102 lines
2.4 KiB
Go
102 lines
2.4 KiB
Go
package walls
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
"time"
|
|
)
|
|
|
|
import (
|
|
"github.com/ihexxa/quickshare/server/libs/cfg"
|
|
"github.com/ihexxa/quickshare/server/libs/encrypt"
|
|
"github.com/ihexxa/quickshare/server/libs/limiter"
|
|
)
|
|
|
|
type AccessWalls struct {
|
|
cf *cfg.Config
|
|
IpLimiter limiter.Limiter
|
|
OpLimiter limiter.Limiter
|
|
EncrypterMaker encrypt.EncrypterMaker
|
|
}
|
|
|
|
func NewAccessWalls(
|
|
cf *cfg.Config,
|
|
ipLimiter limiter.Limiter,
|
|
opLimiter limiter.Limiter,
|
|
encrypterMaker encrypt.EncrypterMaker,
|
|
) Walls {
|
|
return &AccessWalls{
|
|
cf: cf,
|
|
IpLimiter: ipLimiter,
|
|
OpLimiter: opLimiter,
|
|
EncrypterMaker: encrypterMaker,
|
|
}
|
|
}
|
|
|
|
func (walls *AccessWalls) PassIpLimit(remoteAddr string) bool {
|
|
if !walls.cf.Production {
|
|
return true
|
|
}
|
|
return walls.IpLimiter.Access(remoteAddr, walls.cf.OpIdIpVisit)
|
|
|
|
}
|
|
|
|
func (walls *AccessWalls) PassOpLimit(resourceId string, opId int16) bool {
|
|
if !walls.cf.Production {
|
|
return true
|
|
}
|
|
return walls.OpLimiter.Access(resourceId, opId)
|
|
}
|
|
|
|
func (walls *AccessWalls) PassLoginCheck(tokenStr string, req *http.Request) bool {
|
|
if !walls.cf.Production {
|
|
return true
|
|
}
|
|
|
|
return walls.passLoginCheck(tokenStr)
|
|
}
|
|
|
|
func (walls *AccessWalls) passLoginCheck(tokenStr string) bool {
|
|
token, getLoginTokenOk := walls.GetLoginToken(tokenStr)
|
|
return getLoginTokenOk && token.AdminId == walls.cf.AdminId
|
|
}
|
|
|
|
func (walls *AccessWalls) GetLoginToken(tokenStr string) (*LoginToken, bool) {
|
|
tokenMaker := walls.EncrypterMaker(string(walls.cf.SecretKeyByte))
|
|
if !tokenMaker.FromStr(tokenStr) {
|
|
return nil, false
|
|
}
|
|
|
|
adminIdFromToken, adminIdOk := tokenMaker.Get(walls.cf.KeyAdminId)
|
|
expiresStr, expiresStrOk := tokenMaker.Get(walls.cf.KeyExpires)
|
|
if !adminIdOk || !expiresStrOk {
|
|
return nil, false
|
|
}
|
|
|
|
expires, expiresParseErr := strconv.ParseInt(expiresStr, 10, 64)
|
|
if expiresParseErr != nil ||
|
|
adminIdFromToken != walls.cf.AdminId ||
|
|
expires <= time.Now().Unix() {
|
|
return nil, false
|
|
}
|
|
|
|
return &LoginToken{
|
|
AdminId: adminIdFromToken,
|
|
Expires: expires,
|
|
}, true
|
|
}
|
|
|
|
func (walls *AccessWalls) MakeLoginToken(userId string) string {
|
|
expires := time.Now().Add(time.Duration(walls.cf.CookieMaxAge) * time.Second).Unix()
|
|
|
|
tokenMaker := walls.EncrypterMaker(string(walls.cf.SecretKeyByte))
|
|
tokenMaker.Add(walls.cf.KeyAdminId, userId)
|
|
tokenMaker.Add(walls.cf.KeyExpires, fmt.Sprintf("%d", expires))
|
|
|
|
tokenStr, ok := tokenMaker.ToStr()
|
|
if !ok {
|
|
return ""
|
|
}
|
|
return tokenStr
|
|
}
|