From 466107553e3f7fc59678d7f6ad6085f2693ab0de Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Fri, 3 May 2024 12:09:27 +0800
Subject: [PATCH] =?UTF-8?q?=E5=85=81=E8=AE=B8=E5=8D=95=E4=B8=AA=E8=B4=A6?=
 =?UTF-8?q?=E5=8F=B7=E5=9C=A8=E5=90=8C=E4=B8=80=E4=B8=AAIP=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=E5=A4=9A=E4=B8=AA=E5=AE=A2=E6=88=B7=E7=AB=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/nodes/session_manager.go           |  4 ++--
 internal/web/actions/default/index/index.go | 16 ++++++++++++++--
 2 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/internal/nodes/session_manager.go b/internal/nodes/session_manager.go
index 07a70cff..b6510948 100644
--- a/internal/nodes/session_manager.go
+++ b/internal/nodes/session_manager.go
@@ -73,7 +73,7 @@ func (this *SessionManager) Read(sid string) map[string]string {
 
 func (this *SessionManager) WriteItem(sid string, key string, value string) bool {
 	// 删除缓存
-	defer ttlcache.DefaultCache.Delete( "SESSION@" + sid)
+	defer ttlcache.DefaultCache.Delete("SESSION@" + sid)
 
 	// 忽略OTP
 	if strings.HasSuffix(sid, "_otp") {
@@ -99,7 +99,7 @@ func (this *SessionManager) WriteItem(sid string, key string, value string) bool
 
 func (this *SessionManager) Delete(sid string) bool {
 	// 删除缓存
-	defer ttlcache.DefaultCache.Delete( "SESSION@" + sid)
+	defer ttlcache.DefaultCache.Delete("SESSION@" + sid)
 
 	// 忽略OTP
 	if strings.HasSuffix(sid, "_otp") {
diff --git a/internal/web/actions/default/index/index.go b/internal/web/actions/default/index/index.go
index c1f777b1..20735a45 100644
--- a/internal/web/actions/default/index/index.go
+++ b/internal/web/actions/default/index/index.go
@@ -237,15 +237,27 @@ func (this *IndexAction) RunPost(params struct {
 	}
 
 	// 写入SESSION
+	var currentIP = loginutils.RemoteIP(&this.ActionObject)
 	var localSid = rands.HexString(32)
 	this.Data["localSid"] = localSid
-	this.Data["ip"] = loginutils.RemoteIP(&this.ActionObject)
+	this.Data["ip"] = currentIP
 	params.Auth.StoreAdmin(adminId, params.Remember, localSid)
 
+	// 清理老的SESSION
+	_, err = this.RPC().LoginSessionRPC().ClearOldLoginSessions(this.AdminContext(), &pb.ClearOldLoginSessionsRequest{
+		Sid: this.Session().Sid,
+		Ip:  currentIP,
+	})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
 	// 记录日志
 	err = dao.SharedLogDAO.CreateAdminLog(rpcClient.Context(adminId), oplogs.LevelInfo, this.Request.URL.Path, langs.DefaultMessage(codes.AdminLogin_LogSuccess, params.Username), loginutils.RemoteIP(&this.ActionObject), codes.AdminLogin_LogSuccess, []any{params.Username})
 	if err != nil {
-		utils.PrintError(err)
+		this.ErrorPage(err)
+		return
 	}
 
 	this.Success()