在以守护进程模式启动时自动修改密钥增强安全性

3 years ago · 93d5846e4b
6 changed files with 176 additions and 45 deletions
--- a/01.web/src/views/advance/index.vue
+++ b/01.web/src/views/advance/index.vue
@ -168,7 +168,7 @@
				@@ -168,7 +168,7 @@
        </TabPane>
        <TabPane label="邮件服务" name="3">
          <Card :bordered="false" :dis-hover="true" style="width: 620px">
-            <Form :label-width="100" label-position="left">
+            <Form :label-width="120" label-position="left">
              <FormItem label="SMTP主机">
                <Row>
                  <Col span="12">
@ -330,20 +330,14 @@
				@@ -330,20 +330,14 @@
        <TabPane label="消息推送" name="4">
          <Card :bordered="false" :dis-hover="true" style="width: 600px">
            <Form :label-width="140">
-              <FormItem label="用户登录">
-                <Row>
-                  <Col span="12">
-                    <Switch>
-                      <Icon type="md-checkmark" slot="open"></Icon>
-                      <Icon type="md-close" slot="close"></Icon>
-                    </Switch>
-                  </Col>
-                </Row>
-              </FormItem>
-              <FormItem label="用户密码修改">
+              <FormItem
+                :label="item.note"
+                v-for="(item, index) in listPush"
+                :key="index"
+              >
                <Row>
                  <Col span="12">
-                    <Switch>
+                    <Switch v-model="listPush[index].enable">
                      <Icon type="md-checkmark" slot="open"></Icon>
                      <Icon type="md-close" slot="close"></Icon>
                    </Switch>
@ -351,33 +345,12 @@
				@@ -351,33 +345,12 @@
                </Row>
              </FormItem>
              <FormItem>
-                <Button type="primary">保存</Button>
-              </FormItem>
-            </Form>
-          </Card>
-        </TabPane>
-        <TabPane label="系统安全" name="5">
-          <Card :bordered="false" :dis-hover="true" style="width: 600px">
-            <Form :label-width="140">
-              <FormItem label="token">
-                1、本系统使用token进行鉴权和登录状态保持<br />
-                2、密钥 + 算法 = token<br />
-                3、密钥泄露会导致token被伪造从而登录本系统<br />
-                4、定期重置密钥可以增加系统的安全性<br />
-                5、重置密钥后所有管理系统在线用户会被下线<br />
-              </FormItem>
-              <FormItem label="密钥">
-                <Row>
-                  <Col span="12">
-                    <Input type="password" readonly value="2.4.0"></Input>
-                  </Col>
-                  <Col span="6"> <Button type="primary">重置</Button></Col>
-                </Row>
+                <Button type="primary" :loading="loadingEditPush" @click="EditPush">保存</Button>
              </FormItem>
            </Form>
          </Card>
        </TabPane>
-        <TabPane label="系统更新" name="6">
+        <TabPane label="系统更新" name="5">
          <Card :bordered="false" :dis-hover="true" style="width: 600px">
            <Form :label-width="140">
              <FormItem label="当前版本">
@ -459,6 +432,11 @@ export default {
				@@ -459,6 +432,11 @@ export default {
       */
      currentAdvanceTab: "1",

+      /**
+       *
+       */
+      listPush: [],
+
      /**
       * 加载
       */
@ -476,6 +454,8 @@ export default {
				@@ -476,6 +454,8 @@ export default {
      loadingSendTest: false,
      //保存邮件配置信息
      loadingEditEmail: false,
+      //保存推送配置信息
+      loadingEditPush:false,

      /**
       * subversion信息
@ -537,6 +517,7 @@ export default {
				@@ -537,6 +517,7 @@ export default {
    this.GetDetail();
    this.GetConfig();
    this.GetEmail();
+    this.GetPush();
  },
  methods: {
    /**
@ -729,6 +710,54 @@ export default {
				@@ -729,6 +710,54 @@ export default {
          that.$Message.error("出错了 请联系管理员！");
        });
    },
+    /**
+     * 获取消息推送配置
+     */
+    GetPush() {
+      var that = this;
+      var data = {};
+      that.$axios
+        .post("/api.php?c=Mail&a=GetPush&t=web", data)
+        .then(function (response) {
+          var result = response.data;
+          if (result.status == 1) {
+            that.listPush = result.data;
+          } else {
+            that.$Message.error(result.message);
+          }
+        })
+        .catch(function (error) {
+          console.log(error);
+          that.$Message.error("出错了 请联系管理员！");
+        });
+    },
+    /**
+     * 修改信息
+     */
+    EditPush() {
+      var that = this;
+      that.loadingEditPush = true;
+      var data = {
+        listPush: that.listPush,
+      };
+      that.$axios
+        .post("/api.php?c=Mail&a=EditPush&t=web", data)
+        .then(function (response) {
+          that.loadingEditPush = false;
+          var result = response.data;
+          if (result.status == 1) {
+            that.$Message.success(result.message);
+            that.GetPush();
+          } else {
+            that.$Message.error(result.message);
+          }
+        })
+        .catch(function (error) {
+          that.loadingEditPush = false;
+          console.log(error);
+          that.$Message.error("出错了 请联系管理员！");
+        });
+    },
    /**
     * 安装SVN
     */
--- a/01.web/src/views/repositoryInfo/index.vue
+++ b/01.web/src/views/repositoryInfo/index.vue
@ -264,7 +264,10 @@
				@@ -264,7 +264,10 @@
            @click="DownloadRepBackup(row.fileName)"
            >下载</Button
          >
-          <Button type="error" size="small" @click="DelRepBackup(row.fileName)"
+          <Button
+            type="error"
+            size="small"
+            @click="DelRepBackup(row.fileName)"
            >删除</Button
          >
        </template>
--- a/02.php/app/controller/Mail.php
+++ b/02.php/app/controller/Mail.php
@ -3,7 +3,7 @@
				@@ -3,7 +3,7 @@
 * @Author: witersen
 * @Date: 2022-04-24 23:37:05
 * @LastEditors: witersen
- * @LastEditTime: 2022-05-07 13:58:27
+ * @LastEditTime: 2022-05-07 19:14:22
 * @Description: QQ:1801168257
 */

@ -53,4 +53,22 @@ class Mail extends Base
				@@ -53,4 +53,22 @@ class Mail extends Base
        $result = $this->ServiceMail->SendTest();
        json2($result);
    }
+
+    /**
+     * 获取消息推送信息配置
+     */
+    public function GetPush()
+    {
+        $result = $this->ServiceMail->GetPush();
+        json2($result);
+    }
+
+    /**
+     * 修改推送选项
+     */
+    function EditPush()
+    {
+        $result = $this->ServiceMail->EditPush();
+        json2($result);
+    }
 }
--- a/02.php/app/service/Mail.php
+++ b/02.php/app/service/Mail.php
@ -3,7 +3,7 @@
				@@ -3,7 +3,7 @@
 * @Author: witersen
 * @Date: 2022-04-24 23:37:05
 * @LastEditors: witersen
- * @LastEditTime: 2022-05-06 22:53:10
+ * @LastEditTime: 2022-05-07 19:13:42
 * @Description: QQ:1801168257
 */

@ -258,4 +258,75 @@ class Mail extends Base
				@@ -258,4 +258,75 @@ class Mail extends Base

        return message(200, $result === true ? 1 : 0, $result === true ? '发送成功' : $result);
    }
+
+    /**
+     * 获取消息推送信息配置
+     */
+    public function GetPush()
+    {
+        $message_push = $this->database->get('options', [
+            'option_value'
+        ], [
+            'option_name' => 'message_push'
+        ]);
+
+        $message_push_null = [
+            [
+                'trigger' => 'Common/Login',
+                'type' => 'mail',
+                'note' => '用户登录',
+                'enable' => false,
+            ],
+            [
+                'trigger' => 'Personal/EditAdminUserName',
+                'type' => 'mail',
+                'note' => '管理人员修改账户名',
+                'enable' => false,
+            ],
+            [
+                'trigger' => 'Personal/EditAdminUserPass',
+                'type' => 'mail',
+                'note' => '管理人员修改密码',
+                'enable' => false,
+            ],
+            [
+                'trigger' => 'Personal/EditSvnUserPass',
+                'type' => 'mail',
+                'note' => 'SVN用户修改密码',
+                'enable' => false,
+            ],
+        ];
+
+        if ($message_push == null) {
+            $this->database->insert('options', [
+                'option_name' => 'message_push',
+                'option_value' => serialize($message_push_null),
+                'option_description' => ''
+            ]);
+            return message(200, 1, '成功', $message_push_null);
+        }
+        if ($message_push['option_value'] == '') {
+            $this->database->update('options', [
+                'option_value' => serialize($message_push_null),
+            ], [
+                'option_name' => 'message_push',
+            ]);
+            return message(200, 1, '成功', $message_push_null);
+        }
+
+        return message(200, 1, '成功', unserialize($message_push['option_value']));
+    }
+
+    /**
+     * 修改推送选项
+     */
+    function EditPush()
+    {
+        $this->database->update('options', [
+            'option_value' => serialize($this->payload['listPush'])
+        ], [
+            'option_name' => 'message_push'
+        ]);
+        return message();
+    }
 }
--- a/02.php/app/service/Svnrep.php
+++ b/02.php/app/service/Svnrep.php
@ -3,7 +3,7 @@
				@@ -3,7 +3,7 @@
 * @Author: witersen
 * @Date: 2022-04-24 23:37:05
 * @LastEditors: witersen
- * @LastEditTime: 2022-05-07 14:21:35
+ * @LastEditTime: 2022-05-07 17:03:32
 * @Description: QQ:1801168257
 */

@ -1199,7 +1199,7 @@ class Svnrep extends Base
				@@ -1199,7 +1199,7 @@ class Svnrep extends Base
    public function DownloadRepBackup()
    {
        $filePath = $this->config_svn['backup_base_path'] .  $this->payload['fileName'];
-        $this->DownloadRepBackup1($filePath, $this->payload['fileName']);
+        $this->DownloadRepBackup2($filePath, $this->payload['fileName']);
    }

    /**
--- a/02.php/server/svnadmind.php
+++ b/02.php/server/svnadmind.php
@ -3,7 +3,7 @@
				@@ -3,7 +3,7 @@
 * @Author: witersen
 * @Date: 2022-04-24 23:37:06
 * @LastEditors: witersen
- * @LastEditTime: 2022-05-07 02:02:57
+ * @LastEditTime: 2022-05-07 19:33:17
 * @Description: QQ:1801168257
 */

@ -136,7 +136,7 @@ class Daemon
				@@ -136,7 +136,7 @@ class Daemon
            //将标准错误重定向到文件
            //使用状态码来标识错误信息
            ob_start();
-            FunShellExec($cmmand . " 2>$stderrFile", $resultCode);
+            passthru($cmmand . " 2>$stderrFile", $resultCode);
            $buffer = ob_get_contents();
            ob_end_clean();

@ -207,7 +207,7 @@ class Daemon
				@@ -207,7 +207,7 @@ class Daemon
    /**
     * 检查需要的函数是否被禁用
     */
-    private function CheckDisabledFunction()
+    private function CheckDisabledFun()
    {
        $disabled_function = explode(',', ini_get('disable_functions'));
        $cli_needed_function = $this->config_daemon['CLI_NEEDED_FUNCTION'];
@ -221,6 +221,15 @@ class Daemon
				@@ -221,6 +221,15 @@ class Daemon
        }
    }

+    /**
+     * 更新密钥
+     */
+    private function UpdateSign()
+    {
+        $signCon = sprintf("<?php\n\nreturn ['signature' => '%s'];", uniqid());
+        file_put_contents(BASE_PATH . '/../config/sign.php', $signCon);
+    }
+
    /**
     * 以守护进程模式工作
     */
@ -276,8 +285,9 @@ class Daemon
				@@ -276,8 +285,9 @@ class Daemon
            } else {
                $this->CheckSysType();
                $this->CheckPhpVersion();
-                $this->CheckDisabledFunction();
+                $this->CheckDisabledFun();
                if ($this->workMode == 'start') {
+                    $this->UpdateSign();
                    $this->StartDaemon();
                } else if ($this->workMode == 'console') {
                    $this->StartConsole();