database/db.go

@@ -7,11 +7,9 @@ import (
 	"log"
 	"os"
 	"path"
-	"slices"
 
 	"x-ui/config"
 	"x-ui/database/model"
-	"x-ui/util/crypto"
 	"x-ui/xray"
 
 	"gorm.io/driver/sqlite"
@@ -35,7 +33,6 @@ func initModels() error {
 		&model.Setting{},
 		&model.InboundClientIps{},
 		&xray.ClientTraffic{},
-		&model.HistoryOfSeeders{},
 	}
 	for _, model := range models {
 		if err := db.AutoMigrate(model); err != nil {
@@ -53,16 +50,9 @@ func initUser() error {
 		return err
 	}
 	if empty {
-		hashedPassword, err := crypto.HashPasswordAsBcrypt(defaultPassword)
-
-		if err != nil {
-			log.Printf("Error hashing default password: %v", err)
-			return err
-		}
-
 		user := &model.User{
 			Username:    defaultUsername,
-			Password:    hashedPassword,
+			Password:    defaultPassword,
 			LoginSecret: defaultSecret,
 		}
 		return db.Create(user).Error
@@ -70,45 +60,6 @@ func initUser() error {
 	return nil
 }
 
-func runSeeders(isUsersEmpty bool) error {
-	empty, err := isTableEmpty("history_of_seeders")
-	if err != nil {
-		log.Printf("Error checking if users table is empty: %v", err)
-		return err
-	}
-
-	if empty && isUsersEmpty {
-		hashSeeder := &model.HistoryOfSeeders{
-			SeederName: "UserPasswordHash",
-		}
-		return db.Create(hashSeeder).Error
-	} else {
-		var seedersHistory []string
-		db.Model(&model.HistoryOfSeeders{}).Pluck("seeder_name", &seedersHistory)
-
-		if !slices.Contains(seedersHistory, "UserPasswordHash") && !isUsersEmpty {
-			var users []model.User
-			db.Find(&users)
-
-			for _, user := range users {
-				hashedPassword, err := crypto.HashPasswordAsBcrypt(user.Password)
-				if err != nil {
-					log.Printf("Error hashing password for user '%s': %v", user.Username, err)
-					return err
-				}
-				db.Model(&user).Update("password", hashedPassword)
-			}
-
-			hashSeeder := &model.HistoryOfSeeders{
-				SeederName: "UserPasswordHash",
-			}
-			return db.Create(hashSeeder).Error
-		}
-	}
-
-	return nil
-}
-
 func isTableEmpty(tableName string) (bool, error) {
 	var count int64
 	err := db.Table(tableName).Count(&count).Error
@@ -141,13 +92,11 @@ func InitDB(dbPath string) error {
 	if err := initModels(); err != nil {
 		return err
 	}
-
-	isUsersEmpty, err := isTableEmpty("users")
-
 	if err := initUser(); err != nil {
 		return err
 	}
-	return runSeeders(isUsersEmpty)
+
+	return nil
 }
 
 func CloseDB() error {

database/model/model.go

@@ -63,11 +63,6 @@ type InboundClientIps struct {
 	Ips         string `json:"ips" form:"ips"`
 }
 
-type HistoryOfSeeders struct {
-	Id         int    `json:"id" gorm:"primaryKey;autoIncrement"`
-	SeederName string `json:"seederName"`
-}
-
 func (i *Inbound) GenXrayInboundConfig() *xray.InboundConfig {
 	listen := i.Listen
 	if listen != "" {

main.go

@@ -151,7 +151,9 @@ func showSetting(show bool) {
 			fmt.Println("get current user info failed, error info:", err)
 		}
 
-		if userModel.Username == "" || userModel.Password == "" {
+		username := userModel.Username
+		userpasswd := userModel.Password
+		if username == "" || userpasswd == "" {
 			fmt.Println("current username or password is empty")
 		}
 
@@ -161,6 +163,8 @@ func showSetting(show bool) {
 		} else {
 			fmt.Println("Panel is secure with SSL")
 		}
+		fmt.Println("username:", username)
+		fmt.Println("password:", userpasswd)
 		fmt.Println("port:", port)
 		fmt.Println("webBasePath:", webBasePath)
 	}

util/crypto/crypto.go

@@ -1,15 +0,0 @@
-package crypto
-
-import (
-	"golang.org/x/crypto/bcrypt"
-)
-
-func HashPasswordAsBcrypt(password string) (string, error) {
-	hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
-	return string(hash), err
-}
-
-func CheckPasswordHash(hash, password string) bool {
-	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
-	return err == nil
-}

web/controller/setting.go

@@ -4,7 +4,6 @@ import (
 	"errors"
 	"time"
 
-	"x-ui/util/crypto"
 	"x-ui/web/entity"
 	"x-ui/web/service"
 	"x-ui/web/session"
@@ -85,7 +84,7 @@ func (a *SettingController) updateUser(c *gin.Context) {
 		return
 	}
 	user := session.GetLoginUser(c)
-	if user.Username != form.OldUsername || !crypto.CheckPasswordHash(user.Password, form.OldPassword) {
+	if user.Username != form.OldUsername || user.Password != form.OldPassword {
 		jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), errors.New(I18nWeb(c, "pages.settings.toasts.originalUserPassIncorrect")))
 		return
 	}
@@ -96,7 +95,7 @@ func (a *SettingController) updateUser(c *gin.Context) {
 	err = a.userService.UpdateUser(user.Id, form.NewUsername, form.NewPassword)
 	if err == nil {
 		user.Username = form.NewUsername
-		user.Password, _ = crypto.HashPasswordAsBcrypt(form.NewPassword)
+		user.Password = form.NewPassword
 		session.SetLoginUser(c, user)
 	}
 	jsonMsg(c, I18nWeb(c, "pages.settings.toasts.modifyUser"), err)

web/service/user.go

@@ -6,7 +6,6 @@ import (
 	"x-ui/database"
 	"x-ui/database/model"
 	"x-ui/logger"
-	"x-ui/util/crypto"
 
 	"gorm.io/gorm"
 )
@@ -30,9 +29,8 @@ func (s *UserService) CheckUser(username string, password string, secret string)
 	db := database.GetDB()
 
 	user := &model.User{}
-
 	err := db.Model(model.User{}).
-		Where("username = ? and login_secret = ?", username, secret).
+		Where("username = ? and password = ? and login_secret = ?", username, password, secret).
 		First(user).
 		Error
 	if err == gorm.ErrRecordNotFound {
@@ -41,25 +39,14 @@ func (s *UserService) CheckUser(username string, password string, secret string)
 		logger.Warning("check user err:", err)
 		return nil
 	}
-
-	if crypto.CheckPasswordHash(user.Password, password) {
 	return user
-	}
-
-	return nil
 }
 
 func (s *UserService) UpdateUser(id int, username string, password string) error {
 	db := database.GetDB()
-	hashedPassword, err := crypto.HashPasswordAsBcrypt(password)
-
-	if err != nil {
-		return err
-	}
-
 	return db.Model(model.User{}).
 		Where("id = ?", id).
-		Updates(map[string]any{"username": username, "password": hashedPassword}).
+		Updates(map[string]any{"username": username, "password": password}).
 		Error
 }
 
@@ -113,23 +100,17 @@ func (s *UserService) UpdateFirstUser(username string, password string) error {
 	} else if password == "" {
 		return errors.New("password can not be empty")
 	}
-	hashedPassword, er := crypto.HashPasswordAsBcrypt(password)
-
-	if er != nil {
-		return er
-	}
-
 	db := database.GetDB()
 	user := &model.User{}
 	err := db.Model(model.User{}).First(user).Error
 	if database.IsNotFound(err) {
 		user.Username = username
-		user.Password = hashedPassword
+		user.Password = password
 		return db.Model(model.User{}).Create(user).Error
 	} else if err != nil {
 		return err
 	}
 	user.Username = username
-	user.Password = hashedPassword
+	user.Password = password
 	return db.Save(user).Error
 }