Skip to content

K
koko
Commit 0e98e8f5 authored by Eric's avatar Eric
Browse files
Options

[Update] update code

parent c1583e30
Hide whitespace changes
Inline Side-by-side
Showing with 45 additions and 44 deletions
pkg/handler/wrappersession.go
View file @ 0e98e8f5
...@@ -66,7 +66,8 @@ func (w *WrapperSession) Close() error { ...@@ -66,7 +66,8 @@ func (w *WrapperSession) Close() error {
return nil return nil
default: default:
} }
err := w.inWriter.Close() _ = w.inWriter.Close()
err := w.outReader.Close()
w.initReadPip() w.initReadPip()
return err return err
} }
......
pkg/service/users.go
View file @ 0e98e8f5
...@@ -12,18 +12,20 @@ import ( ...@@ -12,18 +12,20 @@ import (
"github.com/jumpserver/koko/pkg/model" "github.com/jumpserver/koko/pkg/model"
) )
type AuthResponse struct { type authResponse struct {
Err string `json:"error,omitempty"` Err string `json:"error,omitempty"`
Msg string `json:"msg,omitempty"` Msg string `json:"msg,omitempty"`
Data ResponseData `json:"data,omitempty"` Data dataResponse `json:"data,omitempty"`
Username string `json:"username,omitempty"` Username string `json:"username,omitempty"`
Token string `json:"token,omitempty"` Token string `json:"token,omitempty"`
Keyword string `json:"keyword,omitempty"` Keyword string `json:"keyword,omitempty"`
DateExpired string `json:"date_expired,omitempty"` DateExpired string `json:"date_expired,omitempty"`
User model.User `json:"user,omitempty"`
} }
type ResponseData struct { type dataResponse struct {
Choices []string `json:"choices,omitempty"` Choices []string `json:"choices,omitempty"`
Url string `json:"url,omitempty"` Url string `json:"url,omitempty"`
} }
...@@ -62,7 +64,7 @@ func (u *SessionClient) Authenticate(ctx context.Context) (user model.User, auth ...@@ -62,7 +64,7 @@ func (u *SessionClient) Authenticate(ctx context.Context) (user model.User, auth
"remote_addr": u.option.RemoteAddr, "remote_addr": u.option.RemoteAddr,
"login_type": u.option.LoginType, "login_type": u.option.LoginType,
} }
var resp AuthResponse var resp authResponse
_, err := u.client.Post(UserTokenAuthURL, data, &resp) _, err := u.client.Post(UserTokenAuthURL, data, &resp)
if err != nil { if err != nil {
logger.Errorf("User %s Authenticate err: %s", u.option.Username, err) logger.Errorf("User %s Authenticate err: %s", u.option.Username, err)
...@@ -99,7 +101,7 @@ func (u *SessionClient) Authenticate(ctx context.Context) (user model.User, auth ...@@ -99,7 +101,7 @@ func (u *SessionClient) Authenticate(ctx context.Context) (user model.User, auth
return return
} }
if resp.Token != "" { if resp.Token != "" {
return user, AuthSuccess return resp.User, AuthSuccess
} }
return return
} }
...@@ -111,63 +113,61 @@ func (u *SessionClient) CheckUserOTP(ctx context.Context, code string) (user mod ...@@ -111,63 +113,61 @@ func (u *SessionClient) CheckUserOTP(ctx context.Context, code string) (user mod
"code": code, "code": code,
} }
for name, authData := range u.authOptions { for name, authData := range u.authOptions {
var resp AuthResponse var resp authResponse
switch name { switch name {
case "opt": case "opt":
data["type"] = name data["type"] = name
} }
_, err = u.client.Post(authData.Url, data, &resp) _, err = u.client.Post(authData.Url, data, &resp)
if err != nil { if err != nil {
return logger.Errorf("User %s use %s check MFA err: %s", u.option.Username, name, err)
continue
} }
if resp.Err != "" { if resp.Err != "" {
return logger.Errorf("User %s use %s check MFA err: %s", u.option.Username, name, resp.Err)
continue
} }
if resp.Msg == "ok" { if resp.Msg == "ok" {
logger.Infof("User %s check MFA success, check if need admin confirm", u.option.Username)
return u.Authenticate(ctx) return u.Authenticate(ctx)
} }
} }
logger.Errorf("User %s failed to check MFA", u.option.Username)
return return
} }
func (u *SessionClient) checkConfirm(ctx context.Context) bool { func (u *SessionClient) checkConfirm(ctx context.Context) (ok bool) {
doneChan := make(chan bool, 1) var err error
go func() { for {
var err error select {
for { case <-ctx.Done():
select { logger.Errorf("User %s cancel confirm request", u.option.Username)
case <-ctx.Done(): return ok
doneChan <- false case <-time.After(5 * time.Second):
case <-time.After(5 * time.Second): var resp authResponse
var resp AuthResponse _, err = u.client.Get(UserConfirmAuthURL, &resp)
_, err = u.client.Get(UserConfirmAuthURL, &resp) if err != nil {
if err != nil { logger.Errorf("User %s check confirm err: %s", u.option.Username, err)
logger.Errorf("User %s check confirm err: %s", u.option.Username, err) return
doneChan <- false }
return if resp.Err != "" {
} switch resp.Err {
if resp.Err != "" { case ErrLoginConfirmWait:
switch resp.Err { logger.Infof("User %s still wait confirm", u.option.Username)
case ErrLoginConfirmWait: continue
logger.Infof("User %s wait confirm", u.option.Username) case ErrLoginConfirmRejected:
continue default:
case ErrLoginConfirmRejected:
default:
}
logger.Infof("User %s confirm rejected %s", u.option.Username, resp.Err)
doneChan <- false
return
}
if resp.Msg == "ok" {
logger.Infof("User %s confirm accepted", u.option.Username)
doneChan <- true
return
} }
logger.Infof("User %s confirm rejected %s", u.option.Username, resp.Err)
return
}
if resp.Msg == "ok" {
logger.Infof("User %s confirm accepted", u.option.Username)
return true
} }
} }
}() }
return <-doneChan
} }
func GetUserDetail(userID string) (user *model.User) { func GetUserDetail(userID string) (user *model.User) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment