new login page

2026-04-04 06:16:59 +08:00 · 2023-09-13 23:23:37 +08:00
parent 09401aae46
commit 79bbf4a39c
15 changed files with 443 additions and 231 deletions
--- a/pkg/server/controller/authorizer.go
+++ b/pkg/server/controller/authorizer.go
@@ -0,0 +1,68 @@
+package controller
+
+import (
+	"encoding/base64"
+	"fmt"
+	"github.com/gin-gonic/gin"
+	"net/http"
+	"strings"
+)
+
+func (c *HandleController) BasicAuth() gin.HandlerFunc {
+	return func(context *gin.Context) {
+		if strings.TrimSpace(c.CommonInfo.User) == "" || strings.TrimSpace(c.CommonInfo.Pwd) == "" {
+			ClearLogin(context)
+			if context.Request.RequestURI == LoginUrl {
+				context.Redirect(http.StatusTemporaryRedirect, LoginSuccessUrl)
+			}
+			return
+		}
+
+		auth, err := context.Request.Cookie("token")
+
+		if err == nil {
+			username, password, _ := ParseBasicAuth(auth.Value)
+
+			usernameMatch := username == c.CommonInfo.User
+			passwordMatch := password == c.CommonInfo.Pwd
+
+			if usernameMatch && passwordMatch {
+				context.Next()
+				return
+			}
+		}
+
+		isAjax := context.GetHeader("X-Requested-With") == "XMLHttpRequest"
+
+		if !isAjax && context.Request.RequestURI != LoginUrl {
+			context.Redirect(http.StatusTemporaryRedirect, LoginUrl)
+		} else {
+			context.AbortWithStatus(http.StatusUnauthorized)
+		}
+	}
+}
+
+func ParseBasicAuth(auth string) (username, password string, ok bool) {
+	if len(auth) < len(AuthPrefix) || auth[:len(AuthPrefix)] != AuthPrefix {
+		return "", "", false
+	}
+	c, err := base64.StdEncoding.DecodeString(auth[len(AuthPrefix):])
+	if err != nil {
+		return "", "", false
+	}
+	cs := string(c)
+	username, password, ok = strings.Cut(cs, ":")
+	if !ok {
+		return "", "", false
+	}
+	return username, password, true
+}
+
+func EncodeBasicAuth(username, password string) string {
+	authString := fmt.Sprintf("%s:%s", username, password)
+	return AuthPrefix + base64.StdEncoding.EncodeToString([]byte(authString))
+}
+
+func ClearLogin(context *gin.Context) {
+	context.SetCookie("token", "", -1, "/", context.Request.Host, false, false)
+}
--- a/pkg/server/controller/controller.go
+++ b/pkg/server/controller/controller.go
@@ -12,105 +12,15 @@ import (
 	"io"
 	"log"
 	"net/http"
-	"regexp"
 	"sort"
 	"strconv"
 	"strings"
 )

-const (
-	Success          = 0
-	ParamError       = 1
-	UserExist        = 2
-	SaveError        = 3
-	UserFormatError  = 4
-	TokenFormatError = 5
-	FrpServerError   = 6
-)
-
-var UserFormatReg = regexp.MustCompile("^\\w+$")
-var TokenFormatReg = regexp.MustCompile("^[\\w!@#$%^&*()]+$")
-var TrimAllSpaceReg = regexp.MustCompile("[\\n\\t\\r\\s]")
-var TrimBreakLineReg = regexp.MustCompile("[\\n\\t\\r]")
-
-type Response struct {
-	Msg string `json:"msg"`
-}
-
-type HTTPError struct {
-	Code int
-	Err  error
-}
-
-type CommonInfo struct {
-	PluginAddr    string
-	PluginPort    int
-	User          string
-	Pwd           string
-	DashboardTLS  bool
-	DashboardAddr string
-	DashboardPort int
-	DashboardUser string
-	DashboardPwd  string
-}
-
-type TokenInfo struct {
-	User       string `json:"user" form:"user"`
-	Token      string `json:"token" form:"token"`
-	Comment    string `json:"comment" form:"comment"`
-	Ports      string `json:"ports" from:"ports"`
-	Domains    string `json:"domains" from:"domains"`
-	Subdomains string `json:"subdomains" from:"subdomains"`
-	Status     bool   `json:"status" form:"status"`
-}
-
-type TokenResponse struct {
-	Code  int         `json:"code"`
-	Msg   string      `json:"msg"`
-	Count int         `json:"count"`
-	Data  []TokenInfo `json:"data"`
-}
-
-type OperationResponse struct {
-	Success bool   `json:"success"`
-	Code    int    `json:"code"`
-	Message string `json:"message"`
-}
-
-type ProxyResponse struct {
-	OperationResponse
-	Data string `json:"data"`
-}
-
-type TokenSearch struct {
-	TokenInfo
-	Page  int `form:"page"`
-	Limit int `form:"limit"`
-}
-
-type TokenUpdate struct {
-	Before TokenInfo `json:"before"`
-	After  TokenInfo `json:"after"`
-}
-
-type TokenRemove struct {
-	Users []TokenInfo `json:"users"`
-}
-
-type TokenDisable struct {
-	TokenRemove
-}
-
-type TokenEnable struct {
-	TokenDisable
-}
-
 func (e *HTTPError) Error() string {
 	return e.Err.Error()
 }

-type HandlerFunc func(ctx *gin.Context) (interface{}, error)
-
 func (c *HandleController) MakeHandlerFunc() gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var response plugin.Response
@@ -177,9 +87,48 @@ func (c *HandleController) MakeHandlerFunc() gin.HandlerFunc {

 func (c *HandleController) MakeLoginFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
-		context.HTML(http.StatusOK, "login.html", gin.H{
-			"version": c.Version,
-		})
+		if context.Request.Method == "GET" {
+			if strings.TrimSpace(c.CommonInfo.User) == "" || strings.TrimSpace(c.CommonInfo.Pwd) == "" {
+				ClearLogin(context)
+				if context.Request.RequestURI == LoginUrl {
+					context.Redirect(http.StatusTemporaryRedirect, LoginSuccessUrl)
+				}
+				return
+			}
+			context.HTML(http.StatusOK, "login.html", gin.H{
+				"version":             c.Version,
+				"FrpsPanel":           ginI18n.MustGetMessage(context, "Frps Panel"),
+				"Username":            ginI18n.MustGetMessage(context, "Username"),
+				"Password":            ginI18n.MustGetMessage(context, "Password"),
+				"Login":               ginI18n.MustGetMessage(context, "Login"),
+				"PleaseInputUsername": ginI18n.MustGetMessage(context, "Please input username"),
+				"PleaseInputPassword": ginI18n.MustGetMessage(context, "Please input password"),
+			})
+		} else if context.Request.Method == "POST" {
+			username := context.PostForm("username")
+			password := context.PostForm("password")
+
+			auth := EncodeBasicAuth(username, password)
+			if auth == EncodeBasicAuth(c.CommonInfo.User, c.CommonInfo.Pwd) {
+				context.JSON(http.StatusOK, gin.H{
+					"success": true,
+					"message": ginI18n.MustGetMessage(context, "Login success"),
+					"token":   auth,
+				})
+			} else {
+				context.JSON(http.StatusOK, gin.H{
+					"success": false,
+					"message": ginI18n.MustGetMessage(context, "Username or password incorrect"),
+					"token":   "",
+				})
+			}
+		}
+	}
+}
+
+func (c *HandleController) MakeLogoutFunc() func(context *gin.Context) {
+	return func(context *gin.Context) {
+		ClearLogin(context)
 	}
 }

@@ -187,6 +136,7 @@ func (c *HandleController) MakeIndexFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
 		context.HTML(http.StatusOK, "index.html", gin.H{
 			"version":                      c.Version,
+			"showExit":                     strings.TrimSpace(c.CommonInfo.User) != "" && strings.TrimSpace(c.CommonInfo.Pwd) != "",
 			"FrpsPanel":                    ginI18n.MustGetMessage(context, "Frps Panel"),
 			"User":                         ginI18n.MustGetMessage(context, "User"),
 			"Token":                        ginI18n.MustGetMessage(context, "Token"),
@@ -300,6 +250,7 @@ func (c *HandleController) MakeLangFunc() func(context *gin.Context) {
 			"Proxies":               ginI18n.MustGetMessage(context, "Proxies"),
 			"NotSet":                ginI18n.MustGetMessage(context, "Not Set"),
 			"Proxy":                 ginI18n.MustGetMessage(context, "Proxy"),
+			"TokenInvalid":          ginI18n.MustGetMessage(context, "Token invalid"),
 		})
 	}
 }
--- a/pkg/server/controller/handler.go
+++ b/pkg/server/controller/handler.go
@@ -3,86 +3,11 @@ package controller
 import (
 	"fmt"
 	plugin "github.com/fatedier/frp/pkg/plugin/server"
-	"github.com/gin-gonic/gin"
-	"gopkg.in/ini.v1"
 	"log"
-	"net/http"
-	"os"
-	"path/filepath"
 	"strconv"
 	"strings"
 )

-type HandleController struct {
-	CommonInfo CommonInfo
-	Tokens     map[string]TokenInfo
-	Ports      map[string][]string
-	Domains    map[string][]string
-	Subdomains map[string][]string
-	ConfigFile string
-	IniFile    *ini.File
-	Version    string
-}
-
-func NewHandleController(config *HandleController) *HandleController {
-	return config
-}
-
-func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
-	assets := filepath.Join(rootDir, "assets")
-	_, err := os.Stat(assets)
-	if err != nil && !os.IsExist(err) {
-		assets = "./assets"
-	}
-
-	engine.Delims("${", "}")
-	engine.LoadHTMLGlob(filepath.Join(assets, "templates/*"))
-	engine.POST("/handler", c.MakeHandlerFunc())
-	engine.Static("/static", filepath.Join(assets, "static"))
-	engine.GET("/login", c.MakeLoginFunc())
-	engine.GET("/lang.json", c.MakeLangFunc())
-
-	var group *gin.RouterGroup
-	if len(c.CommonInfo.User) != 0 {
-		//group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
-		//	c.CommonInfo.User: c.CommonInfo.Pwd,
-		//}, "Restricted"))
-		group = engine.Group("/", c.BasicAuth())
-	} else {
-		group = engine.Group("/")
-	}
-	group.POST("/login", c.MakeLoginFunc())
-	group.GET("/", c.MakeIndexFunc())
-	group.GET("/tokens", c.MakeQueryTokensFunc())
-	group.POST("/add", c.MakeAddTokenFunc())
-	group.POST("/update", c.MakeUpdateTokensFunc())
-	group.POST("/remove", c.MakeRemoveTokensFunc())
-	group.POST("/disable", c.MakeDisableTokensFunc())
-	group.POST("/enable", c.MakeEnableTokensFunc())
-	group.GET("/proxy/*serverApi", c.MakeProxyFunc())
-}
-
-func (c *HandleController) BasicAuth() gin.HandlerFunc {
-	return func(context *gin.Context) {
-		username, password, _ := context.Request.BasicAuth()
-
-		usernameMatch := username == c.CommonInfo.User
-		passwordMatch := password == c.CommonInfo.Pwd
-
-		if usernameMatch && passwordMatch {
-			context.Next()
-			return
-		}
-
-		if context.Request.RequestURI == "/" {
-			context.Header("WWW-Authenticate", `Basic realm="Restricted", charset="UTF-8"`)
-			context.AbortWithStatus(http.StatusUnauthorized)
-		} else {
-			context.Redirect(http.StatusTemporaryRedirect, "/login")
-		}
-	}
-}
-
 func (c *HandleController) HandleLogin(content *plugin.LoginContent) plugin.Response {
 	token := content.Metas["token"]
 	user := content.User
--- a/pkg/server/controller/register.go
+++ b/pkg/server/controller/register.go
@@ -0,0 +1,58 @@
+package controller
+
+import (
+	"github.com/gin-gonic/gin"
+	"gopkg.in/ini.v1"
+	"os"
+	"path/filepath"
+)
+
+type HandleController struct {
+	CommonInfo CommonInfo
+	Tokens     map[string]TokenInfo
+	Ports      map[string][]string
+	Domains    map[string][]string
+	Subdomains map[string][]string
+	ConfigFile string
+	IniFile    *ini.File
+	Version    string
+}
+
+func NewHandleController(config *HandleController) *HandleController {
+	return config
+}
+
+func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
+	assets := filepath.Join(rootDir, "assets")
+	_, err := os.Stat(assets)
+	if err != nil && !os.IsExist(err) {
+		assets = "./assets"
+	}
+
+	engine.Delims("${", "}")
+	engine.LoadHTMLGlob(filepath.Join(assets, "templates/*"))
+	engine.POST("/handler", c.MakeHandlerFunc())
+	engine.Static("/static", filepath.Join(assets, "static"))
+	engine.GET("/lang.json", c.MakeLangFunc())
+	engine.GET(LoginUrl, c.MakeLoginFunc())
+	engine.POST(LoginUrl, c.MakeLoginFunc())
+	engine.GET(LogoutUrl, c.MakeLogoutFunc())
+
+	var group *gin.RouterGroup
+	if len(c.CommonInfo.User) != 0 {
+		//group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
+		//	c.CommonInfo.User: c.CommonInfo.Pwd,
+		//}, "Restricted"))
+		group = engine.Group("/", c.BasicAuth())
+	} else {
+		group = engine.Group("/")
+	}
+	group.GET("/", c.MakeIndexFunc())
+	group.GET("/tokens", c.MakeQueryTokensFunc())
+	group.POST("/add", c.MakeAddTokenFunc())
+	group.POST("/update", c.MakeUpdateTokensFunc())
+	group.POST("/remove", c.MakeRemoveTokensFunc())
+	group.POST("/disable", c.MakeDisableTokensFunc())
+	group.POST("/enable", c.MakeEnableTokensFunc())
+	group.GET("/proxy/*serverApi", c.MakeProxyFunc())
+}
--- a/pkg/server/controller/variables.go
+++ b/pkg/server/controller/variables.go
@@ -0,0 +1,97 @@
+package controller
+
+import "regexp"
+
+const (
+	Success          = 0
+	ParamError       = 1
+	UserExist        = 2
+	SaveError        = 3
+	UserFormatError  = 4
+	TokenFormatError = 5
+	FrpServerError   = 6
+
+	AuthPrefix      = "Basic "
+	LoginUrl        = "/login"
+	LogoutUrl       = "/logout"
+	LoginSuccessUrl = "/"
+)
+
+var (
+	UserFormatReg    = regexp.MustCompile("^\\w+$")
+	TokenFormatReg   = regexp.MustCompile("^[\\w!@#$%^&*()]+$")
+	TrimAllSpaceReg  = regexp.MustCompile("[\\n\\t\\r\\s]")
+	TrimBreakLineReg = regexp.MustCompile("[\\n\\t\\r]")
+)
+
+type Response struct {
+	Msg string `json:"msg"`
+}
+
+type HTTPError struct {
+	Code int
+	Err  error
+}
+
+type CommonInfo struct {
+	PluginAddr    string
+	PluginPort    int
+	User          string
+	Pwd           string
+	DashboardTLS  bool
+	DashboardAddr string
+	DashboardPort int
+	DashboardUser string
+	DashboardPwd  string
+}
+
+type TokenInfo struct {
+	User       string `json:"user" form:"user"`
+	Token      string `json:"token" form:"token"`
+	Comment    string `json:"comment" form:"comment"`
+	Ports      string `json:"ports" from:"ports"`
+	Domains    string `json:"domains" from:"domains"`
+	Subdomains string `json:"subdomains" from:"subdomains"`
+	Status     bool   `json:"status" form:"status"`
+}
+
+type TokenResponse struct {
+	Code  int         `json:"code"`
+	Msg   string      `json:"msg"`
+	Count int         `json:"count"`
+	Data  []TokenInfo `json:"data"`
+}
+
+type OperationResponse struct {
+	Success bool   `json:"success"`
+	Code    int    `json:"code"`
+	Message string `json:"message"`
+}
+
+type ProxyResponse struct {
+	OperationResponse
+	Data string `json:"data"`
+}
+
+type TokenSearch struct {
+	TokenInfo
+	Page  int `form:"page"`
+	Limit int `form:"limit"`
+}
+
+type TokenUpdate struct {
+	Before TokenInfo `json:"before"`
+	After  TokenInfo `json:"after"`
+}
+
+type TokenRemove struct {
+	Users []TokenInfo `json:"users"`
+}
+
+type TokenDisable struct {
+	TokenRemove
+}
+
+type TokenEnable struct {
+	TokenDisable
+}