.StatusOK, &response)
return
}
if strings.TrimSpace(info.Token) == "" {
log.Printf("user add failed, token cannot be empty")
if !TokenFormatReg.MatchString(info.Token) {
log.Printf("user add failed, token format error")
response.Success = false
response.Code = TokenEmpty
response.Message = fmt.Sprintf("user add failed, token cannot be empty")
response.Code = TokenFormatError
response.Message = fmt.Sprintf("user add failed, token format error")
context.JSON(http.StatusOK, &response)
return
}
replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(info.Token, "")
info.Token = replaceSpaceToken
c.Tokens[info.User] = info
usersSection, _ := c.IniFile.GetSection("users")
@@ -408,7 +412,18 @@ func (c *HandleController) MakeUpdateTokensFunc() func(context *gin.Context) {
comment := TrimBreakLineReg.ReplaceAllString(after.Comment, "")
after.Comment = comment
key.Comment = comment
key.SetValue(after.Token)
if !TokenFormatReg.MatchString(after.Token) {
log.Printf("update failed, token format error")
response.Success = false
response.Code = TokenFormatError
response.Message = "user update failed, token format error "
context.JSON(http.StatusOK, &response)
return
}
replaceSpaceToken := TrimAllSpaceReg.ReplaceAllString(after.Token, "")
after.Token = replaceSpaceToken
key.SetValue(replaceSpaceToken)
if before.Ports != after.Ports {
portsSection, _ := c.IniFile.GetSection("ports")