Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2025-09-12 13:10:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge branch 'main' into feat/2fa

Browse source
This commit is contained in:
Shishkevich D. 2025-05-03 16:51:35 +07:00 committed by GitHub
commit 2eb10ac9e2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 101 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
database/db.go
View file

@ -7,9 +7,11 @@ import (
"log" "log"
"os" "os"
"path" "path"
"slices"
"x-ui/config" "x-ui/config"
"x-ui/database/model" "x-ui/database/model"
"x-ui/util/crypto"
"x-ui/xray" "x-ui/xray"
"gorm.io/driver/sqlite" "gorm.io/driver/sqlite"
@ -32,6 +34,7 @@ func initModels() error {
&model.Setting{}, &model.Setting{},
&model.InboundClientIps{}, &model.InboundClientIps{},
&xray.ClientTraffic{}, &xray.ClientTraffic{},
&model.HistoryOfSeeders{},
} }
for _, model := range models { for _, model := range models {
if err := db.AutoMigrate(model); err != nil { if err := db.AutoMigrate(model); err != nil {
@ -49,15 +52,61 @@ func initUser() error {
return err return err
} }
if empty { if empty {
hashedPassword, err := crypto.HashPasswordAsBcrypt(defaultPassword)
if err != nil {
log.Printf("Error hashing default password: %v", err)
return err
}
user := &model.User{ user := &model.User{
Username: defaultUsername, Username: defaultUsername,
Password: defaultPassword, Password: hashedPassword,
} }
return db.Create(user).Error return db.Create(user).Error
} }
return nil return nil
} }
func runSeeders(isUsersEmpty bool) error {
empty, err := isTableEmpty("history_of_seeders")
if err != nil {
log.Printf("Error checking if users table is empty: %v", err)
return err
}
if empty && isUsersEmpty {
hashSeeder := &model.HistoryOfSeeders{
SeederName: "UserPasswordHash",
}
return db.Create(hashSeeder).Error
} else {
var seedersHistory []string
db.Model(&model.HistoryOfSeeders{}).Pluck("seeder_name", &seedersHistory)
if !slices.Contains(seedersHistory, "UserPasswordHash") && !isUsersEmpty {
var users []model.User
db.Find(&users)
for _, user := range users {
hashedPassword, err := crypto.HashPasswordAsBcrypt(user.Password)
if err != nil {
log.Printf("Error hashing password for user '%s': %v", user.Username, err)
return err
}
db.Model(&user).Update("password", hashedPassword)
}
hashSeeder := &model.HistoryOfSeeders{
SeederName: "UserPasswordHash",
}
return db.Create(hashSeeder).Error
}
}
return nil
}
func isTableEmpty(tableName string) (bool, error) { func isTableEmpty(tableName string) (bool, error) {
var count int64 var count int64
err := db.Table(tableName).Count(&count).Error err := db.Table(tableName).Count(&count).Error
@ -90,11 +139,13 @@ func InitDB(dbPath string) error {
if err := initModels(); err != nil { if err := initModels(); err != nil {
return err return err
} }
isUsersEmpty, err := isTableEmpty("users")
if err := initUser(); err != nil { if err := initUser(); err != nil {
return err return err
} }
return runSeeders(isUsersEmpty)
return nil
} }
func CloseDB() error { func CloseDB() error {

5
database/model/model.go
View file

@ -62,6 +62,11 @@ type InboundClientIps struct {
Ips string `json:"ips" form:"ips"` Ips string `json:"ips" form:"ips"`
} }
type HistoryOfSeeders struct {
Id int `json:"id" gorm:"primaryKey;autoIncrement"`
SeederName string `json:"seederName"`
}
func (i *Inbound) GenXrayInboundConfig() *xray.InboundConfig { func (i *Inbound) GenXrayInboundConfig() *xray.InboundConfig {
listen := i.Listen listen := i.Listen
if listen != "" { if listen != "" {

15
util/crypto/crypto.go Normal file
View file

@ -0,0 +1,15 @@
package crypto
import (
"golang.org/x/crypto/bcrypt"
)
func HashPasswordAsBcrypt(password string) (string, error) {
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
return string(hash), err
}
func CheckPasswordHash(hash, password string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}

5
web/controller/setting.go
View file

@ -4,6 +4,7 @@ import (
"errors" "errors"
"time" "time"
"x-ui/util/crypto"
"x-ui/web/entity" "x-ui/web/entity"
"x-ui/web/service" "x-ui/web/service"
"x-ui/web/session" "x-ui/web/session"
@ -78,7 +79,7 @@ func (a *SettingController) updateUser(c *gin.Context) {
return return
} }
user := session.GetLoginUser(c) user := session.GetLoginUser(c)
if user.Username != form.OldUsername || user.Password != form.OldPassword { if user.Username != form.OldUsername || !crypto.CheckPasswordHash(user.Password, form.OldPassword) {
jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), errors.New(I18nWeb(c, "pages.settings.toasts.originalUserPassIncorrect"))) jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), errors.New(I18nWeb(c, "pages.settings.toasts.originalUserPassIncorrect")))
return return
} }
@ -89,7 +90,7 @@ func (a *SettingController) updateUser(c *gin.Context) {
err = a.userService.UpdateUser(user.Id, form.NewUsername, form.NewPassword) err = a.userService.UpdateUser(user.Id, form.NewUsername, form.NewPassword)
if err == nil { if err == nil {
user.Username = form.NewUsername user.Username = form.NewUsername
user.Password = form.NewPassword user.Password, _ = crypto.HashPasswordAsBcrypt(form.NewPassword)
session.SetLoginUser(c, user) session.SetLoginUser(c, user)
} }
jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), err) jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), err)

28
web/service/user.go
View file

@ -6,6 +6,7 @@ import (
"x-ui/database" "x-ui/database"
"x-ui/database/model" "x-ui/database/model"
"x-ui/logger" "x-ui/logger"
"x-ui/util/crypto"
"gorm.io/gorm" "gorm.io/gorm"
"github.com/xlzd/gotp" "github.com/xlzd/gotp"
@ -32,8 +33,9 @@ func (s *UserService) CheckUser(username string, password string, twoFactorCode
db := database.GetDB() db := database.GetDB()
user := &model.User{} user := &model.User{}
err := db.Model(model.User{}). err := db.Model(model.User{}).
Where("username = ? and password = ?", username, password). Where("username = ?", username).
First(user). First(user).
Error Error
if err == gorm.ErrRecordNotFound { if err == gorm.ErrRecordNotFound {
@ -42,11 +44,17 @@ func (s *UserService) CheckUser(username string, password string, twoFactorCode
logger.Warning("check user err:", err) logger.Warning("check user err:", err)
return nil return nil
} }
if !crypto.CheckPasswordHash(user.Password, password) {
return nil
}
twoFactorEnable, err := s.settingService.GetTwoFactorEnable(); twoFactorEnable, err := s.settingService.GetTwoFactorEnable();
if err != nil { if err != nil {
logger.Warning("check two factor err:", err) logger.Warning("check two factor err:", err)
return nil return nil
} }
if twoFactorEnable { if twoFactorEnable {
twoFactorToken, err := s.settingService.GetTwoFactorToken(); twoFactorToken, err := s.settingService.GetTwoFactorToken();
@ -65,9 +73,15 @@ func (s *UserService) CheckUser(username string, password string, twoFactorCode
func (s *UserService) UpdateUser(id int, username string, password string) error { func (s *UserService) UpdateUser(id int, username string, password string) error {
db := database.GetDB() db := database.GetDB()
hashedPassword, err := crypto.HashPasswordAsBcrypt(password)
if err != nil {
return err
}
return db.Model(model.User{}). return db.Model(model.User{}).
Where("id = ?", id). Where("id = ?", id).
Updates(map[string]any{"username": username, "password": password}). Updates(map[string]any{"username": username, "password": hashedPassword}).
Error Error
} }
@ -77,17 +91,23 @@ func (s *UserService) UpdateFirstUser(username string, password string) error {
} else if password == "" { } else if password == "" {
return errors.New("password can not be empty") return errors.New("password can not be empty")
} }
hashedPassword, er := crypto.HashPasswordAsBcrypt(password)
if er != nil {
return er
}
db := database.GetDB() db := database.GetDB()
user := &model.User{} user := &model.User{}
err := db.Model(model.User{}).First(user).Error err := db.Model(model.User{}).First(user).Error
if database.IsNotFound(err) { if database.IsNotFound(err) {
user.Username = username user.Username = username
user.Password = password user.Password = hashedPassword
return db.Model(model.User{}).Create(user).Error return db.Model(model.User{}).Create(user).Error
} else if err != nil { } else if err != nil {
return err return err
} }
user.Username = username user.Username = username
user.Password = password user.Password = hashedPassword
return db.Save(user).Error return db.Save(user).Error
} }