92 lines
2.2 KiB
Go
92 lines
2.2 KiB
Go
package login
|
|
|
|
import (
|
|
"encoding/base64"
|
|
"errors"
|
|
"honoka-chan/internal/middleware"
|
|
usermodel "honoka-chan/internal/model/user"
|
|
"honoka-chan/internal/router"
|
|
loginschema "honoka-chan/internal/schema/login"
|
|
"honoka-chan/internal/session"
|
|
"honoka-chan/pkg/encrypt"
|
|
"honoka-chan/pkg/utils"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/tidwall/gjson"
|
|
)
|
|
|
|
func login(ctx *gin.Context) {
|
|
ss := session.Get(ctx)
|
|
defer ss.FinalizeOrRollback()
|
|
|
|
has, authKeyData, err := ss.GetAuthKey(ctx.MustGet("token").(string))
|
|
if ss.CheckErr(err) {
|
|
return
|
|
}
|
|
if !has {
|
|
ss.Abort(errors.New("invalid token"))
|
|
return
|
|
}
|
|
|
|
clientToken, err := base64.StdEncoding.DecodeString(authKeyData.ClientToken)
|
|
if ss.CheckErr(err) {
|
|
return
|
|
}
|
|
serverToken, err := base64.StdEncoding.DecodeString(authKeyData.ServerToken)
|
|
if ss.CheckErr(err) {
|
|
return
|
|
}
|
|
|
|
xmcKey := utils.XOR(clientToken, serverToken)
|
|
aesKey := xmcKey[0:16]
|
|
|
|
reqData := gjson.Parse(ctx.MustGet("request_data").(string))
|
|
key, err := base64.StdEncoding.DecodeString(reqData.Get("login_key").String())
|
|
if ss.CheckErr(err) {
|
|
return
|
|
}
|
|
loginKey := encrypt.AESCBCDecrypt(key, aesKey)[16:]
|
|
// fmt.Println("loginKey", string(loginKey))
|
|
|
|
// password, err := base64.StdEncoding.DecodeString(reqData.Get("login_passwd").String())
|
|
// if ss.CheckErr(err) {
|
|
// return
|
|
// }
|
|
// loginPasswd := encrypt.AESCBCDecrypt(password, aesKey)[16:]
|
|
// fmt.Println("loginPasswd", string(loginPasswd))
|
|
|
|
authorizeToken := base64.StdEncoding.EncodeToString([]byte(utils.RandomStr(32)))
|
|
|
|
var userID int
|
|
exists, err := ss.UserEng.Table("user_key").Where("key = ?", string(loginKey)).Cols("user_id").Get(&userID)
|
|
if ss.CheckErr(err) {
|
|
return
|
|
}
|
|
|
|
if !exists || userID == 0 {
|
|
ss.Abort(errors.New("invalid user"))
|
|
return
|
|
}
|
|
|
|
if err := usermodel.ClearUserForceRelogin(ss.UserEng, userID); ss.CheckErr(err) {
|
|
return
|
|
}
|
|
|
|
ss.Respond(loginschema.LoginResp{
|
|
ResponseData: loginschema.LoginData{
|
|
AuthorizeToken: authorizeToken,
|
|
UserId: userID,
|
|
ServerTimestamp: time.Now().Unix(),
|
|
AdultFlag: 2,
|
|
},
|
|
ReleaseInfo: []any{},
|
|
StatusCode: http.StatusOK,
|
|
})
|
|
}
|
|
|
|
func init() {
|
|
router.AddHandler("main.php", "POST", "/login/login", middleware.Common, login)
|
|
}
|