http basic auth by jq(not complete)

2026-04-04 06:16:59 +08:00 · 2023-09-12 17:39:25 +08:00
parent 0df98345d5
commit d8c991883c
3 changed files with 29 additions and 29 deletions
--- a/assets/templates/login.html
+++ b/assets/templates/login.html
@@ -22,7 +22,7 @@
            <div class="layui-input-prefix">
                <i class="layui-icon layui-icon-username"></i>
            </div>
-            <input type="text" name="username" value="" lay-verify="required" placeholder="用户名"
+            <input type="text" id="username" value="" lay-verify="required" placeholder="用户名"
                   lay-reqtext="请填写用户名" autocomplete="off" class="layui-input" lay-affix="clear">
        </div>
    </div>
@@ -31,7 +31,7 @@
            <div class="layui-input-prefix">
                <i class="layui-icon layui-icon-password"></i>
            </div>
-            <input type="password" name="password" value="" lay-verify="required" placeholder="密码"
+            <input type="password" id="password" value="" lay-verify="required" placeholder="密码"
                   lay-reqtext="请填写密码" autocomplete="off" class="layui-input" lay-affix="eye">
        </div>
    </div>
@@ -46,13 +46,18 @@
    $(function () {
        $('#login').click(function () {
            $.ajax({
-                url: "/login",
-                type: "post",
-                header: {
-                    Authorization: btoa("admin" + ":" + "admin")
-                },
+                url: "/",
+                username: $('#username').val(),
+                password: $('#password').val(),
                success: function (result) {
                    console.log(result);
+                    window.location.href = "/"
+                },
+                error: function (xhr, status, error) {
+                    if (xhr.status === 401) {
+                        layui.layer.msg('用户名或密码错误');
+                        return false;
+                    }
                }
            });
        });
--- a/pkg/server/controller/controller.go
+++ b/pkg/server/controller/controller.go
@@ -177,16 +177,9 @@ func (c *HandleController) MakeHandlerFunc() gin.HandlerFunc {

 func (c *HandleController) MakeLoginFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
-		method := context.Request.Method
-		if method == "GET" {
-			context.HTML(http.StatusOK, "login.html", gin.H{
-				"version": c.Version,
-			})
-		} else {
-			context.JSON(http.StatusOK, gin.H{
-				"Success": true,
-			})
-		}
+		context.HTML(http.StatusOK, "login.html", gin.H{
+			"version": c.Version,
+		})
 	}
 }

--- a/pkg/server/controller/op.go
+++ b/pkg/server/controller/op.go
@@ -1,7 +1,6 @@
 package controller

 import (
-	"encoding/base64"
 	"fmt"
 	plugin "github.com/fatedier/frp/pkg/plugin/server"
 	"github.com/gin-gonic/gin"
@@ -41,20 +40,19 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	engine.POST("/handler", c.MakeHandlerFunc())
 	engine.Static("/static", filepath.Join(assets, "static"))
 	engine.GET("/login", c.MakeLoginFunc())
+	engine.GET("/lang.json", c.MakeLangFunc())

 	var group *gin.RouterGroup
 	if len(c.CommonInfo.User) != 0 {
 		//group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
 		//	c.CommonInfo.User: c.CommonInfo.Pwd,
 		//}, "Restricted"))
-
-		group = engine.Group("/", c.Authorize())
+		group = engine.Group("/", c.BasicAuth())
 	} else {
 		group = engine.Group("/")
 	}
 	group.POST("/login", c.MakeLoginFunc())
 	group.GET("/", c.MakeIndexFunc())
-	group.GET("/lang.json", c.MakeLangFunc())
 	group.GET("/tokens", c.MakeQueryTokensFunc())
 	group.POST("/add", c.MakeAddTokenFunc())
 	group.POST("/update", c.MakeUpdateTokensFunc())
@@ -64,20 +62,24 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	group.GET("/proxy/*serverApi", c.MakeProxyFunc())
 }

-func (c *HandleController) Authorize() gin.HandlerFunc {
+func (c *HandleController) BasicAuth() gin.HandlerFunc {
 	return func(context *gin.Context) {
-		authorizationFromUser := context.Request.Header.Get("Authorization")
+		username, password, _ := context.Request.BasicAuth()

-		userAndPwd := []byte(c.CommonInfo.User + ":" + c.CommonInfo.Pwd)
-		authorizationFromConfig := "Basic " + base64.StdEncoding.EncodeToString(userAndPwd)
+		usernameMatch := username == c.CommonInfo.User
+		passwordMatch := password == c.CommonInfo.Pwd

-		if authorizationFromUser == authorizationFromConfig {
+		if usernameMatch && passwordMatch {
 			context.Next()
-		} else {
-			context.Abort()
-			context.Redirect(http.StatusTemporaryRedirect, "/login")
 			return
 		}
+
+		if context.Request.RequestURI == "/" {
+			context.Header("WWW-Authenticate", `Basic realm="Restricted", charset="UTF-8"`)
+			context.AbortWithStatus(http.StatusUnauthorized)
+		} else {
+			context.Redirect(http.StatusTemporaryRedirect, "/login")
+		}
 	}
 }