acepanel/panel
2
0
Fork 0
mirror of https://github.com/acepanel/panel.git synced 2026-02-04 04:22:33 +08:00
Code Issues Packages Releases Activity

fix: 两步验证使用SHA1算法(为了兼容性)

Browse Source
This commit is contained in:
耗子
2025-05-23 10:24:37 +08:00
parent a997d548f7
commit 548165ab4a
2 changed files with 4 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
internal/data/user.go
View File

@@ -3,7 +3,6 @@ package data
import (
"errors"
"image"
"time"
"github.com/go-rat/utils/hash"
"github.com/leonelquinteros/gotext"
@@ -145,7 +144,7 @@ func (r *userRepo) GenerateTwoFA(id uint) (image.Image, string, string, error) {
Issuer: "RatPanel",
AccountName: cast.ToString(id),
SecretSize: 32,
Algorithm: otp.AlgorithmSHA256,
Algorithm: otp.AlgorithmSHA1,
})
if err != nil {
return nil, "", "", err
@@ -167,11 +166,7 @@ func (r *userRepo) UpdateTwoFA(id uint, code, secret string) error {
// 保存前先验证一次,防止错误开启
if secret != "" {
if valid, _ := totp.ValidateCustom(code, secret, time.Now().UTC(), totp.ValidateOpts{
Skew: 1,
Digits: otp.DigitsSix,
Algorithm: otp.AlgorithmSHA256,
}); !valid {
if valid := totp.Validate(code, secret); !valid {
return errors.New(r.t.Get("invalid 2FA code"))
}
}
@@ -190,11 +185,7 @@ func (r *userRepo) CheckTwoFA(id uint, code string) (bool, error) {
return true, nil // 未开启2FA无需验证
}
if valid, _ := totp.ValidateCustom(code, user.TwoFA, time.Now().UTC(), totp.ValidateOpts{
Skew: 1,
Digits: otp.DigitsSix,
Algorithm: otp.AlgorithmSHA256,
}); !valid {
if valid := totp.Validate(code, user.TwoFA); !valid {
return false, errors.New(r.t.Get("invalid 2FA code"))
}

8
internal/service/user.go
View File

@@ -11,13 +11,11 @@ import (
"net"
"net/http"
"strings"
"time"
"github.com/go-rat/chix"
"github.com/go-rat/sessions"
"github.com/knadh/koanf/v2"
"github.com/leonelquinteros/gotext"
"github.com/pquerna/otp"
"github.com/pquerna/otp/totp"
"github.com/spf13/cast"
@@ -94,11 +92,7 @@ func (s *UserService) Login(w http.ResponseWriter, r *http.Request) {
}
if user.TwoFA != "" {
if valid, _ := totp.ValidateCustom(req.PassCode, user.TwoFA, time.Now().UTC(), totp.ValidateOpts{
Skew: 1,
Digits: otp.DigitsSix,
Algorithm: otp.AlgorithmSHA256,
}); !valid {
if valid := totp.Validate(req.PassCode, user.TwoFA); !valid {
Error(w, http.StatusForbidden, s.t.Get("invalid 2FA code"))
return
}