From af7a03b9fc14d2e88ae77c31fbb78797c919234a Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Fri, 10 May 2024 14:28:25 +0800
Subject: [PATCH] =?UTF-8?q?=E5=AE=9E=E7=8E=B0Ticket=E7=99=BB=E5=BD=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/rpc/rpc_client.go                   |  4 ++
 internal/web/actions/default/login/init.go   |  1 +
 internal/web/actions/default/login/ticket.go | 68 ++++++++++++++++++++
 web/views/@default/login/ticket.html         | 14 ++++
 web/views/@default/login/ticket.js           | 13 ++++
 5 files changed, 100 insertions(+)
 create mode 100644 internal/web/actions/default/login/ticket.go
 create mode 100644 web/views/@default/login/ticket.html
 create mode 100644 web/views/@default/login/ticket.js

diff --git a/internal/rpc/rpc_client.go b/internal/rpc/rpc_client.go
index 17521473..753a4e70 100644
--- a/internal/rpc/rpc_client.go
+++ b/internal/rpc/rpc_client.go
@@ -385,6 +385,10 @@ func (this *RPCClient) LoginSessionRPC() pb.LoginSessionServiceClient {
 	return pb.NewLoginSessionServiceClient(this.pickConn())
 }
 
+func (this *RPCClient) LoginTicketRPC() pb.LoginTicketServiceClient {
+	return pb.NewLoginTicketServiceClient(this.pickConn())
+}
+
 func (this *RPCClient) NodeTaskRPC() pb.NodeTaskServiceClient {
 	return pb.NewNodeTaskServiceClient(this.pickConn())
 }
diff --git a/internal/web/actions/default/login/init.go b/internal/web/actions/default/login/init.go
index b59d8b7b..c317f271 100644
--- a/internal/web/actions/default/login/init.go
+++ b/internal/web/actions/default/login/init.go
@@ -9,6 +9,7 @@ func init() {
 		server.
 			Prefix("/login").
 			GetPost("/validate", new(ValidateAction)).
+			Get("/ticket", new(TicketAction)).
 			EndAll()
 	})
 }
diff --git a/internal/web/actions/default/login/ticket.go b/internal/web/actions/default/login/ticket.go
new file mode 100644
index 00000000..05559139
--- /dev/null
+++ b/internal/web/actions/default/login/ticket.go
@@ -0,0 +1,68 @@
+// Copyright 2024 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
+
+package login
+
+import (
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/index/loginutils"
+	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/rands"
+)
+
+type TicketAction struct {
+	actionutils.ParentAction
+}
+
+func (this *TicketAction) Init() {
+	this.Nav("", "", "")
+}
+
+func (this *TicketAction) RunGet(params struct {
+	Ticket   string
+	Redirect string
+	Auth     *helpers.UserShouldAuth
+}) {
+	this.Data["redirect"] = params.Redirect
+	var errorMsg string
+
+	defer func() {
+		this.Data["errorMsg"] = errorMsg
+		this.Show()
+	}()
+
+	if len(params.Ticket) == 0 {
+		errorMsg = "invalid ticket: wrong format"
+		return
+	}
+
+	// TODO 对于错误尝试太多的IP进行处罚
+
+	resp, err := this.RPC().LoginTicketRPC().FindLoginTicketWithValue(this.AdminContext(), &pb.FindLoginTicketWithValueRequest{Value: params.Ticket})
+	if err != nil {
+		this.ErrorPage(err)
+		return
+	}
+
+	if resp.LoginTicket == nil {
+		errorMsg = "invalid ticket: not found"
+		return
+	}
+
+	if resp.LoginTicket.AdminId <= 0 {
+		errorMsg = "invalid ticket: invalid admin id"
+		return
+	}
+
+	var currentIP = loginutils.RemoteIP(&this.ActionObject)
+	if len(resp.LoginTicket.Ip) > 0 && resp.LoginTicket.Ip != currentIP {
+		errorMsg = "invalid ticket: wrong client ip"
+		return
+	}
+
+	var localSid = rands.HexString(32)
+	this.Data["localSid"] = localSid
+	this.Data["ip"] = currentIP
+
+	params.Auth.StoreAdmin(resp.LoginTicket.AdminId, false, localSid)
+}
diff --git a/web/views/@default/login/ticket.html b/web/views/@default/login/ticket.html
new file mode 100644
index 00000000..8b874d1f
--- /dev/null
+++ b/web/views/@default/login/ticket.html
@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html lang="zh">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0">
+    {$TEA.VUE}
+    {$TEA.SEMANTIC}
+</head>
+<body>
+
+<div class="ui message warning" v-if="errorMsg.length > 0">ERROR: {{errorMsg}}</div>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/web/views/@default/login/ticket.js b/web/views/@default/login/ticket.js
new file mode 100644
index 00000000..378923ed
--- /dev/null
+++ b/web/views/@default/login/ticket.js
@@ -0,0 +1,13 @@
+Tea.context(function () {
+	// store information to local
+	localStorage.setItem("sid", this.localSid)
+	localStorage.setItem("ip", this.ip)
+
+	if (this.errorMsg.length == 0) {
+		if (this.redirect.length > 0) {
+			window.location = this.redirect
+		} else {
+			window.location = "/dashboard"
+		}
+	}
+})
\ No newline at end of file