安全设置增加“检查客户端指纹"和"检查客户端区域"选项

2025-11-03 20:40:26 +08:00 · 2023-04-19 18:25:10 +08:00
parent e597cee30d
commit 4414c990d2
9 changed files with 129 additions and 11 deletions
--- a/internal/web/actions/default/index/loginutils/utils.go
+++ b/internal/web/actions/default/index/loginutils/utils.go
@@ -4,16 +4,41 @@ package loginutils

 import (
 	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
+	"github.com/TeaOSLab/EdgeCommon/pkg/iplibrary"
 	"github.com/iwind/TeaGo/actions"
 	stringutil "github.com/iwind/TeaGo/utils/string"
+	"net"
 	"net/http"
 )

 // CalculateClientFingerprint 计算客户端指纹
 func CalculateClientFingerprint(action *actions.ActionObject) string {
-	return stringutil.Md5(action.RequestRemoteIP() + "@" + action.Request.UserAgent())
+	return stringutil.Md5(RemoteIP(action) + "@" + action.Request.UserAgent())
 }

+// RemoteIP 获取客户端IP
+// TODO 将来增加是否使用代理设置（即从X-Real-IP中获取IP）
+func RemoteIP(action *actions.ActionObject) string {
+	ip, _, _ := net.SplitHostPort(action.Request.RemoteAddr)
+	return ip
+}
+
+// LookupIPRegion 查找登录区域
+func LookupIPRegion(ip string) string {
+	if len(ip) == 0 {
+		return ""
+	}
+
+	var result = iplibrary.LookupIP(ip)
+	if result != nil && result.IsOk() {
+		// 这里不需要网络运营商信息
+		return result.CountryName() + "@" + result.ProvinceName() + "@" + result.CityName() + "@" + result.TownName()
+	}
+
+	return ""
+}
+
+// SetCookie 设置Cookie
 func SetCookie(action *actions.ActionObject, remember bool) {
 	if remember {
 		var cookie = &http.Cookie{
@@ -44,6 +69,7 @@ func SetCookie(action *actions.ActionObject, remember bool) {
 	}
 }

+// UnsetCookie 重置Cookie
 func UnsetCookie(action *actions.ActionObject) {
 	cookie := &http.Cookie{
 		Name:     teaconst.CookieSID,
--- a/internal/web/actions/default/settings/security/index.go
+++ b/internal/web/actions/default/settings/security/index.go
@@ -79,6 +79,9 @@ func (this *IndexAction) RunPost(params struct {
 	DenySearchEngines bool
 	DenySpiders       bool

+	CheckClientFingerprint bool
+	CheckClientRegion      bool
+
 	DomainsJSON []byte

 	Must *actions.Must
@@ -150,6 +153,10 @@ func (this *IndexAction) RunPost(params struct {
 	// 允许记住登录
 	config.AllowRememberLogin = params.AllowRememberLogin

+	// Cookie检查
+	config.CheckClientFingerprint = params.CheckClientFingerprint
+	config.CheckClientRegion = params.CheckClientRegion
+
 	err = configloaders.UpdateSecurityConfig(config)
 	if err != nil {
 		this.ErrorPage(err)