add login fail warn &

add web client on/off & up admin peer filter & upgrade web client
2024-10-14 10:43:29 +08:00
parent 0eb733cc33
commit b4965e8885
20 changed files with 463 additions and 379 deletions
--- a/README.md
+++ b/README.md
@@ -151,6 +151,8 @@

 ```yaml
 lang: "en"
+app:
+  web-client: 1  # 1:启用 0:禁用
 gin:
  api-addr: "0.0.0.0:21114"
  mode: "release"
@@ -181,12 +183,13 @@ logger:
 变量名前缀是`RUSTDESK_API`，环境变量如果存在将覆盖配置文件中的配置

 | 变量名                                | 说明                                   | 示例                          |
-|-------------------------------------|--------------------------------------|-----------------------------|
+|------------------------------------|--------------------------------------|-----------------------------|
 | TZ                                 | 时区                                   | Asia/Shanghai               |
 | RUSTDESK_API_LANG                  | 语言                                   | `en`,`zh-CN`                |
+| RUSTDESK_API_APP_WEB_CLIENT        | 是否启用web-client; 1:启用,0:不启用; 默认启用     | 1                           |
 | -----GIN配置-----                    | ----------                           | ----------                  |
 | RUSTDESK_API_GIN_TRUST_PROXY       | 信任的代理IP列表，以`,`分割，默认信任所有              | 192.168.1.2,192.168.1.3     |
-| -----------GORM配置------------------ | ------------------------------------ | --------------------------- |
+| -----------GORM配置----------------  | ------------------------------------ | --------------------------- |
 | RUSTDESK_API_GORM_TYPE             | 数据库类型sqlite或者mysql，默认sqlite          | sqlite                      |
 | RUSTDESK_API_GORM_MAX_IDLE_CONNS   | 数据库最大空闲连接数                           | 10                          |
 | RUSTDESK_API_GORM_MAX_OPEN_CONNS   | 数据库最大打开连接数                           | 100                         |
--- a/README_EN.md
+++ b/README_EN.md
@@ -157,6 +157,8 @@ installation are `admin` `admin`, please change the password immediately.

 ```yaml
 lang: "en"
+app:
+  web-client: 1  # web client route 1:open 0:close  
 gin:
  api-addr: "0.0.0.0:21114"
  mode: "release"
@@ -187,22 +189,23 @@ logger:
 The prefix for variable names is `RUSTDESK_API`. If environment variables exist, they will override the configurations in the configuration file.

 | Variable Name                      | Description                                               | Example                       |
-|------------------------------------|-----------------------------------------------------------|--------------------------------|
+|------------------------------------|-----------------------------------------------------------|-------------------------------|
 | TZ                                 | timezone                                                  | Asia/Shanghai                 |
 | RUSTDESK_API_LANG                  | Language                                                  | `en`,`zh-CN`                  |
-| ----- GIN Configuration -----      | ---------------------------------------                   | ------------------------------ |
+| RUSTDESK_API_APP_WEB_CLIENT        | web client on/off; 1: on, 0 off, deault 1                 | 1                             |
+| ----- GIN Configuration -----      | ---------------------------------------                   | ----------------------------- |
 | RUSTDESK_API_GIN_TRUST_PROXY       | Trusted proxy IPs, separated by commas.                   | 192.168.1.2,192.168.1.3       |
-| ----- GORM Configuration -----     | ---------------------------------------                   | ------------------------------ |
+| ----- GORM Configuration -----     | ---------------------------------------                   | ----------------------------- |
 | RUSTDESK_API_GORM_TYPE             | Database type (`sqlite` or `mysql`). Default is `sqlite`. | sqlite                        |
 | RUSTDESK_API_GORM_MAX_IDLE_CONNS   | Maximum idle connections                                  | 10                            |
 | RUSTDESK_API_GORM_MAX_OPEN_CONNS   | Maximum open connections                                  | 100                           |
 | RUSTDESK_API_RUSTDESK_PERSONAL     | Open Personal Api 1:Enable,0:Disable                      | 1                             |
-| ----- MYSQL Configuration -----    | ---------------------------------------                   | ------------------------------ |
+| ----- MYSQL Configuration -----    | ---------------------------------------                   | ----------------------------- |
 | RUSTDESK_API_MYSQL_USERNAME        | MySQL username                                            | root                          |
 | RUSTDESK_API_MYSQL_PASSWORD        | MySQL password                                            | 111111                        |
 | RUSTDESK_API_MYSQL_ADDR            | MySQL address                                             | 192.168.1.66:3306             |
 | RUSTDESK_API_MYSQL_DBNAME          | MySQL database name                                       | rustdesk                      |
-| ----- RUSTDESK Configuration ----- | ---------------------------------------                   | ------------------------------ |
+| ----- RUSTDESK Configuration ----- | ---------------------------------------                   | ----------------------------- |
 | RUSTDESK_API_RUSTDESK_ID_SERVER    | Rustdesk ID server address                                | 192.168.1.66:21116            |
 | RUSTDESK_API_RUSTDESK_RELAY_SERVER | Rustdesk relay server address                             | 192.168.1.66:21117            |
 | RUSTDESK_API_RUSTDESK_API_SERVER   | Rustdesk API server address                               | http://192.168.1.66:21114     |
--- a/conf/config.yaml
+++ b/conf/config.yaml
@@ -1,4 +1,6 @@
 lang: "zh-CN"
+app:
+  web-client: 1  # 1:启用 0:禁用
 gin:
  api-addr: "0.0.0.0:21114"
  mode: "release" #release,debug,test
@@ -16,7 +18,7 @@ mysql:
 rustdesk:
  id-server: "192.168.1.66:21116"
  relay-server: "192.168.1.66:21117"
-  api-server: "http://192.168.1.66:21114"
+  api-server: "http://127.0.0.1:21114"
  key: "123456789"
  personal: 1
 logger:
--- a/config/config.go
+++ b/config/config.go
@@ -14,8 +14,13 @@ const (
 	DefaultConfig = "conf/config.yaml"
 )

+type App struct {
+	WebClient int `mapstructure:"web-client"`
+}
+
 type Config struct {
 	Lang     string `mapstructure:"lang"`
+	App      App
 	Gorm     Gorm
 	Mysql    Mysql
 	Gin      Gin
--- a/http/controller/admin/login.go
+++ b/http/controller/admin/login.go
@@ -7,6 +7,7 @@ import (
 	adResp "Gwen/http/response/admin"
 	"Gwen/model"
 	"Gwen/service"
+	"fmt"
 	"github.com/gin-gonic/gin"
 )

@@ -28,18 +29,21 @@ func (ct *Login) Login(c *gin.Context) {
 	f := &admin.Login{}
 	err := c.ShouldBindJSON(f)
 	if err != nil {
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
 		response.Fail(c, 101, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}

 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
 		response.Fail(c, 101, errList[0])
 		return
 	}
 	u := service.AllService.UserService.InfoByUsernamePassword(f.Username, f.Password)

 	if u.Id == 0 {
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "UsernameOrPasswordError", c.RemoteIP(), c.ClientIP()))
 		response.Fail(c, 101, response.TranslateMsg(c, "UsernameOrPasswordError"))
 		return
 	}
--- a/http/controller/admin/peer.go
+++ b/http/controller/admin/peer.go
@@ -96,6 +96,12 @@ func (ct *Peer) List(c *gin.Context) {
 			lt := time.Now().Unix() + int64(query.TimeAgo)
 			tx.Where("last_online_time > ?", lt)
 		}
+		if query.Id != "" {
+			tx.Where("id like ?", "%"+query.Id+"%")
+		}
+		if query.Hostname != "" {
+			tx.Where("hostname like ?", "%"+query.Hostname+"%")
+		}
 	})
 	response.Success(c, res)
 }
--- a/http/controller/admin/rustdesk.go
+++ b/http/controller/admin/rustdesk.go
@@ -9,9 +9,9 @@ import (
 type Rustdesk struct {
 }

-// ServerConfig 服务配置
+// ServerConfig RUSTDESK服务配置
 // @Tags ADMIN
-// @Summary 服务配置
+// @Summary RUSTDESK服务配置
 // @Description 服务配置,给webclient提供api-server
 // @Accept  json
 // @Produce  json
@@ -28,3 +28,19 @@ func (r *Rustdesk) ServerConfig(c *gin.Context) {
 	}
 	response.Success(c, cf)
 }
+
+// AppConfig APP服务配置
+// @Tags ADMIN
+// @Summary APP服务配置
+// @Description APP服务配置
+// @Accept  json
+// @Produce  json
+// @Success 200 {object} response.Response
+// @Failure 500 {object} response.Response
+// @Router /admin/app-config [get]
+// @Security token
+func (r *Rustdesk) AppConfig(c *gin.Context) {
+	response.Success(c, &gin.H{
+		"web_client": global.Config.App.WebClient,
+	})
+}
--- a/http/controller/api/ab.go
+++ b/http/controller/api/ab.go
@@ -8,7 +8,6 @@ import (
 	"Gwen/model"
 	"Gwen/service"
 	"encoding/json"
-	"fmt"
 	"github.com/gin-gonic/gin"
 	"net/http"
 	"strconv"
@@ -402,7 +401,7 @@ func (a *Ab) PeerAdd(c *gin.Context) {
 		response.Error(c, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
-	fmt.Println(f)
+	//fmt.Println(f)
 	u := service.AllService.UserService.CurUser(c)
 	f.UserId = u.Id
 	ab := f.ToAddressBook()
--- a/http/controller/api/login.go
+++ b/http/controller/api/login.go
@@ -8,6 +8,7 @@ import (
 	"Gwen/model"
 	"Gwen/service"
 	"encoding/json"
+	"fmt"
 	"github.com/gin-gonic/gin"
 	"net/http"
 )
@@ -30,12 +31,14 @@ func (l *Login) Login(c *gin.Context) {
 	err := c.ShouldBindJSON(f)
 	//fmt.Println(f)
 	if err != nil {
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
 		response.Error(c, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}

 	errList := global.Validator.ValidStruct(c, f)
 	if len(errList) > 0 {
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "ParamsError", c.RemoteIP(), c.ClientIP()))
 		response.Error(c, errList[0])
 		return
 	}
@@ -43,6 +46,7 @@ func (l *Login) Login(c *gin.Context) {
 	u := service.AllService.UserService.InfoByUsernamePassword(f.Username, f.Password)

 	if u.Id == 0 {
+		global.Logger.Warn(fmt.Sprintf("Login Fail: %s %s %s", "UsernameOrPasswordError", c.RemoteIP(), c.ClientIP()))
 		response.Error(c, response.TranslateMsg(c, "UsernameOrPasswordError"))
 		return
 	}
--- a/http/controller/api/peer.go
+++ b/http/controller/api/peer.go
@@ -22,7 +22,6 @@ type Peer struct {
 // @Success 200 {string} string "SYSINFO_UPDATED,ID_NOT_FOUND"
 // @Failure 500 {object} response.ErrorResponse
 // @Router /sysinfo [post]
-// @Security BearerAuth
 func (p *Peer) SysInfo(c *gin.Context) {
 	f := &requstform.PeerForm{}
 	err := c.ShouldBindBodyWith(f, binding.JSON)
@@ -30,17 +29,28 @@ func (p *Peer) SysInfo(c *gin.Context) {
 		response.Error(c, response.TranslateMsg(c, "ParamsError")+err.Error())
 		return
 	}
-
+	fpe := f.ToPeer()
 	pe := service.AllService.PeerService.FindById(f.Id)
-	if pe == nil || pe.RowId == 0 {
+	if pe.RowId == 0 {
 		pe = f.ToPeer()
+		pe.UserId = service.AllService.UserService.FindLatestUserIdFromLoginLogByUuid(pe.Uuid)
 		err = service.AllService.PeerService.Create(pe)
 		if err != nil {
 			response.Error(c, response.TranslateMsg(c, "OperationFailed")+err.Error())
 			return
 		}
+	} else {
+		if pe.UserId == 0 {
+			pe.UserId = service.AllService.UserService.FindLatestUserIdFromLoginLogByUuid(pe.Uuid)
+		}
+		fpe.RowId = pe.RowId
+		fpe.UserId = pe.UserId
+		err = service.AllService.PeerService.Update(fpe)
+		if err != nil {
+			response.Error(c, response.TranslateMsg(c, "OperationFailed")+err.Error())
+			return
+		}
 	}
-
 	//SYSINFO_UPDATED 上传成功
 	//ID_NOT_FOUND 下次心跳会上传
 	//直接响应文本
--- a/http/middleware/rustauth.go
+++ b/http/middleware/rustauth.go
@@ -7,7 +7,7 @@ import (

 func RustAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		//fmt.Println(c.Request.Header)
+		//fmt.Println(c.Request.URL, c.Request.Header)
 		//获取HTTP_AUTHORIZATION
 		token := c.GetHeader("Authorization")
 		if token == "" {
--- a/http/request/admin/peer.go
+++ b/http/request/admin/peer.go
@@ -36,4 +36,6 @@ func (f *PeerForm) ToPeer() *model.Peer {
 type PeerQuery struct {
 	PageQuery
 	TimeAgo  int    `json:"time_ago" form:"time_ago"`
+	Id       string `json:"id" form:"id"`
+	Hostname string `json:"hostname" form:"hostname"`
 }
--- a/http/router/admin.go
+++ b/http/router/admin.go
@@ -30,6 +30,7 @@ func Init(g *gin.Engine) {

 	rs := &admin.Rustdesk{}
 	adg.GET("/server-config", rs.ServerConfig)
+	adg.GET("/app-config", rs.AppConfig)

 	//访问静态文件
 	//g.StaticFS("/upload", http.Dir(global.Config.Gin.ResourcesPath+"/upload"))
--- a/http/router/api.go
+++ b/http/router/api.go
@@ -47,17 +47,11 @@ func ApiInit(g *gin.Engine) {
 		frg.POST("/sysinfo", pe.SysInfo)
 	}

-	{
-		w := &api.WebClient{}
-		frg.POST("/shared-peer", w.SharedPeer)
+	if global.Config.App.WebClient == 1 {
+		WebClientRoutes(frg)
 	}

 	frg.Use(middleware.RustAuth())
-	{
-		w := &api.WebClient{}
-		frg.POST("/server-config", w.ServerConfig)
-	}
-
 	{
 		u := &api.User{}
 		frg.GET("/user/info", u.Info)
@@ -115,3 +109,14 @@ func PersonalRoutes(frg *gin.RouterGroup) {
 	}

 }
+
+func WebClientRoutes(frg *gin.RouterGroup) {
+	w := &api.WebClient{}
+	{
+		frg.POST("/shared-peer", w.SharedPeer)
+	}
+	{
+		frg.POST("/server-config", middleware.RustAuth(), w.ServerConfig)
+	}
+
+}
--- a/http/router/router.go
+++ b/http/router/router.go
@@ -10,7 +10,13 @@ import (
 func WebInit(g *gin.Engine) {
 	i := &web.Index{}
 	g.GET("/", i.Index)
+
+	if global.Config.App.WebClient == 1 {
 		g.GET("/webclient-config/index.js", i.ConfigJs)
+	}
+
+	if global.Config.App.WebClient == 1 {
 		g.StaticFS("/webclient", http.Dir(global.Config.Gin.ResourcesPath+"/web"))
+	}
 	g.StaticFS("/_admin", http.Dir(global.Config.Gin.ResourcesPath+"/admin"))
 }
--- a/lib/orm/sqlite.go
+++ b/lib/orm/sqlite.go
@@ -16,6 +16,7 @@ type SqliteConfig struct {

 func NewSqlite(sqliteConf *SqliteConfig) *gorm.DB {
 	db, err := gorm.Open(sqlite.Open("./data/rustdeskapi.db"), &gorm.Config{
+		DisableForeignKeyConstraintWhenMigrating: true,
 		Logger: logger.New(
 			global.Logger, // io writer
 			logger.Config{
--- a/resources/web/js/dist/index.js
+++ b/resources/web/js/dist/index.js
--- a/resources/web/js/src/globals.js
+++ b/resources/web/js/src/globals.js
@@ -1,11 +1,14 @@
 import Connection from "./connection";
 import _sodium from "libsodium-wrappers";
-import { CursorData } from "./message";
 import {loadVp9} from "./codec";
 import {checkIfRetry, version} from "./gen_js_from_hbb";
 import {initZstd, translate} from "./common";
 import PCMPlayer from "pcm-player";
+import {getServerConf} from "./ljw";

+window.myconsole = (...args) => {
+    console.log(args);
+}
 window.curConn = undefined;
 window.isMobile = () => {
    return /(android|bb\d+|meego).+mobile|avantgo|bada\/|blackberry|blazer|compal|elaine|fennec|hiptop|iemobile|ip(hone|od)|ipad|iris|kindle|Android|Silk|lge |maemo|midp|mmp|netfront|opera m(ob|in)i|palm( os)?|phone|p(ixi|re)\/|plucker|pocket|psp|series(4|6)0|symbian|treo|up\.(browser|link)|vodafone|wap|windows (ce|phone)|xda|xiino/i.test(navigator.userAgent)
@@ -126,6 +129,7 @@ export function newConn() {
 }

 let sodium;
+
 export async function verify(signed, pk) {
    if (!sodium) {
        await _sodium.ready;
@@ -178,6 +182,7 @@ export function decrypt(signed, nonce, key) {
 }

 window.setByName = (name, value) => {
+    myconsole('setByName', name, value);
    switch (name) {
        case 'remote_id':
            localStorage.setItem('remote-id', value);
@@ -256,6 +261,9 @@ window.setByName = (name, value) => {
        case 'option':
            value = JSON.parse(value);
            localStorage.setItem(value.name, value.value);
+            if (value.name === 'access_token' && value.value) {
+                getServerConf(value.value);
+            }
            break;
        case 'peer_option':
            value = JSON.parse(value);
@@ -271,6 +279,7 @@ window.setByName = (name, value) => {

 window.getByName = (name, arg) => {
    let v = _getByName(name, arg);
+    myconsole('getByName', name, arg, v);
    if (typeof v == 'string' || v instanceof String) return v;
    if (v == undefined || v == null) return '';
    return JSON.stringify(v);
@@ -299,7 +308,11 @@ function _getByName(name, arg) {
        case 'toggle_option':
            return curConn.getOption(arg) || false;
        case 'option':
-      return localStorage.getItem(arg);
+            const v = localStorage.getItem(arg);
+            if (arg === 'access_token' && v) {
+                getServerConf(v);
+            }
+            return v;
        case 'image_quality':
            return curConn.getImageQuality();
        case 'translate':
@@ -336,7 +349,8 @@ window.init = async () => {
    opusWorker.onmessage = (e) => {
        pcmPlayer.feed(e.data);
    }
-  loadVp9(() => { });
+    loadVp9(() => {
+    });
    await initZstd();
    console.log('init done');
 }
@@ -362,8 +376,7 @@ export function copyToClipboard(text) {
        // Internet Explorer-specific code path to prevent textarea being shown while dialog is visible.
        return window.clipboardData.setData("Text", text);

-  }
-  else if (document.queryCommandSupported && document.queryCommandSupported("copy")) {
+    } else if (document.queryCommandSupported && document.queryCommandSupported("copy")) {
        var textarea = document.createElement("textarea");
        textarea.textContent = text;
        textarea.style.position = "fixed";  // Prevent scrolling to bottom of page in Microsoft Edge.
@@ -371,12 +384,10 @@ export function copyToClipboard(text) {
        textarea.select();
        try {
            return document.execCommand("copy");  // Security exception may be thrown by some browsers.
-    }
-    catch (ex) {
+        } catch (ex) {
            console.warn("Copy to clipboard failed.", ex);
            // return prompt("Copy to clipboard: Ctrl+C, Enter", text);
-    }
-    finally {
+        } finally {
            document.body.removeChild(textarea);
        }
    }
--- a/resources/web/js/src/ljw.js
+++ b/resources/web/js/src/ljw.js
@@ -49,11 +49,13 @@ if (share_token) {
    })
 }

-
-const autoWriteServer = () => {
-    return setTimeout(() => {
-        const token = localStorage.getItem('access_token')
-        if (token && apiserver) {
+let fetching = false
+export function getServerConf(token){
+    console.log('getServerConf', token)
+    if(fetching){
+        return
+    }
+    fetching = true
    fetch(apiserver + "/api/server-config", {
            method: 'POST',
            headers: {
@@ -62,12 +64,12 @@ const autoWriteServer = () => {
            }
        }
    ).then(res => res.json()).then(res => {
+        fetching = false
        if (res.code === 0) {
            if (!localStorage.getItem('custom-rendezvous-server') || !localStorage.getItem('key')) {
                localStorage.setItem('custom-rendezvous-server', res.data.id_server)
                localStorage.setItem('key', res.data.key)
            }
-
            if (res.data.peers) {
                const oldPeers = JSON.parse(localStorage.getItem('peers')) || {}
                let needUpdate = false
@@ -91,10 +93,7 @@ const autoWriteServer = () => {
                }
            }
        }
+    }).catch(_ => {
+        fetching = false
    })
-        } else {
-            autoWriteServer()
 }
-    }, 1000)
-}
-autoWriteServer()
--- a/service/user.go
+++ b/service/user.go
@@ -262,3 +262,10 @@ func (us *UserService) UserThirdInfo(userId uint, op string) *model.UserThird {
 	global.DB.Where("user_id = ? and third_type = ?", userId, op).First(ut)
 	return ut
 }
+
+// FindLatestUserIdFromLoginLogByUuid 根据uuid查找最后登录的用户id
+func (us *UserService) FindLatestUserIdFromLoginLogByUuid(uuid string) uint {
+	llog := &model.LoginLog{}
+	global.DB.Where("uuid = ?", uuid).Order("id desc").First(llog)
+	return llog.UserId
+}