增加“极验-行为验”验证码集成支持

2025-11-04 13:10:26 +08:00 · 2023-11-29 16:57:58 +08:00
parent 7deaa678bc
commit 0d21fc27ab
7 changed files with 117 additions and 20 deletions
--- a/internal/web/actions/default/servers/components/waf/index.go
+++ b/internal/web/actions/default/servers/components/waf/index.go
@@ -31,8 +31,8 @@ func (this *IndexAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	count := countResp.Count
-	page := this.NewPage(count)
+	var count = countResp.Count
+	var page = this.NewPage(count)

 	listResp, err := this.RPC().HTTPFirewallPolicyRPC().ListEnabledHTTPFirewallPolicies(this.AdminContext(), &pb.ListEnabledHTTPFirewallPoliciesRequest{
 		NodeClusterId: params.ClusterId,
@@ -44,10 +44,10 @@ func (this *IndexAction) RunGet(params struct {
 		this.ErrorPage(err)
 		return
 	}
-	policyMaps := []maps.Map{}
+	var policyMaps = []maps.Map{}
 	for _, policy := range listResp.HttpFirewallPolicies {
-		countInbound := 0
-		countOutbound := 0
+		var countInbound = 0
+		var countOutbound = 0
 		if len(policy.InboundJSON) > 0 {
 			inboundConfig := &firewallconfigs.HTTPFirewallInboundConfig{}
 			err = json.Unmarshal(policy.InboundJSON, inboundConfig)
@@ -72,7 +72,7 @@ func (this *IndexAction) RunGet(params struct {
 			this.ErrorPage(err)
 			return
 		}
-		countClusters := countClustersResp.Count
+		var countClusters = countClustersResp.Count

 		// mode
 		if len(policy.Mode) == 0 {
--- a/internal/web/actions/default/servers/components/waf/update.go
+++ b/internal/web/actions/default/servers/components/waf/update.go
@@ -141,6 +141,23 @@ func (this *UpdateAction) RunPost(params struct {
 		this.Fail("验证码动作参数校验失败：" + err.Error())
 	}

+	// 检查极验配置
+	if captchaOptions.CaptchaType == firewallconfigs.CaptchaTypeGeeTest || captchaOptions.GeeTestConfig.IsOn {
+		if captchaOptions.CaptchaType == firewallconfigs.CaptchaTypeGeeTest && !captchaOptions.GeeTestConfig.IsOn {
+			this.Fail("人机识别动作配置的默认验证方式为极验-行为验，所以需要选择允许用户使用极验")
+			return
+		}
+
+		if len(captchaOptions.GeeTestConfig.CaptchaId) == 0 {
+			this.FailField("geetestCaptchaId", "请输入极验-验证ID")
+			return
+		}
+		if len(captchaOptions.GeeTestConfig.CaptchaKey) == 0 {
+			this.FailField("geetestCaptchaKey", "请输入极验-验证Key")
+			return
+		}
+	}
+
 	// 最大内容尺寸
 	if params.MaxRequestBodySize < 0 {
 		params.MaxRequestBodySize = 0
--- a/internal/web/actions/default/servers/server/settings/locations/waf/index.go
+++ b/internal/web/actions/default/servers/server/settings/locations/waf/index.go
@@ -1,6 +1,7 @@
 package waf

 import (
+	"encoding/json"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
@@ -37,12 +38,23 @@ func (this *IndexAction) RunGet(params struct {
 		return
 	}
 	if firewallPolicy != nil {
+		// captcha action
+		var captchaOptions = firewallconfigs.DefaultHTTPFirewallCaptchaAction()
+		if len(firewallPolicy.CaptchaOptionsJSON) > 0 {
+			err = json.Unmarshal(firewallPolicy.CaptchaOptionsJSON, captchaOptions)
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+		}
+
 		this.Data["firewallPolicy"] = maps.Map{
-			"id":       firewallPolicy.Id,
-			"name":     firewallPolicy.Name,
-			"isOn":     firewallPolicy.IsOn,
-			"mode":     firewallPolicy.Mode,
-			"modeInfo": firewallconfigs.FindFirewallMode(firewallPolicy.Mode),
+			"id":             firewallPolicy.Id,
+			"name":           firewallPolicy.Name,
+			"isOn":           firewallPolicy.IsOn,
+			"mode":           firewallPolicy.Mode,
+			"modeInfo":       firewallconfigs.FindFirewallMode(firewallPolicy.Mode),
+			"captchaOptions": captchaOptions,
 		}
 	} else {
 		this.Data["firewallPolicy"] = nil
--- a/internal/web/actions/default/servers/server/settings/waf/index.go
+++ b/internal/web/actions/default/servers/server/settings/waf/index.go
@@ -1,6 +1,7 @@
 package waf

 import (
+	"encoding/json"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/langs/codes"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/dao"
@@ -50,12 +51,23 @@ func (this *IndexAction) RunGet(params struct {
 		return
 	}
 	if firewallPolicy != nil {
+		// captcha action
+		var captchaOptions = firewallconfigs.DefaultHTTPFirewallCaptchaAction()
+		if len(firewallPolicy.CaptchaOptionsJSON) > 0 {
+			err = json.Unmarshal(firewallPolicy.CaptchaOptionsJSON, captchaOptions)
+			if err != nil {
+				this.ErrorPage(err)
+				return
+			}
+		}
+
 		this.Data["firewallPolicy"] = maps.Map{
-			"id":       firewallPolicy.Id,
-			"name":     firewallPolicy.Name,
-			"isOn":     firewallPolicy.IsOn,
-			"mode":     firewallPolicy.Mode,
-			"modeInfo": firewallconfigs.FindFirewallMode(firewallPolicy.Mode),
+			"id":            firewallPolicy.Id,
+			"name":          firewallPolicy.Name,
+			"isOn":          firewallPolicy.IsOn,
+			"mode":          firewallPolicy.Mode,
+			"modeInfo":      firewallconfigs.FindFirewallMode(firewallPolicy.Mode),
+			"captchaAction": captchaOptions,
 		}
 	} else {
 		this.Data["firewallPolicy"] = nil
--- a/web/public/js/components/server/http-firewall-captcha-options-viewer.js
+++ b/web/public/js/components/server/http-firewall-captcha-options-viewer.js
@@ -57,6 +57,11 @@ Vue.component("http-firewall-captcha-options-viewer", {
 					summaryList.push("定制UI")
 				}
 			}
+
+			if (this.options.geeTestConfig.isOn) {
+				summaryList.push("已配置极验")
+			}
+
 			if (summaryList.length == 0) {
 				this.summary = "默认配置"
 			} else {
--- a/web/public/js/components/server/http-firewall-captcha-options.js
+++ b/web/public/js/components/server/http-firewall-captcha-options.js
@@ -22,7 +22,12 @@ Vue.component("http-firewall-captcha-options", {
 				uiFooter: "",
 				uiBody: "",
 				cookieId: "",
-				lang: ""
+				lang: "",
+				geeTestConfig: {
+					isOn: false,
+					captchaId: "",
+					captchaKey: ""
+				}
 			}
 		}
 		if (options.countLetters <= 0) {
@@ -33,6 +38,7 @@ Vue.component("http-firewall-captcha-options", {
 			options.captchaType = "default"
 		}

+
 		return {
 			options: options,
 			isEditing: false,
@@ -92,6 +98,9 @@ Vue.component("http-firewall-captcha-options", {
 			} else {
 				this.uiBodyWarning = ""
 			}
+		},
+		"options.geeTestConfig.isOn": function (v) {
+			this.updateSummary()
 		}
 	},
 	methods: {
@@ -127,6 +136,10 @@ Vue.component("http-firewall-captcha-options", {
 				}
 			}

+			if (this.options.geeTestConfig.isOn) {
+				summaryList.push("已配置极验")
+			}
+
 			if (summaryList.length == 0) {
 				this.summary = "默认配置"
 			} else {
@@ -202,7 +215,6 @@ Vue.component("http-firewall-captcha-options", {
 					<td class="color-border">定制UI</td>
 					<td><checkbox v-model="options.uiIsOn"></checkbox></td>
 				</tr>
-				
 			</tbody>
 			<tbody v-show="options.uiIsOn && options.captchaType == 'default'">
 				<tr>
@@ -254,6 +266,31 @@ Vue.component("http-firewall-captcha-options", {
 				</tr>
 			</tbody>
 		</table>
+		
+		<table class="ui table definition selectable">
+			<tr>
+				<td class="title">允许用户使用极验</td>
+				<td><checkbox v-model="options.geeTestConfig.isOn"></checkbox>
+					<p class="comment">选中后，表示允许用户在WAF设置中选择极验。</p>
+				</td>
+			</tr>
+			<tbody v-show="options.geeTestConfig.isOn">
+				<tr>
+					<td class="color-border">极验-验证ID *</td>
+					<td>
+						<input type="text" maxlength="100" name="geetestCaptchaId" v-model="options.geeTestConfig.captchaId" spellcheck="false"/>
+						<p class="comment">在极验控制台--业务管理中获取。</p>
+					</td>
+				</tr>
+				<tr>
+					<td class="color-border">极验-验证Key *</td>
+					<td>
+						<input type="text" maxlength="100" name="geetestCaptchaKey" v-model="options.geeTestConfig.captchaKey" spellcheck="false"/>
+						<p class="comment">在极验控制台--业务管理中获取。</p>
+					</td>
+				</tr>
+			</tbody>
+		</table>
 	</div>
 </div>
 `
--- a/web/public/js/components/server/http-firewall-config-box.js
+++ b/web/public/js/components/server/http-firewall-config-box.js
@@ -16,11 +16,25 @@ Vue.component("http-firewall-config-box", {
 			firewall.defaultCaptchaType = "none"
 		}

+		let allCaptchaTypes = window.WAF_CAPTCHA_TYPES.$copy()
+
+		// geetest
+		let geeTestIsOn = false
+		if (this.vFirewallPolicy != null && this.vFirewallPolicy.captchaAction != null && this.vFirewallPolicy.captchaAction.geeTestConfig != null) {
+			geeTestIsOn = this.vFirewallPolicy.captchaAction.geeTestConfig.isOn
+		}
+
+		// 如果没有启用geetest，则还原
+		if (!geeTestIsOn && firewall.defaultCaptchaType == "geetest") {
+			firewall.defaultCaptchaType = "none"
+		}
+
 		return {
 			firewall: firewall,
 			moreOptionsVisible: false,
 			execGlobalRules: !firewall.ignoreGlobalRules,
-			captchaTypes: window.WAF_CAPTCHA_TYPES
+			captchaTypes: allCaptchaTypes,
+			geeTestIsOn: geeTestIsOn
 		}
 	},
 	watch: {
@@ -66,7 +80,7 @@ Vue.component("http-firewall-config-box", {
 				<td>
 					<select class="ui dropdown auto-width" v-model="firewall.defaultCaptchaType">
 						<option value="none">默认</option>
-						<option v-for="captchaType in captchaTypes" :value="captchaType.code">{{captchaType.name}}</option>
+						<option v-for="captchaType in captchaTypes" v-if="captchaType.code != 'geetest' || geeTestIsOn" :value="captchaType.code">{{captchaType.name}}</option>
 					</select>
 					<p class="comment" v-if="firewall.defaultCaptchaType == 'none'">使用系统默认的设置。</p>
 					<p class="comment" v-for="captchaType in captchaTypes" v-if="captchaType.code == firewall.defaultCaptchaType">{{captchaType.description}}</p>