123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116 |
- package controller
- import (
- "net/http"
- "text/template"
- "time"
- "x-ui/logger"
- "x-ui/web/service"
- "x-ui/web/session"
- "github.com/gin-contrib/sessions"
- "github.com/gin-gonic/gin"
- )
- type LoginForm struct {
- Username string `json:"username" form:"username"`
- Password string `json:"password" form:"password"`
- LoginSecret string `json:"loginSecret" form:"loginSecret"`
- }
- type IndexController struct {
- BaseController
- settingService service.SettingService
- userService service.UserService
- tgbot service.Tgbot
- }
- func NewIndexController(g *gin.RouterGroup) *IndexController {
- a := &IndexController{}
- a.initRouter(g)
- return a
- }
- func (a *IndexController) initRouter(g *gin.RouterGroup) {
- g.GET("/", a.index)
- g.POST("/login", a.login)
- g.GET("/logout", a.logout)
- g.POST("/getSecretStatus", a.getSecretStatus)
- }
- func (a *IndexController) index(c *gin.Context) {
- if session.IsLogin(c) {
- c.Redirect(http.StatusTemporaryRedirect, "panel/")
- return
- }
- html(c, "login.html", "pages.login.title", nil)
- }
- func (a *IndexController) login(c *gin.Context) {
- var form LoginForm
- if err := c.ShouldBind(&form); err != nil {
- pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.invalidFormData"))
- return
- }
- if form.Username == "" {
- pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.emptyUsername"))
- return
- }
- if form.Password == "" {
- pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.emptyPassword"))
- return
- }
- user := a.userService.CheckUser(form.Username, form.Password, form.LoginSecret)
- timeStr := time.Now().Format("2006-01-02 15:04:05")
- safeUser := template.HTMLEscapeString(form.Username)
- safePass := template.HTMLEscapeString(form.Password)
- safeSecret := template.HTMLEscapeString(form.LoginSecret)
- if user == nil {
- logger.Warningf("wrong username: \"%s\", password: \"%s\", secret: \"%s\", IP: \"%s\"", safeUser, safePass, safeSecret, getRemoteIp(c))
- a.tgbot.UserLoginNotify(safeUser, safePass, getRemoteIp(c), timeStr, 0)
- pureJsonMsg(c, http.StatusOK, false, I18nWeb(c, "pages.login.toasts.wrongUsernameOrPassword"))
- return
- }
- logger.Infof("%s logged in successfully, Ip Address: %s\n", safeUser, getRemoteIp(c))
- a.tgbot.UserLoginNotify(safeUser, ``, getRemoteIp(c), timeStr, 1)
- sessionMaxAge, err := a.settingService.GetSessionMaxAge()
- if err != nil {
- logger.Warning("Unable to get session's max age from DB")
- }
- session.SetMaxAge(c, sessionMaxAge*60)
- session.SetLoginUser(c, user)
- if err := sessions.Default(c).Save(); err != nil {
- logger.Warning("Unable to save session: ", err)
- return
- }
- logger.Infof("%s logged in successfully", safeUser)
- jsonMsg(c, I18nWeb(c, "pages.login.toasts.successLogin"), nil)
- }
- func (a *IndexController) logout(c *gin.Context) {
- user := session.GetLoginUser(c)
- if user != nil {
- logger.Infof("%s logged out successfully", user.Username)
- }
- session.ClearSession(c)
- if err := sessions.Default(c).Save(); err != nil {
- logger.Warning("Unable to save session after clearing:", err)
- }
- c.Redirect(http.StatusTemporaryRedirect, c.GetString("base_path"))
- }
- func (a *IndexController) getSecretStatus(c *gin.Context) {
- status, err := a.settingService.GetSecretStatus()
- if err == nil {
- jsonObj(c, status, nil)
- }
- }
|