Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
DiDi
nightingale
提交
c724896e
N
nightingale
项目概览
DiDi
/
nightingale
11 个月 前同步成功
通知
46
Star
7053
Fork
1161
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
N
nightingale
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
c724896e
编写于
2月 01, 2021
作者:
Y
yubo
提交者:
GitHub
2月 01, 2021
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
adjust session GC interval (#569)
* keep at least 4 history passwords * adjust gc time for session
上级
914aaa0a
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
36 addition
and
23 deletion
+36
-23
src/modules/rdb/auth/authenticator.go
src/modules/rdb/auth/authenticator.go
+22
-13
src/modules/rdb/session/session_db.go
src/modules/rdb/session/session_db.go
+14
-10
未找到文件。
src/modules/rdb/auth/authenticator.go
浏览文件 @
c724896e
...
...
@@ -20,6 +20,7 @@ import (
const
(
ChangePasswordURL
=
"/change-password"
loginModeFifo
=
true
pwdHistorySize
=
4
)
type
Authenticator
struct
{
...
...
@@ -132,14 +133,13 @@ func (p *Authenticator) ChangePassword(user *models.User, password string) (err
return
nil
}
if
!
p
.
extraMode
{
return
changePassword
()
}
// precheck
cf
:=
cache
.
AuthConfig
()
if
err
=
checkPassword
(
cf
,
password
);
err
!=
nil
{
return
if
p
.
extraMode
{
if
err
=
checkPassword
(
cf
,
password
);
err
!=
nil
{
return
}
}
if
err
=
changePassword
();
err
!=
nil
{
...
...
@@ -157,15 +157,22 @@ func (p *Authenticator) ChangePassword(user *models.User, password string) (err
return
}
for
_
,
v
:=
range
passwords
{
if
user
.
Password
==
v
{
err
=
_e
(
"The password is the same as the old password"
)
return
if
p
.
extraMode
{
for
_
,
v
:=
range
passwords
{
if
user
.
Password
==
v
{
err
=
_e
(
"The password is the same as the old password"
)
return
}
}
}
passwords
=
append
(
passwords
,
user
.
Password
)
if
n
:=
len
(
passwords
)
-
cf
.
PwdHistorySize
;
n
>
0
{
historySize
:=
pwdHistorySize
if
cf
.
PwdHistorySize
>
historySize
{
historySize
=
cf
.
PwdHistorySize
}
if
n
:=
len
(
passwords
)
-
historySize
;
n
>
0
{
passwords
=
passwords
[
n
:
]
}
...
...
@@ -301,7 +308,9 @@ func (p *Authenticator) PrepareUser(user *models.User) {
}
cf
:=
cache
.
AuthConfig
()
user
.
PwdExpiresAt
=
user
.
PwdUpdatedAt
+
cf
.
PwdExpiresIn
*
86400
*
30
if
cf
.
PwdExpiresIn
>
0
{
user
.
PwdExpiresAt
=
user
.
PwdUpdatedAt
+
cf
.
PwdExpiresIn
*
86400
*
30
}
}
// cleanup rdb.session & sso.token
...
...
@@ -426,7 +435,7 @@ func lockedUserAccess(cf *models.AuthConfig, user *models.User, loginErr error)
user
.
UpdatedAt
=
now
return
nil
}
return
_e
(
"User is locked, unlock at %dm later"
,
math
.
Ceil
(
float64
(
user
.
LockedAt
+
cf
.
LockTime
-
now
))
/
60.0
)
return
_e
(
"User is locked, unlock at %dm later"
,
int
(
math
.
Ceil
(
float64
(
user
.
LockedAt
+
cf
.
LockTime
*
60
-
now
))
/
60.0
)
)
}
func
frozenUserAccess
(
cf
*
models
.
AuthConfig
,
user
*
models
.
User
,
loginErr
error
)
error
{
...
...
src/modules/rdb/session/session_db.go
浏览文件 @
c724896e
...
...
@@ -13,15 +13,23 @@ func newDbStorage(cf *config.SessionSection, opts *options) (storage, error) {
lifeTime
:=
config
.
Config
.
HTTP
.
Session
.
CookieLifetime
if
lifeTime
==
0
{
if
config
.
Config
.
Auth
.
ExtraMode
.
Enable
{
// cleanup by idle time worker
lifeTime
=
86400
*
10
}
else
{
lifeTime
=
86400
lifeTime
=
86400
}
cleanup
:=
func
()
{
now
:=
time
.
Now
()
.
Unix
()
err
:=
models
.
SessionCleanupByUpdatedAt
(
now
-
lifeTime
)
if
err
!=
nil
{
logger
.
Errorf
(
"session gc err %s"
,
err
)
}
n
,
err
:=
models
.
DB
[
"rdb"
]
.
Where
(
"username='' and created_at < ?"
,
now
-
lifeTime
)
.
Delete
(
new
(
models
.
Session
))
logger
.
Debugf
(
"delete session %d lt created_at %d err %v"
,
n
,
now
-
lifeTime
,
err
)
}
go
func
()
{
cleanup
()
t
:=
time
.
NewTicker
(
time
.
Second
*
time
.
Duration
(
cf
.
GcInterval
))
defer
t
.
Stop
()
for
{
...
...
@@ -29,11 +37,7 @@ func newDbStorage(cf *config.SessionSection, opts *options) (storage, error) {
case
<-
opts
.
ctx
.
Done
()
:
return
case
<-
t
.
C
:
err
:=
models
.
SessionCleanupByUpdatedAt
(
time
.
Now
()
.
Unix
()
-
lifeTime
)
if
err
!=
nil
{
logger
.
Errorf
(
"session gc err %s"
,
err
)
}
cleanup
()
}
}
}()
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录