2025-09-20 07:35:50 +00:00
|
|
|
// Package database provides database initialization, migration, and management utilities
|
|
|
|
|
// for the 3x-ui panel using GORM with SQLite.
|
2023-02-09 19:18:06 +00:00
|
|
|
package database
|
|
|
|
|
|
|
|
|
|
import (
|
2023-05-05 18:21:39 +00:00
|
|
|
"bytes"
|
2025-10-14 20:03:17 +00:00
|
|
|
"errors"
|
2023-05-05 18:21:39 +00:00
|
|
|
"io"
|
2023-02-09 19:18:06 +00:00
|
|
|
"io/fs"
|
2024-07-13 23:22:02 +00:00
|
|
|
"log"
|
2023-02-09 19:18:06 +00:00
|
|
|
"os"
|
|
|
|
|
"path"
|
2025-05-03 09:27:53 +00:00
|
|
|
"slices"
|
2023-07-01 12:26:43 +00:00
|
|
|
|
2025-09-19 08:05:43 +00:00
|
|
|
"github.com/mhsanaei/3x-ui/v2/config"
|
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/database/model"
|
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/util/crypto"
|
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/xray"
|
2023-02-16 15:58:20 +00:00
|
|
|
|
|
|
|
|
"gorm.io/driver/sqlite"
|
|
|
|
|
"gorm.io/gorm"
|
|
|
|
|
"gorm.io/gorm/logger"
|
2023-02-09 19:18:06 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var db *gorm.DB
|
|
|
|
|
|
2024-07-13 23:22:02 +00:00
|
|
|
const (
|
|
|
|
|
defaultUsername = "admin"
|
|
|
|
|
defaultPassword = "admin"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func initModels() error {
|
2025-03-12 19:13:51 +00:00
|
|
|
models := []any{
|
2024-07-13 23:22:02 +00:00
|
|
|
&model.User{},
|
|
|
|
|
&model.Inbound{},
|
|
|
|
|
&model.OutboundTraffics{},
|
2025-02-04 10:27:58 +00:00
|
|
|
&model.Setting{},
|
2024-07-13 23:22:02 +00:00
|
|
|
&model.InboundClientIps{},
|
|
|
|
|
&xray.ClientTraffic{},
|
2025-05-03 09:27:53 +00:00
|
|
|
&model.HistoryOfSeeders{},
|
# Pull Request: Connection Reporting System & Improvements for Restricted Networks
## Description
This PR introduces a comprehensive **Connection Reporting System** designed to improve the reliability and monitoring of connections, specifically tailored for environments with restricted internet access (e.g., active censorship, GFW).
### Key Changes
1. **New Reporting API (`/report`)**:
* Added `ReportController` and `ReportService` to handle incoming connection reports.
* Endpoint receives data such as `Latency`, `Success` status, `Protocol`, and Client Interface details.
* Data is persisted to the database via the new `ConnectionReport` model.
2. **Subscription Link Updates**:
* Modified `subService` to append a `reportUrl` parameter to generated subscription links (VLESS, VMess, etc.).
* This allows compatible clients to automatically discover the reporting endpoint and send feedback.
3. **Database Integration**:
* Added `ConnectionReport` schema to `database/model` and registered it in `database/db.go` for auto-migration.
## Why is this helpful for Restricted Internet Locations?
In regions with heavy internet censorship, connection stability is volatile.
* **Dynamic Reporting Endpoint**: The `reportUrl` parameter embedded in the subscription link explicitly tells the client *where* to send connection data.
* **Bypassing Blocking**: By decoupling the reporting URL from the node address, clients can ensure diagnostic data reaches the panel even if specific node IPs are being interfered with (assuming the panel itself is reachable).
* **Real-time Network Intelligence**: This mechanism enables the panel to aggregate "ground truth" data from clients inside the restricted network (e.g., latency, accessibility of specific protocols), allowing admins to react faster to blocking events.
* **Protocol Performance Tracking**: Allows comparison of different protocols (Reality vs. VLESS+TLS vs. Trojan) based on real-world latency and success rates from actual users.
* **Rapid Troubleshooting**: Administrators can see connection quality trends and rotate IPs/domains proactively when success rates drop, minimizing downtime for users.
## Technical Details
* **API Endpoint**: `POST /report`
* **Payload Format**: JSON containing `SystemInfo` (Interface), `ConnectionQuality` (Latency, Success), and `ProtocolInfo`.
* **Security**: Reports are tied to valid client request contexts (implementation detail: ensure endpoint is rate-limited or authenticated if necessary, though currently designed for open reporting from valid sub links).
## How to Test
1. Update the panel.
2. Generate a subscription link.
3. Observe the `reportUrl` parameter in the link.
4. Simulate a client POST to the report URL and verify the entry in the `ConnectionReports` table.
2026-02-04 10:00:00 +00:00
|
|
|
&model.ConnectionReport{},
|
2024-07-13 23:22:02 +00:00
|
|
|
}
|
2025-02-04 10:27:58 +00:00
|
|
|
for _, model := range models {
|
2024-07-13 23:22:02 +00:00
|
|
|
if err := db.AutoMigrate(model); err != nil {
|
2025-02-04 10:27:58 +00:00
|
|
|
log.Printf("Error auto migrating model: %v", err)
|
2024-07-13 23:22:02 +00:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
2023-05-22 23:13:15 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// initUser creates a default admin user if the users table is empty.
|
2023-02-09 19:18:06 +00:00
|
|
|
func initUser() error {
|
2024-07-13 23:22:02 +00:00
|
|
|
empty, err := isTableEmpty("users")
|
2023-02-09 19:18:06 +00:00
|
|
|
if err != nil {
|
2024-07-13 23:22:02 +00:00
|
|
|
log.Printf("Error checking if users table is empty: %v", err)
|
2023-02-09 19:18:06 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2024-07-13 23:22:02 +00:00
|
|
|
if empty {
|
2025-05-03 09:27:53 +00:00
|
|
|
hashedPassword, err := crypto.HashPasswordAsBcrypt(defaultPassword)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error hashing default password: %v", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 19:18:06 +00:00
|
|
|
user := &model.User{
|
2025-05-08 14:20:58 +00:00
|
|
|
Username: defaultUsername,
|
|
|
|
|
Password: hashedPassword,
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
|
|
|
|
return db.Create(user).Error
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// runSeeders migrates user passwords to bcrypt and records seeder execution to prevent re-running.
|
2025-05-03 09:27:53 +00:00
|
|
|
func runSeeders(isUsersEmpty bool) error {
|
|
|
|
|
empty, err := isTableEmpty("history_of_seeders")
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error checking if users table is empty: %v", err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if empty && isUsersEmpty {
|
|
|
|
|
hashSeeder := &model.HistoryOfSeeders{
|
|
|
|
|
SeederName: "UserPasswordHash",
|
|
|
|
|
}
|
|
|
|
|
return db.Create(hashSeeder).Error
|
|
|
|
|
} else {
|
|
|
|
|
var seedersHistory []string
|
|
|
|
|
db.Model(&model.HistoryOfSeeders{}).Pluck("seeder_name", &seedersHistory)
|
|
|
|
|
|
|
|
|
|
if !slices.Contains(seedersHistory, "UserPasswordHash") && !isUsersEmpty {
|
|
|
|
|
var users []model.User
|
|
|
|
|
db.Find(&users)
|
|
|
|
|
|
|
|
|
|
for _, user := range users {
|
|
|
|
|
hashedPassword, err := crypto.HashPasswordAsBcrypt(user.Password)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Error hashing password for user '%s': %v", user.Username, err)
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
db.Model(&user).Update("password", hashedPassword)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
hashSeeder := &model.HistoryOfSeeders{
|
|
|
|
|
SeederName: "UserPasswordHash",
|
|
|
|
|
}
|
|
|
|
|
return db.Create(hashSeeder).Error
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// isTableEmpty returns true if the named table contains zero rows.
|
2024-07-13 23:22:02 +00:00
|
|
|
func isTableEmpty(tableName string) (bool, error) {
|
|
|
|
|
var count int64
|
|
|
|
|
err := db.Table(tableName).Count(&count).Error
|
|
|
|
|
return count == 0, err
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// InitDB sets up the database connection, migrates models, and runs seeders.
|
2023-02-09 19:18:06 +00:00
|
|
|
func InitDB(dbPath string) error {
|
|
|
|
|
dir := path.Dir(dbPath)
|
2023-05-22 23:13:15 +00:00
|
|
|
err := os.MkdirAll(dir, fs.ModePerm)
|
2023-02-09 19:18:06 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var gormLogger logger.Interface
|
|
|
|
|
|
|
|
|
|
if config.IsDebug() {
|
|
|
|
|
gormLogger = logger.Default
|
|
|
|
|
} else {
|
|
|
|
|
gormLogger = logger.Discard
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c := &gorm.Config{
|
2025-02-04 10:27:58 +00:00
|
|
|
Logger: gormLogger,
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
2025-02-04 10:27:58 +00:00
|
|
|
db, err = gorm.Open(sqlite.Open(dbPath), c)
|
2023-02-09 19:18:06 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2024-07-13 23:22:02 +00:00
|
|
|
if err := initModels(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
|
|
|
|
|
isUsersEmpty, err := isTableEmpty("users")
|
2025-09-18 20:06:01 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
|
2024-07-13 23:22:02 +00:00
|
|
|
if err := initUser(); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
2025-05-03 09:27:53 +00:00
|
|
|
return runSeeders(isUsersEmpty)
|
2024-07-13 23:22:02 +00:00
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// CloseDB closes the database connection if it exists.
|
2024-07-13 23:22:02 +00:00
|
|
|
func CloseDB() error {
|
|
|
|
|
if db != nil {
|
|
|
|
|
sqlDB, err := db.DB()
|
|
|
|
|
if err != nil {
|
2023-05-22 23:13:15 +00:00
|
|
|
return err
|
|
|
|
|
}
|
2024-07-13 23:22:02 +00:00
|
|
|
return sqlDB.Close()
|
2023-02-09 19:18:06 +00:00
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// GetDB returns the global GORM database instance.
|
2023-02-09 19:18:06 +00:00
|
|
|
func GetDB() *gorm.DB {
|
|
|
|
|
return db
|
|
|
|
|
}
|
|
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// IsNotFound checks if the given error is a GORM record not found error.
|
2023-02-09 19:18:06 +00:00
|
|
|
func IsNotFound(err error) bool {
|
|
|
|
|
return err == gorm.ErrRecordNotFound
|
|
|
|
|
}
|
2023-05-05 18:21:39 +00:00
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// IsSQLiteDB checks if the given file is a valid SQLite database by reading its signature.
|
2023-05-22 23:13:15 +00:00
|
|
|
func IsSQLiteDB(file io.ReaderAt) (bool, error) {
|
2023-05-05 18:21:39 +00:00
|
|
|
signature := []byte("SQLite format 3\x00")
|
|
|
|
|
buf := make([]byte, len(signature))
|
2023-05-22 23:13:15 +00:00
|
|
|
_, err := file.ReadAt(buf, 0)
|
2023-05-05 18:21:39 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return false, err
|
|
|
|
|
}
|
|
|
|
|
return bytes.Equal(buf, signature), nil
|
|
|
|
|
}
|
2023-12-08 19:35:10 +00:00
|
|
|
|
2025-09-20 07:35:50 +00:00
|
|
|
// Checkpoint performs a WAL checkpoint on the SQLite database to ensure data consistency.
|
2023-12-08 19:35:10 +00:00
|
|
|
func Checkpoint() error {
|
|
|
|
|
// Update WAL
|
|
|
|
|
err := db.Exec("PRAGMA wal_checkpoint;").Error
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2025-10-14 20:03:17 +00:00
|
|
|
|
|
|
|
|
// ValidateSQLiteDB opens the provided sqlite DB path with a throw-away connection
|
|
|
|
|
// and runs a PRAGMA integrity_check to ensure the file is structurally sound.
|
|
|
|
|
// It does not mutate global state or run migrations.
|
|
|
|
|
func ValidateSQLiteDB(dbPath string) error {
|
|
|
|
|
if _, err := os.Stat(dbPath); err != nil { // file must exist
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
gdb, err := gorm.Open(sqlite.Open(dbPath), &gorm.Config{Logger: logger.Discard})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
sqlDB, err := gdb.DB()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
defer sqlDB.Close()
|
|
|
|
|
var res string
|
|
|
|
|
if err := gdb.Raw("PRAGMA integrity_check;").Scan(&res).Error; err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if res != "ok" {
|
|
|
|
|
return errors.New("sqlite integrity check failed: " + res)
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|