实现DNS域名验证

2025-12-29 22:36:36 +08:00 · 2022-09-10 16:13:26 +08:00
parent 7394037ccd
commit 8c5390f5fe
10 changed files with 4768 additions and 3833 deletions
--- a/pkg/rpc/protos/models/model_ns_cluster.proto
+++ b/pkg/rpc/protos/models/model_ns_cluster.proto
@@ -12,4 +12,5 @@ message NSCluster {
 	bytes tcpJSON = 5;
 	bytes tlsJSON = 6;
 	bytes udpJSON = 7;
+	repeated string hosts = 8;
 }
--- a/pkg/rpc/protos/service_ns_cluster.proto
+++ b/pkg/rpc/protos/service_ns_cluster.proto
@@ -67,12 +67,16 @@ service NSClusterService {

 	// 修改NS集群的DDoS设置
 	rpc updateNSClusterDDoSProtection(UpdateNSClusterDDoSProtectionRequest) returns (RPCSuccess);
+
+	// 查找用户可以使用的主机地址
+	rpc findAvailableNSHostsForUser(FindAvailableNSHostsForUserRequest) returns (FindAvailableNSHostsForUserResponse);
 }

 // 创建集群
 message CreateNSClusterRequest {
 	string name = 1;
 	bytes accessLogJSON = 2;
+	repeated string hosts = 3;
 }

 message CreateNSClusterResponse {
@@ -84,6 +88,7 @@ message UpdateNSClusterRequest {
 	int64 nsClusterId = 1;
 	string name = 2;
 	bool isOn = 3;
+	repeated string hosts = 4;
 }

 // 查找集群访问日志配置
@@ -216,4 +221,13 @@ message FindNSClusterDDoSProtectionResponse {
 message UpdateNSClusterDDoSProtectionRequest {
 	int64 nsClusterId = 1;
 	bytes ddosProtectionJSON = 2;
+}
+
+// 查找用户可以使用的主机地址
+message FindAvailableNSHostsForUserRequest {
+	int64 userId = 1;
+}
+
+message FindAvailableNSHostsForUserResponse {
+	repeated string hosts = 1;
 }
--- a/pkg/rpc/protos/service_ns_domain.proto
+++ b/pkg/rpc/protos/service_ns_domain.proto
@@ -47,8 +47,17 @@ service NSDomainService {
 	// 修改TSIG配置
 	rpc updateNSDomainTSIG (UpdateNSDomainTSIGRequest) returns (RPCSuccess);

-	// 检查一组域名是否存在
+	// 检查一组域名是否在用户账户中存在
 	rpc existNSDomains(ExistNSDomainsRequest) returns (ExistNSDomainsResponse);
+
+	// 检查一组域名是否已通过验证
+	rpc existVerifiedNSDomains(ExistVerifiedNSDomainsRequest) returns (ExistVerifiedNSDomainsResponse);
+
+	// 获取域名验证信息
+	rpc findNSDomainVerifyingInfo(FindNSDomainVerifyingInfoRequest) returns (FindNSDomainVerifyingInfoResponse);
+
+	// 验证域名信息
+	rpc verifyNSDomain(VerifyNSDomainRequest) returns (VerifyNSDomainResponse);
 }

 // 创建单个域名
@@ -167,7 +176,7 @@ message UpdateNSDomainTSIGRequest {
 	bytes tsigJSON = 2;
 }

-// 检查一组域名是否存在
+// 检查一组域名是否在用户账户中存在
 message ExistNSDomainsRequest {
 	repeated string names = 1;
 	int64 userId = 2;
@@ -175,4 +184,35 @@ message ExistNSDomainsRequest {

 message ExistNSDomainsResponse {
 	repeated string existingNames = 1;
+}
+
+// 检查一组域名是否已通过验证
+message ExistVerifiedNSDomainsRequest {
+	repeated string names = 1;
+}
+
+message ExistVerifiedNSDomainsResponse {
+	repeated string existingNames = 1;
+}
+
+// 获取域名验证信息
+message FindNSDomainVerifyingInfoRequest {
+	int64 nsDomainId = 1;
+}
+
+message FindNSDomainVerifyingInfoResponse {
+	string txt = 1;
+	int64 expiresAt = 2;
+	string status = 3;
+}
+
+// 验证域名信息
+message VerifyNSDomainRequest {
+	int64 nsDomainId = 1;
+}
+
+message VerifyNSDomainResponse {
+	bool isOk = 1; // 是否成功
+	string errorCode = 2; // 错误代码
+	string errorMessage = 3; // 错误消息
 }