add secret token

2021-12-04 12:06:45 +08:00 · 2021-12-04 12:06:45 +08:00 · ce0d1bbe41
parent bf86e70755
commit ce0d1bbe41
9 changed files with 79 additions and 17 deletions
--- a/.gitignore
+++ b/.gitignore
@ -3,4 +3,4 @@
 bindata.go
 *.exe
 gin.log
-config/config.json
+config.json
--- a/script/config.go
+++ b/script/config.go
@ -9,6 +9,7 @@ import (
 	"strings"
 )

+var serverSecret string
 var serverConfig Config
 var ledgerConfigMap map[string]Config
 var ledgerAccountsMap map[string][]Account
@ -310,6 +311,19 @@ func WriteLedgerConfigMap(newLedgerConfigMap map[string]Config) error {
 	return err
 }

+func GenerateServerSecret(secret string) string {
+	if secret == "" {
+		serverSecret = RandChar(16)
+	} else {
+		serverSecret = secret
+	}
+	return serverSecret
+}
+
+func EqualServerSecret(secret string) bool {
+	return serverSecret == secret
+}
+
 func GetCommoditySymbol(commodity string) string {
 	switch commodity {
 	case "CNY":
--- a/script/paths.go
+++ b/script/paths.go
@ -3,11 +3,11 @@ package script
 import "os"

 func GetServerConfigFilePath() string {
-	return "./config/config.json"
+	return "./config.json"
 }

 func GetServerWhiteListFilePath() string {
-	return "./config/white_list.json"
+	return "./white_list.json"
 }

 func GetServerLedgerConfigFilePath() string {
--- a/script/platform.go
+++ b/script/platform.go
@ -0,0 +1,21 @@
+package script
+
+import (
+	"os/exec"
+	"runtime"
+)
+
+func isWindows() bool {
+	os := runtime.GOOS
+	return os == "windows"
+}
+
+func OpenBrowser(url string) {
+	if isWindows() {
+		cmd := exec.Command("cmd", "/C", "start", url)
+		err := cmd.Start()
+		if err != nil {
+			LogSystemError("Failed to open browser, error is " + err.Error())
+		}
+	}
+}
--- a/script/utils.go
+++ b/script/utils.go
@ -1,7 +1,10 @@
 package script

 import (
+	"bytes"
+	"math/rand"
 	"net"
+	"time"
 )

 func GetIpAddress() string {
@ -15,3 +18,14 @@ func GetIpAddress() string {
 	}
 	return ""
 }
+
+const char = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
+
+func RandChar(size int) string {
+	rand.NewSource(time.Now().UnixNano()) // 产生随机种子
+	var s bytes.Buffer
+	for i := 0; i < size; i++ {
+		s.WriteByte(char[rand.Int63()%int64(len(char))])
+	}
+	return s.String()
+}
--- a/server.go
+++ b/server.go
@ -1,13 +1,14 @@
 package main

 import (
+	"flag"
+	"fmt"
 	"github.com/beancount-gs/script"
 	"github.com/beancount-gs/service"
 	"github.com/gin-gonic/gin"
 	"io"
 	"net/http"
 	"os"
-	"os/exec"
 )

 func InitServerFiles() error {
@ -86,6 +87,12 @@ func RegisterRouter(router *gin.Engine) {
 }

 func main() {
+	var secret string
+	var port int
+	flag.StringVar(&secret, "secret", "", "服务器密钥")
+	flag.IntVar(&port, "p", 3001, "端口号")
+	flag.Parse()
+
 	// 读取配置文件
 	err := script.LoadServerConfig()
 	if err != nil {
@ -115,24 +122,21 @@ func main() {
 	router := gin.Default()
 	// 注册路由
 	RegisterRouter(router)
-	// 启动服务
-	var port = ":3001"
-	url := "http://localhost" + port
+
+	portStr := fmt.Sprintf(":%d", port)
+	url := "http://localhost" + portStr
 	ip := script.GetIpAddress()
 	startLog := "beancount-gs start at " + url
 	if ip != "" {
-		startLog += " or http://" + ip + port
+		startLog += " or http://" + ip + portStr
 	}
 	script.LogSystemInfo(startLog)
-
-	// cmd /c start
-	cmd := exec.Command("cmd", "/C", "start", url)
-	err = cmd.Start()
-	if err != nil {
-		script.LogSystemError("Failed to open browser, error is " + err.Error())
-	}
-
-	err = router.Run(port)
+	// 打开浏览器
+	script.OpenBrowser(url)
+	// 打印密钥
+	script.LogSystemInfo("Secret token is " + script.GenerateServerSecret(secret))
+	// 启动服务
+	err = router.Run(portStr)
 	if err != nil {
 		script.LogSystemError("Failed to start server, " + err.Error())
 	}
--- a/service/error.go
+++ b/service/error.go
@ -36,3 +36,7 @@ func LedgerIsNotAllowAccess(c *gin.Context) {
 func DuplicateAccount(c *gin.Context) {
 	c.JSON(http.StatusOK, gin.H{"code": 1007})
 }
+
+func ServerSecretNotMatch(c *gin.Context) {
+	c.JSON(http.StatusOK, gin.H{"code": 1008})
+}
--- a/service/ledger.go
+++ b/service/ledger.go
@ -27,6 +27,7 @@ func QueryServerConfig(c *gin.Context) {
 }

 type UpdateConfigForm struct {
+	Secret            string `form:"secret" binding:"required"`
 	StartDate         string `form:"startDate" binding:"required"`
 	DataPath          string `form:"dataPath" binding:"required"`
 	OperatingCurrency string `form:"operatingCurrency" binding:"required"`
@ -40,6 +41,10 @@ func UpdateServerConfig(c *gin.Context) {
 		BadRequest(c, err.Error())
 		return
 	}
+	if !script.EqualServerSecret(updateConfigForm.Secret) {
+		ServerSecretNotMatch(c)
+		return
+	}
 	var serverConfig = script.Config{
 		OperatingCurrency: updateConfigForm.OperatingCurrency,
 		DataPath:          updateConfigForm.DataPath,
--- a/config/white_list.json
+++ b/config/white_list.json