Files
honoka-chan/internal/handler/login/login.go
T
YumeMichi 4b2c005222 Force relogin after webui data changes
- Add a force_relogin flag to user_pref
- Return 404 for main.php requests when the user must reauthenticate
- Clear the relogin flag after successful client login
- Mark users for relogin after webui card import, accessory changes, and profile updates

Signed-off-by: Sean Du <do4suki@gmail.com>
2026-06-13 11:29:57 +08:00

91 lines
2.2 KiB
Go

package login
import (
"encoding/base64"
"errors"
"honoka-chan/internal/middleware"
usermodel "honoka-chan/internal/model/user"
"honoka-chan/internal/router"
loginschema "honoka-chan/internal/schema/login"
"honoka-chan/internal/session"
"honoka-chan/pkg/encrypt"
"honoka-chan/pkg/utils"
"time"
"github.com/gin-gonic/gin"
"github.com/tidwall/gjson"
)
func login(ctx *gin.Context) {
ss := session.Get(ctx)
defer ss.Finalize()
has, authKeyData, err := ss.GetAuthKey(ctx.MustGet("token").(string))
if ss.CheckErr(err) {
return
}
if !has {
ss.Abort(errors.New("invalid token"))
return
}
clientToken, err := base64.StdEncoding.DecodeString(authKeyData.ClientToken)
if ss.CheckErr(err) {
return
}
serverToken, err := base64.StdEncoding.DecodeString(authKeyData.ServerToken)
if ss.CheckErr(err) {
return
}
xmcKey := utils.XOR(clientToken, serverToken)
aesKey := xmcKey[0:16]
reqData := gjson.Parse(ctx.MustGet("request_data").(string))
key, err := base64.StdEncoding.DecodeString(reqData.Get("login_key").String())
if ss.CheckErr(err) {
return
}
loginKey := encrypt.AESCBCDecrypt(key, aesKey)[16:]
// fmt.Println("loginKey", string(loginKey))
// password, err := base64.StdEncoding.DecodeString(reqData.Get("login_passwd").String())
// if ss.CheckErr(err) {
// return
// }
// loginPasswd := encrypt.AESCBCDecrypt(password, aesKey)[16:]
// fmt.Println("loginPasswd", string(loginPasswd))
authorizeToken := base64.StdEncoding.EncodeToString([]byte(utils.RandomStr(32)))
var userID int
exists, err := ss.UserEng.Table("user_key").Where("key = ?", string(loginKey)).Cols("user_id").Get(&userID)
if ss.CheckErr(err) {
return
}
if !exists || userID == 0 {
ss.Abort(errors.New("invalid user"))
return
}
if err := usermodel.ClearUserForceRelogin(ss.UserEng, userID); ss.CheckErr(err) {
return
}
ss.Respond(loginschema.LoginResp{
ResponseData: loginschema.LoginData{
AuthorizeToken: authorizeToken,
UserId: userID,
ServerTimestamp: time.Now().Unix(),
AdultFlag: 2,
},
ReleaseInfo: []any{},
StatusCode: 200,
})
}
func init() {
router.AddHandler("main.php", "POST", "/login/login", middleware.Common, login)
}