bugfix
This commit is contained in:
parent
dd3fc6e37a
commit
ec30b57b23
@ -20,9 +20,27 @@ from appPublic.dictObject import DictObject
|
|||||||
from appPublic.rsawrap import RSA
|
from appPublic.rsawrap import RSA
|
||||||
from appPublic.log import info, debug, warning, error, critical, exception
|
from appPublic.log import info, debug, warning, error, critical, exception
|
||||||
|
|
||||||
def get_client_ip(obj, request):
|
class CustomTktAuth(auth.SessionTktAuthentication):
|
||||||
|
async def get_ticket(self, request):
|
||||||
|
# 1. 优先尝试从你手动设置的缓存中取
|
||||||
|
manual_ticket = request.get('WssCookies')
|
||||||
|
if manual_ticket:
|
||||||
|
return manual_ticket
|
||||||
|
|
||||||
|
# 2. 如果没有,再走原有的 Headers/Cookies 逻辑
|
||||||
|
return await super().get_ticket(request)
|
||||||
|
def _get_ip(self, request):
|
||||||
return request['client_ip']
|
return request['client_ip']
|
||||||
|
|
||||||
|
def _new_ticket(self, request, user_id):
|
||||||
|
client_uuid = request.headers.get('client_uuid')
|
||||||
|
ip = self._get_ip(request)
|
||||||
|
valid_until = int(time.time()) + self._max_age
|
||||||
|
return self._ticket.new(user_id,
|
||||||
|
valid_until=valid_until,
|
||||||
|
client_ip=ip,
|
||||||
|
user_data=client_uuid)
|
||||||
|
|
||||||
async def get_session_userinfo(request):
|
async def get_session_userinfo(request):
|
||||||
d = await auth.get_auth(request)
|
d = await auth.get_auth(request)
|
||||||
if d is None:
|
if d is None:
|
||||||
@ -130,19 +148,7 @@ class AuthAPI:
|
|||||||
if self.conf.website.session_reissue_time:
|
if self.conf.website.session_reissue_time:
|
||||||
session_reissue_time = self.conf.website.session_reissue_time
|
session_reissue_time = self.conf.website.session_reissue_time
|
||||||
|
|
||||||
def _new_ticket(self, request, user_id):
|
policy = CustomTktAuth(secret,
|
||||||
client_uuid = request.headers.get('client_uuid')
|
|
||||||
ip = self._get_ip(request)
|
|
||||||
valid_until = int(time.time()) + self._max_age
|
|
||||||
# print(f'hack: my _new_ticket() called ... remote {ip=}, {client_uuid=}')
|
|
||||||
return self._ticket.new(user_id,
|
|
||||||
valid_until=valid_until,
|
|
||||||
client_ip=ip,
|
|
||||||
user_data=client_uuid)
|
|
||||||
|
|
||||||
TktAuthentication._get_ip = get_client_ip
|
|
||||||
TktAuthentication._new_ticket = _new_ticket
|
|
||||||
policy = auth.SessionTktAuthentication(secret,
|
|
||||||
session_max_time,
|
session_max_time,
|
||||||
reissue_time=session_reissue_time,
|
reissue_time=session_reissue_time,
|
||||||
include_ip=True)
|
include_ip=True)
|
||||||
|
|||||||
@ -143,7 +143,8 @@ class WebsocketProcessor(PythonScriptProcessor):
|
|||||||
async def path_call(self, request,params={}):
|
async def path_call(self, request,params={}):
|
||||||
cookie = request.headers.get('Sec-WebSocket-Protocol', None)
|
cookie = request.headers.get('Sec-WebSocket-Protocol', None)
|
||||||
if cookie:
|
if cookie:
|
||||||
request.headers['Cookies'] = cookie
|
# request.headers['Cookies'] = cookie
|
||||||
|
request['WssCookies'] = cookie
|
||||||
userid = await get_user()
|
userid = await get_user()
|
||||||
debug(f'{cookie=}, {userid=}')
|
debug(f'{cookie=}, {userid=}')
|
||||||
await self.set_run_env(request)
|
await self.set_run_env(request)
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user