优化系统用户登录校验

internal/web/actions/default/csrf/token.go

@@ -30,7 +30,7 @@ func (this *TokenAction) RunGet(params struct {
 	}()
 
 	// 没有登录，则限制请求速度
-	if params.Auth.AdminId() <= 0 && lastTimestamp > 0 && time.Now().Unix()-lastTimestamp <= 1 {
+	if params.Auth.AdminId() <= 0 && lastTimestamp > 0 && time.Now().Unix()-lastTimestamp <= 0 {
 		this.Fail("请求速度过快，请稍后刷新后重试")
 	}
 

internal/web/actions/default/servers/index.go

@@ -2,6 +2,7 @@ package servers
 
 import (
 	"encoding/json"
+	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
 	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
@@ -136,6 +137,15 @@ func (this *IndexAction) RunGet(params struct {
 			}
 		}
 
+		// 用户
+		var userMap maps.Map = nil
+		if server.User != nil {
+			userMap = maps.Map{
+				"id":       server.User.Id,
+				"fullname": server.User.Fullname,
+			}
+		}
+
 		serverMaps = append(serverMaps, maps.Map{
 			"id":   server.Id,
 			"isOn": server.IsOn,
@@ -149,6 +159,7 @@ func (this *IndexAction) RunGet(params struct {
 			"groups":           groupMaps,
 			"serverNames":      serverNames,
 			"countServerNames": countServerNames,
+			"user":             userMap,
 		})
 	}
 	this.Data["servers"] = serverMaps
@@ -178,5 +189,8 @@ func (this *IndexAction) RunGet(params struct {
 	}
 	this.Data["groups"] = groupMaps
 
+	// 是否有用户管理权限
+	this.Data["canVisitUser"] = configloaders.AllowModule(this.AdminId(), configloaders.AdminModuleCodeUser)
+
 	this.Show()
 }

internal/web/helpers/user_must_auth.go

@@ -3,10 +3,7 @@ package helpers
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
 	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
-	nodes "github.com/TeaOSLab/EdgeAdmin/internal/rpc"
 	"github.com/TeaOSLab/EdgeAdmin/internal/setup"
-	"github.com/TeaOSLab/EdgeAdmin/internal/utils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/actions"
 	"github.com/iwind/TeaGo/maps"
 	"net/http"
@@ -49,11 +46,20 @@ func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramNam
 
 	var session = action.Session()
 	var adminId = session.GetInt64("adminId")
+
 	if adminId <= 0 {
 		this.login(action)
 		return false
 	}
 
+	// 检查用户是否存在
+	if !configloaders.CheckAdmin(adminId) {
+		session.Delete()
+
+		this.login(action)
+		return false
+	}
+
 	// 检查用户权限
 	if len(this.module) > 0 && !configloaders.AllowModule(adminId, this.module) {
 		action.ResponseWriter.WriteHeader(http.StatusForbidden)
@@ -61,28 +67,6 @@ func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramNam
 		return false
 	}
 
-	// 检查用户是否存在
-	rpc, err := nodes.SharedRPC()
-	if err != nil {
-		action.WriteString("setup rpc error: " + err.Error())
-		utils.PrintError(err)
-		return false
-	}
-
-	rpcResp, err := rpc.AdminRPC().CheckAdminExists(rpc.Context(0), &pb.CheckAdminExistsRequest{AdminId: adminId})
-	if err != nil {
-		utils.PrintError(err)
-		action.WriteString(teaconst.ErrServer)
-		return false
-	}
-
-	if !rpcResp.IsOk {
-		session.Delete()
-
-		this.login(action)
-		return false
-	}
-
 	this.AdminId = adminId
 	action.Context.Set("adminId", this.AdminId)
 
@@ -104,14 +88,7 @@ func (this *userMustAuth) BeforeAction(actionPtr actions.ActionWrapper, paramNam
 	action.Data["teaShowVersion"] = config.ShowVersion
 	action.Data["teaTitle"] = config.AdminSystemName
 	action.Data["teaName"] = config.ProductName
-
-	resp, err := rpc.AdminRPC().FindAdminFullname(rpc.Context(0), &pb.FindAdminFullnameRequest{AdminId: this.AdminId})
-	if err != nil {
-		utils.PrintError(err)
-		action.Data["teaUsername"] = ""
-	} else {
-		action.Data["teaUsername"] = resp.Fullname
-	}
+	action.Data["teaUsername"] = configloaders.FindAdminFullname(adminId)
 
 	action.Data["teaUserAvatar"] = ""
 

internal/web/helpers/user_should_auth.go

@@ -2,6 +2,7 @@ package helpers
 
 import (
 	"github.com/TeaOSLab/EdgeAdmin/internal/configloaders"
+	teaconst "github.com/TeaOSLab/EdgeAdmin/internal/const"
 	"github.com/TeaOSLab/EdgeAdmin/internal/utils/numberutils"
 	"github.com/iwind/TeaGo/actions"
 	"net/http"
@@ -38,7 +39,7 @@ func (this *UserShouldAuth) StoreAdmin(adminId int64, remember bool) {
 	// 修改sid的时间
 	if remember {
 		cookie := &http.Cookie{
-			Name:     "sid",
+			Name:     teaconst.CookieSID,
 			Value:    this.action.Session().Sid,
 			Path:     "/",
 			MaxAge:   14 * 86400,
@@ -51,7 +52,7 @@ func (this *UserShouldAuth) StoreAdmin(adminId int64, remember bool) {
 		this.action.AddCookie(cookie)
 	} else {
 		cookie := &http.Cookie{
-			Name:     "sid",
+			Name:     teaconst.CookieSID,
 			Value:    this.action.Session().Sid,
 			Path:     "/",
 			MaxAge:   0,