mirror of
https://github.com/AlistGo/alist.git
synced 2025-09-15 12:58:42 +08:00
c64f899a63
Some checks failed
auto_lang / auto generate lang.json (1.21, ubuntu-latest) (push) Has been cancelled
beta release / Beta Release Changelog (1.21, ubuntu-latest) (push) Has been cancelled
build / Build (ubuntu-latest, android-arm64) (push) Has been cancelled
build / Build (ubuntu-latest, darwin-amd64) (push) Has been cancelled
build / Build (ubuntu-latest, darwin-arm64) (push) Has been cancelled
build / Build (ubuntu-latest, linux-amd64-musl) (push) Has been cancelled
build / Build (ubuntu-latest, linux-arm64-musl) (push) Has been cancelled
build / Build (ubuntu-latest, windows-amd64) (push) Has been cancelled
build / Build (ubuntu-latest, windows-arm64) (push) Has been cancelled
release_docker / Build Binaries for Docker Release (push) Has been cancelled
beta release / Beta Release (md5, !(*musl*|*windows-arm64*|*android*|*freebsd*)) (push) Has been cancelled
beta release / Beta Release (md5-android, android-*) (push) Has been cancelled
beta release / Beta Release (md5-freebsd, freebsd-*) (push) Has been cancelled
beta release / Beta Release (md5-linux-musl, linux-!(arm*)-musl*) (push) Has been cancelled
beta release / Beta Release (md5-linux-musl-arm, linux-arm*-musl*) (push) Has been cancelled
beta release / Beta Release (md5-windows-arm64, windows-arm64) (push) Has been cancelled
beta release / Beta Release Desktop (push) Has been cancelled
release_docker / Release Docker image (, latest, ) (push) Has been cancelled
release_docker / Release Docker image (INSTALL_ARIA2=true, aria2, suffix=-aria2,onlatest=true) (push) Has been cancelled
release_docker / Release Docker image (INSTALL_FFMPEG=true
INSTALL_ARIA2=true
, aio, suffix=-aio,onlatest=true) (push) Has been cancelled
release_docker / Release Docker image (INSTALL_FFMPEG=true, ffmpeg, suffix=-ffmpeg,onlatest=true) (push) Has been cancelled
* feat(auth): Added device session management - Added the `handleSession` function to manage user device sessions and verify client identity - Updated `auth.go` to call `handleSession` for device handling when a user logs in - Added the `Session` model to database migrations - Added `device.go` and `session.go` files to handle device session logic - Updated `settings.go` to add device-related configuration items, such as the maximum number of devices, device eviction policy, and session TTL * feat(session): Adds session management features - Added `SessionInactive` error type in `device.go` - Added session-related APIs in `router.go` to support listing and evicting sessions - Added `ListSessionsByUser`, `ListSessions`, and `MarkInactive` methods in `session.go` - Returns an appropriate error when the session state is `SessionInactive` * feat(auth): Marks the device session as invalid. - Import the `session` package into the `auth` module to handle device session status. - Add a check in the login logic. If `device_key` is obtained, call `session.MarkInactive` to mark the device session as invalid. - Store the invalid status in the context variable `session_inactive` for subsequent middleware checks. - Add a check in the session refresh logic to abort the process if the current session has been marked invalid. * feat(auth, session): Added device information processing and session management changes - Updated device handling logic in `auth.go` to pass user agent and IP information - Adjusted database queries in `session.go` to optimize session query fields and add `user_agent` and `ip` fields - Modified the `Handle` method to add `ua` and `ip` parameters to store the user agent and IP address - Added the `SessionResp` structure to return a session response containing `user_agent` and `ip` - Updated the `/admin/user/create` and `/webdav` endpoints to pass the user agent and IP address to the device handler
93 lines
2.1 KiB
Go
93 lines
2.1 KiB
Go
package handles
|
|
|
|
import (
|
|
"github.com/alist-org/alist/v3/internal/db"
|
|
"github.com/alist-org/alist/v3/internal/model"
|
|
"github.com/alist-org/alist/v3/server/common"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
type SessionResp struct {
|
|
SessionID string `json:"session_id"`
|
|
UserID uint `json:"user_id,omitempty"`
|
|
LastActive int64 `json:"last_active"`
|
|
Status int `json:"status"`
|
|
UA string `json:"ua"`
|
|
IP string `json:"ip"`
|
|
}
|
|
|
|
func ListMySessions(c *gin.Context) {
|
|
user := c.MustGet("user").(*model.User)
|
|
sessions, err := db.ListSessionsByUser(user.ID)
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
resp := make([]SessionResp, len(sessions))
|
|
for i, s := range sessions {
|
|
resp[i] = SessionResp{
|
|
SessionID: s.DeviceKey,
|
|
LastActive: s.LastActive,
|
|
Status: s.Status,
|
|
UA: s.UserAgent,
|
|
IP: s.IP,
|
|
}
|
|
}
|
|
common.SuccessResp(c, resp)
|
|
}
|
|
|
|
type EvictSessionReq struct {
|
|
SessionID string `json:"session_id"`
|
|
}
|
|
|
|
func EvictMySession(c *gin.Context) {
|
|
var req EvictSessionReq
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
common.ErrorResp(c, err, 400)
|
|
return
|
|
}
|
|
user := c.MustGet("user").(*model.User)
|
|
if _, err := db.GetSession(user.ID, req.SessionID); err != nil {
|
|
common.ErrorResp(c, err, 400)
|
|
return
|
|
}
|
|
if err := db.MarkInactive(req.SessionID); err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
common.SuccessResp(c)
|
|
}
|
|
|
|
func ListSessions(c *gin.Context) {
|
|
sessions, err := db.ListSessions()
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
resp := make([]SessionResp, len(sessions))
|
|
for i, s := range sessions {
|
|
resp[i] = SessionResp{
|
|
SessionID: s.DeviceKey,
|
|
UserID: s.UserID,
|
|
LastActive: s.LastActive,
|
|
Status: s.Status,
|
|
UA: s.UserAgent,
|
|
IP: s.IP,
|
|
}
|
|
}
|
|
common.SuccessResp(c, resp)
|
|
}
|
|
|
|
func EvictSession(c *gin.Context) {
|
|
var req EvictSessionReq
|
|
if err := c.ShouldBindJSON(&req); err != nil {
|
|
common.ErrorResp(c, err, 400)
|
|
return
|
|
}
|
|
if err := db.MarkInactive(req.SessionID); err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
common.SuccessResp(c)
|
|
}
|