使用本地SID二次校验增强管理系统安全性

2025-11-04 05:00:25 +08:00 · 2024-04-08 10:24:10 +08:00
parent af4d19ee5a
commit fcd69a4e65
12 changed files with 195 additions and 24 deletions
--- a/web/views/@default/index/index.js
+++ b/web/views/@default/index/index.js
@@ -39,14 +39,21 @@ Tea.context(function () {
 	};

 	this.submitSuccess = function (resp) {
-		if (resp.data.requireOTP) {
-			window.location = "/index/otp?sid=" + resp.data.sid + "&remember=" + (resp.data.remember ? 1 : 0) + "&from=" + window.encodeURIComponent(this.from)
-			return
-		}
-		if (this.from.length == 0) {
-			window.location = "/dashboard";
-		} else {
-			window.location = this.from;
-		}
+		// store information to local
+		localStorage.setItem("sid", resp.data.localSid)
+		localStorage.setItem("ip", resp.data.ip)
+
+		// redirect back
+		this.$delay(function () {
+			if (resp.data.requireOTP) {
+				window.location = "/index/otp?sid=" + resp.data.sid + "&remember=" + (resp.data.remember ? 1 : 0) + "&from=" + window.encodeURIComponent(this.from)
+				return
+			}
+			if (this.from.length == 0) {
+				window.location = "/dashboard";
+			} else {
+				window.location = this.from;
+			}
+		})
 	};
 });
--- a/web/views/@default/index/otp.js
+++ b/web/views/@default/index/otp.js
@@ -22,10 +22,17 @@ Tea.context(function () {
 	};

 	this.submitSuccess = function (resp) {
-		if (this.from.length == 0) {
-			window.location = "/dashboard";
-		} else {
-			window.location = this.from;
-		}
+		// store information to local
+		localStorage.setItem("sid", resp.data.localSid)
+		localStorage.setItem("ip", resp.data.ip)
+
+		// redirect back
+		this.$delay(function () {
+			if (this.from.length == 0) {
+				window.location = "/dashboard";
+			} else {
+				window.location = this.from;
+			}
+		})
 	};
 });
--- a/web/views/@default/login/validate.html
+++ b/web/views/@default/login/validate.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html lang="zh">
+<head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=0">
+    {$TEA.VUE}
+    {$TEA.SEMANTIC}
+    <title></title>
+</head>
+<body>
+<div>
+
+</div>
+</body>
+</html>
--- a/web/views/@default/login/validate.js
+++ b/web/views/@default/login/validate.js
@@ -0,0 +1,34 @@
+Tea.context(function () {
+	this.$delay(function () {
+		let sid = localStorage.getItem("sid")
+		let ip = localStorage.getItem("ip")
+
+		if (sid == null || sid.length == 0 || ip == null || ip.length == 0) {
+			window.location = "/logout"
+			return
+		}
+
+		this.$post("$")
+			.params({localSid: sid, "ip": ip})
+			.post()
+			.success(function (resp) {
+				if (!resp.data.isOk) {
+					window.location = "/logout"
+					return
+				}
+
+				// renew local data
+				localStorage.setItem("sid", resp.data.localSid)
+				localStorage.setItem("ip", resp.data.ip)
+
+				// redirect back (MUST delay)
+				this.$delay(function () {
+					if (this.from.length > 0) {
+						window.location = this.from
+					} else {
+						window.location = "/dashboard"
+					}
+				})
+			})
+	})
+})