diff --git a/backend/app/service/setting.go b/backend/app/service/setting.go index 6f9962da1..c8a236c18 100644 --- a/backend/app/service/setting.go +++ b/backend/app/service/setting.go @@ -114,10 +114,6 @@ func (u *SettingService) Update(key, value string) error { if err := settingRepo.Update("ExpirationTime", time.Now().AddDate(0, 0, timeout).Format("2006-01-02 15:04:05")); err != nil { return err } - case "BindDomain": - global.CONF.System.BindDomain = value - case "AllowIPs": - global.CONF.System.AllowIPs = value case "TimeZone": go func() { _, err := cmd.Exec("systemctl restart 1panel.service") diff --git a/backend/configs/system.go b/backend/configs/system.go index 4d6ca6c69..373816511 100644 --- a/backend/configs/system.go +++ b/backend/configs/system.go @@ -1,26 +1,24 @@ package configs type System struct { - Port string `mapstructure:"port"` - SSL string `mapstructure:"ssl"` - DbFile string `mapstructure:"db_file"` - DbPath string `mapstructure:"db_path"` - LogPath string `mapstructure:"log_path"` - DataDir string `mapstructure:"data_dir"` - TmpDir string `mapstructure:"tmp_dir"` - Cache string `mapstructure:"cache"` - Backup string `mapstructure:"backup"` - EncryptKey string `mapstructure:"encrypt_key"` - BaseDir string `mapstructure:"base_dir"` - Mode string `mapstructure:"mode"` - RepoUrl string `mapstructure:"repo_url"` - Version string `mapstructure:"version"` - Username string `mapstructure:"username"` - Password string `mapstructure:"password"` - Entrance string `mapstructure:"entrance"` - IsDemo bool `mapstructure:"is_demo"` - AppRepo string `mapstructure:"app_repo"` + Port string `mapstructure:"port"` + SSL string `mapstructure:"ssl"` + DbFile string `mapstructure:"db_file"` + DbPath string `mapstructure:"db_path"` + LogPath string `mapstructure:"log_path"` + DataDir string `mapstructure:"data_dir"` + TmpDir string `mapstructure:"tmp_dir"` + Cache string `mapstructure:"cache"` + Backup string `mapstructure:"backup"` + EncryptKey string `mapstructure:"encrypt_key"` + BaseDir string `mapstructure:"base_dir"` + Mode string `mapstructure:"mode"` + RepoUrl string `mapstructure:"repo_url"` + Version string `mapstructure:"version"` + Username string `mapstructure:"username"` + Password string `mapstructure:"password"` + Entrance string `mapstructure:"entrance"` + IsDemo bool `mapstructure:"is_demo"` + AppRepo string `mapstructure:"app_repo"` ChangeUserInfo bool `mapstructure:"change_user_info"` - AllowIPs string `mapstructure:"allow_ips"` - BindDomain string `mapstructure:"bind_domain"` } diff --git a/backend/init/hook/hook.go b/backend/init/hook/hook.go index 96eecd5d4..9d328dfe7 100644 --- a/backend/init/hook/hook.go +++ b/backend/init/hook/hook.go @@ -26,18 +26,6 @@ func Init() { } global.CONF.System.SSL = sslSetting.Value - ipsSetting, err := settingRepo.Get(settingRepo.WithByKey("AllowIPs")) - if err != nil { - global.LOG.Errorf("load allow ips from setting failed, err: %v", err) - } - global.CONF.System.AllowIPs = ipsSetting.Value - - domainSetting, err := settingRepo.Get(settingRepo.WithByKey("BindDomain")) - if err != nil { - global.LOG.Errorf("load bind domain from setting failed, err: %v", err) - } - global.CONF.System.BindDomain = domainSetting.Value - if _, err := settingRepo.Get(settingRepo.WithByKey("SystemStatus")); err != nil { _ = settingRepo.Create("SystemStatus", "Free") } diff --git a/backend/middleware/bind_domain.go b/backend/middleware/bind_domain.go index d614224a5..601fc9f07 100644 --- a/backend/middleware/bind_domain.go +++ b/backend/middleware/bind_domain.go @@ -5,14 +5,20 @@ import ( "strings" "github.com/1Panel-dev/1Panel/backend/app/api/v1/helper" + "github.com/1Panel-dev/1Panel/backend/app/repo" "github.com/1Panel-dev/1Panel/backend/constant" - "github.com/1Panel-dev/1Panel/backend/global" "github.com/gin-gonic/gin" ) func BindDomain() gin.HandlerFunc { return func(c *gin.Context) { - if len(global.CONF.System.BindDomain) == 0 { + settingRepo := repo.NewISettingRepo() + status, err := settingRepo.Get(settingRepo.WithByKey("BindDomain")) + if err != nil { + helper.ErrorWithDetail(c, constant.CodeErrDomain, constant.ErrTypeInternalServer, err) + return + } + if len(status.Value) == 0 { c.Next() return } @@ -22,7 +28,7 @@ func BindDomain() gin.HandlerFunc { domains = parts[0] } - if domains != global.CONF.System.BindDomain { + if domains != status.Value { helper.ErrorWithDetail(c, constant.CodeErrDomain, constant.ErrTypeInternalServer, errors.New("domain not allowed")) return } diff --git a/backend/middleware/ip_limit.go b/backend/middleware/ip_limit.go index 9e7e7745c..2fd890a0a 100644 --- a/backend/middleware/ip_limit.go +++ b/backend/middleware/ip_limit.go @@ -5,19 +5,26 @@ import ( "strings" "github.com/1Panel-dev/1Panel/backend/app/api/v1/helper" + "github.com/1Panel-dev/1Panel/backend/app/repo" "github.com/1Panel-dev/1Panel/backend/constant" - "github.com/1Panel-dev/1Panel/backend/global" "github.com/gin-gonic/gin" ) func WhiteAllow() gin.HandlerFunc { return func(c *gin.Context) { - if len(global.CONF.System.AllowIPs) == 0 { + settingRepo := repo.NewISettingRepo() + status, err := settingRepo.Get(settingRepo.WithByKey("AllowIPs")) + if err != nil { + helper.ErrorWithDetail(c, constant.CodeErrIP, constant.ErrTypeInternalServer, err) + return + } + + if len(status.Value) == 0 { c.Next() return } clientIP := c.ClientIP() - for _, ip := range strings.Split(global.CONF.System.AllowIPs, ",") { + for _, ip := range strings.Split(status.Value, ",") { if len(ip) != 0 && ip == clientIP { c.Next() return diff --git a/frontend/src/lang/modules/en.ts b/frontend/src/lang/modules/en.ts index a8832bc72..a3880dee7 100644 --- a/frontend/src/lang/modules/en.ts +++ b/frontend/src/lang/modules/en.ts @@ -1003,7 +1003,7 @@ const message = { 'After setting the authorized IP address, only the IP address in the setting can access the 1Panel service. Do you want to continue?', allowIPsHelper1: 'If the authorized IP address is empty, the authorized IP address is canceled', allowIPEgs: - 'If multiple ip authorizations exist, newlines need to be displayed. For example, \n172.16.10.111 \n172.16.10.111', + 'If multiple ip authorizations exist, newlines need to be displayed. For example, \n172.16.10.111 \n172.16.10.112', mfa: 'MFA', mfaAlert: 'MFA password is generated based on the current time. Please ensure that the server time is synchronized.', diff --git a/frontend/src/lang/modules/zh.ts b/frontend/src/lang/modules/zh.ts index 6034637a8..d9880d49c 100644 --- a/frontend/src/lang/modules/zh.ts +++ b/frontend/src/lang/modules/zh.ts @@ -1016,7 +1016,7 @@ const message = { allowIPsHelper: '设置授权 IP 后,仅有设置中的 IP 可以访问 1Panel 服务', allowIPsWarnning: '设置授权 IP 后,仅有设置中的 IP 可以访问 1Panel 服务,是否继续?', allowIPsHelper1: '授权 IP 为空时,则取消授权 IP', - allowIPEgs: '当存在多个授权 IP 时,需要换行显示,例: \n172.16.10.111 \n172.16.10.111', + allowIPEgs: '当存在多个授权 IP 时,需要换行显示,例: \n172.16.10.111 \n172.16.10.112', mfa: '两步验证', mfaAlert: '两步验证密码是基于当前时间生成,请确保服务器时间已同步', mfaHelper: '开启后会验证手机应用验证码', diff --git a/frontend/src/views/login/entrance/index.vue b/frontend/src/views/login/entrance/index.vue index fa430e1e5..a4440732d 100644 --- a/frontend/src/views/login/entrance/index.vue +++ b/frontend/src/views/login/entrance/index.vue @@ -56,11 +56,15 @@ const mySafetyCode = defineProps({ const getStatus = async () => { isErr.value = true; - const res = await checkIsSafety(mySafetyCode.code); + let code = mySafetyCode.code; + if (code === 'err-ip' || code === 'err-domain') { + code = globalStore.entrance; + } + const res = await checkIsSafety(code); isErr.value = false; globalStore.entrance = ''; if (res.data === 'disable') { - if (mySafetyCode.code === '') { + if (code === '') { isNotFound.value = false; } else { isNotFound.value = true; @@ -73,7 +77,7 @@ const getStatus = async () => { return; } if (res.data === 'pass') { - globalStore.entrance = mySafetyCode.code; + globalStore.entrance = code; } };