From 0a7f1eb2864cc2d2f71f0184f1a4543bbe34c0f8 Mon Sep 17 00:00:00 2001
From: zhengkunwang <31820853+zhengkunwang223@users.noreply.github.com>
Date: Mon, 1 Apr 2024 15:52:07 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E5=A4=84=E7=90=86=E6=97=B6=E5=BA=8F?=
=?UTF-8?q?=E6=94=BB=E5=87=BB=E6=BC=8F=E6=B4=9E=20(#4373)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
backend/app/service/auth.go | 7 ++++---
backend/i18n/lang/en.yaml | 3 +++
backend/i18n/lang/zh-Hant.yaml | 3 +++
backend/i18n/lang/zh.yaml | 3 +++
frontend/src/components/config-card/index.vue | 9 +++++++--
5 files changed, 20 insertions(+), 5 deletions(-)
diff --git a/backend/app/service/auth.go b/backend/app/service/auth.go
index f309b5373..b88a7aa1d 100644
--- a/backend/app/service/auth.go
+++ b/backend/app/service/auth.go
@@ -1,6 +1,7 @@
package service
import (
+ "crypto/hmac"
"strconv"
"github.com/1Panel-dev/1Panel/backend/app/dto"
@@ -42,7 +43,7 @@ func (u *AuthService) Login(c *gin.Context, info dto.Login, entrance string) (*d
if err != nil {
return nil, constant.ErrAuth
}
- if info.Password != pass || nameSetting.Value != info.Name {
+ if !hmac.Equal([]byte(info.Password), []byte(pass)) || nameSetting.Value != info.Name {
return nil, constant.ErrAuth
}
entranceSetting, err := settingRepo.Get(settingRepo.WithByKey("SecurityEntrance"))
@@ -78,7 +79,7 @@ func (u *AuthService) MFALogin(c *gin.Context, info dto.MFALogin, entrance strin
if err != nil {
return nil, err
}
- if info.Password != pass || nameSetting.Value != info.Name {
+ if !hmac.Equal([]byte(info.Password), []byte(pass)) || nameSetting.Value != info.Name {
return nil, constant.ErrAuth
}
entranceSetting, err := settingRepo.Get(settingRepo.WithByKey("SecurityEntrance"))
@@ -168,7 +169,7 @@ func (u *AuthService) VerifyCode(code string) (bool, error) {
if err != nil {
return false, err
}
- return setting.Value == code, nil
+ return hmac.Equal([]byte(setting.Value), []byte(code)), nil
}
func (u *AuthService) CheckIsSafety(code string) (string, error) {
diff --git a/backend/i18n/lang/en.yaml b/backend/i18n/lang/en.yaml
index 0c32552d3..aa8702936 100644
--- a/backend/i18n/lang/en.yaml
+++ b/backend/i18n/lang/en.yaml
@@ -172,6 +172,9 @@ ErrScope: "Modification of this configuration is not supported"
ErrStateChange: "State modification failed"
ErrRuleExist: "Rule is Exist"
ErrRuleNotExist: "Rule is not Exist"
+ErrParseIP: "IP format error"
+ErrDefaultIP: "default is a reserved name, please change it to another name"
+ErrGroupInUse: "The IP group is used by the black/white list and cannot be deleted"
#license
ErrLicense: "License format error, {{ .err }}, please re-import!"
diff --git a/backend/i18n/lang/zh-Hant.yaml b/backend/i18n/lang/zh-Hant.yaml
index 04247f953..81f6ba0a1 100644
--- a/backend/i18n/lang/zh-Hant.yaml
+++ b/backend/i18n/lang/zh-Hant.yaml
@@ -173,6 +173,9 @@ ErrScope: "不支援修改此配置"
ErrStateChange: "狀態修改失敗"
ErrRuleExist: "規則名稱已存在"
ErrRuleNotExist: "規則不存在"
+ErrParseIP: "IP 格式錯誤"
+ErrDefaultIP: "default 為保留名稱,請更換其他名稱"
+ErrGroupInUse: "IP 群組被黑/白名單使用,無法刪除"
#license
ErrLicense: "License 格式錯誤,{{ .err }},請重新匯入!"
diff --git a/backend/i18n/lang/zh.yaml b/backend/i18n/lang/zh.yaml
index b7e056c6a..4d66a21d2 100644
--- a/backend/i18n/lang/zh.yaml
+++ b/backend/i18n/lang/zh.yaml
@@ -172,6 +172,9 @@ ErrScope: "不支持修改此配置"
ErrStateChange: "状态修改失败"
ErrRuleExist: "规则名称已存在"
ErrRuleNotExist: "规则不存在"
+ErrParseIP: "IP 格式错误"
+ErrDefaultIP: "default 为保留名称,请更换其他名称"
+ErrGroupInUse: "IP 组被黑/白名单使用,无法删除"
#license
ErrLicense: "License 格式错误,{{ .err }},请重新导入!"
diff --git a/frontend/src/components/config-card/index.vue b/frontend/src/components/config-card/index.vue
index 3a347dd61..fbab8e014 100644
--- a/frontend/src/components/config-card/index.vue
+++ b/frontend/src/components/config-card/index.vue
@@ -9,7 +9,9 @@
{{ header }}
-
+
{{ description }}
@@ -44,12 +46,15 @@ defineProps({
.config-header {
margin-bottom: 18px;
display: flex;
- justify-content: space-between;
+ justify-content: space-start;
align-items: center;
span {
font-weight: normal;
font-size: 18px;
}
+ .header-r {
+ margin-left: 20px;
+ }
}
.config-content {