lanhu/platform
2
0
Fork 0
Code Issues Actions Packages Releases 13 Activity

提交代理配置结果到长效网关

Browse Source
This commit is contained in:
luorijun
2025-05-19 11:03:38 +08:00
parent 3f8e48ec68
commit 689964e3ef
4 changed files with 91 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
web/globals/init.go
View File

@@ -8,4 +8,5 @@ func Init() {
initValidator() initValidator()
initRedis() initRedis()
initOrm() initOrm()
initProxy()
} }

51
web/globals/proxy.go Normal file
View File

@@ -0,0 +1,51 @@
package globals
import (
"encoding/json"
"fmt"
"net/http"
"strings"
"time"
)
const (
PermitEndpoint = "/api/permit"
)
var Proxy *ProxyClient
type ProxyClient struct {
}
func initProxy() {
Proxy = &ProxyClient{}
}
type ProxyPermitConfig struct {
Id int32 `json:"id"`
Whitelists *[]string `json:"whitelists,omitempty"`
Username *string `json:"username,omitempty"`
Password *string `json:"password,omitempty"`
Expire time.Time `json:"expire"`
}
func (p *ProxyClient) Permit(proxy string, config []*ProxyPermitConfig) error {
str, err := json.Marshal(config)
if err != nil {
return err
}
body := strings.NewReader(string(str))
resp, err := http.Post(fmt.Sprintf("%s:8848%s", proxy, PermitEndpoint), "application/json", body)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return fmt.Errorf("配置端口许可失败: %s", resp.Status)
}
return nil
}

3
web/services/auth.go
View File

@@ -19,7 +19,6 @@ type authService struct{}
// OauthAuthorizationCode 验证授权码 // OauthAuthorizationCode 验证授权码
func (s *authService) OauthAuthorizationCode(ctx context.Context, client *m.Client, code, redirectURI, codeVerifier string) (*auth2.TokenDetails, error) { func (s *authService) OauthAuthorizationCode(ctx context.Context, client *m.Client, code, redirectURI, codeVerifier string) (*auth2.TokenDetails, error) {
// TODO: 从数据库验证授权码
return nil, errors.New("TODO") return nil, errors.New("TODO")
} }
@@ -43,7 +42,6 @@ func (s *authService) OauthClientCredentials(ctx context.Context, client *m.Clie
}, },
} }
// todo 数据库定义会话持续时间
token, err := auth2.CreateSession(ctx, &authCtx, false) token, err := auth2.CreateSession(ctx, &authCtx, false)
if err != nil { if err != nil {
return nil, err return nil, err
@@ -54,7 +52,6 @@ func (s *authService) OauthClientCredentials(ctx context.Context, client *m.Clie
// OauthRefreshToken 验证刷新令牌 // OauthRefreshToken 验证刷新令牌
func (s *authService) OauthRefreshToken(ctx context.Context, _ *m.Client, refreshToken string, scope ...[]string) (*auth2.TokenDetails, error) { func (s *authService) OauthRefreshToken(ctx context.Context, _ *m.Client, refreshToken string, scope ...[]string) (*auth2.TokenDetails, error) {
// TODO: 从数据库验证刷新令牌
details, err := auth2.RefreshSession(ctx, refreshToken, true) details, err := auth2.RefreshSession(ctx, refreshToken, true)
if err != nil { if err != nil {
return nil, err return nil, err

51
web/services/channel.go
View File

@@ -472,7 +472,7 @@ func assignShortChannels(
) )
} }
// 筛选可用端口 todo auth all // 筛选可用端口
var portConfigs = make([]g.PortConfigsReq, 0, acc) var portConfigs = make([]g.PortConfigsReq, 0, acc)
for port := 10000; port < 20000 && len(portConfigs) < acc; port++ { for port := 10000; port < 20000 && len(portConfigs) < acc; port++ {
// 跳过存在的端口 // 跳过存在的端口
@@ -504,23 +504,17 @@ func assignShortChannels(
Expiration: orm.LocalDateTime(config.Expiration), Expiration: orm.LocalDateTime(config.Expiration),
} }
switch { if config.AuthIp {
case config.AuthIp:
portConf.Whitelist = &config.Whitelists portConf.Whitelist = &config.Whitelists
portConf.Userpass = u.P("")
newChannel.AuthIP = true newChannel.AuthIP = true
}
case config.AuthPass: if config.AuthPass {
username, password := genPassPair() username, password := genPassPair()
portConf.Whitelist = &[]string{}
portConf.Userpass = u.P(fmt.Sprintf("%s:%s", username, password)) portConf.Userpass = u.P(fmt.Sprintf("%s:%s", username, password))
newChannel.AuthPass = true newChannel.AuthPass = true
newChannel.Username = username newChannel.Username = username
newChannel.Password = password newChannel.Password = password
default:
return nil, ChannelServiceErr("不支持的通道认证方式")
} }
portConfigs = append(portConfigs, portConf) portConfigs = append(portConfigs, portConf)
@@ -562,10 +556,16 @@ func assignLongChannels(q *q.Query, userId int32, count int, config ChannelCreat
var edges = make([]struct { var edges = make([]struct {
m.Edge m.Edge
Count int Count int
Host string
}, 0) }, 0)
err := q.Edge. err := q.Edge.
LeftJoin(q.Channel, q.Channel.EdgeID.EqCol(q.Edge.ID)). LeftJoin(q.Channel, q.Channel.EdgeID.EqCol(q.Edge.ID)).
Select(q.Edge.ALL, q.Channel.ALL.Count().As("count")). LeftJoin(q.Proxy, q.Proxy.ID.EqCol(q.Edge.ProxyID)).
Select(
q.Edge.ALL,
q.Channel.ALL.Count().As("count"),
q.Proxy.Host,
).
Group(q.Edge.ID). Group(q.Edge.ID).
Where( Where(
q.Edge.Prov.Eq(filter.Prov), q.Edge.Prov.Eq(filter.Prov),
@@ -586,7 +586,9 @@ func assignLongChannels(q *q.Query, userId int32, count int, config ChannelCreat
total += edge.Count total += edge.Count
} }
var avg = int(math.Ceil(float64(total) / float64(len(edges)))) var avg = int(math.Ceil(float64(total) / float64(len(edges))))
var channels = make([]*m.Channel, 0, count) var channels = make([]*m.Channel, 0, count)
var reqs = make(map[string][]*g.ProxyPermitConfig)
for _, edge := range edges { for _, edge := range edges {
prev := edge.Count prev := edge.Count
next := int(math.Max(float64(prev), float64(int(math.Min(float64(avg), float64(total)))))) next := int(math.Max(float64(prev), float64(int(math.Min(float64(avg), float64(total))))))
@@ -613,10 +615,35 @@ func assignLongChannels(q *q.Query, userId int32, count int, config ChannelCreat
channel.Password = password channel.Password = password
} }
channels = append(channels, channel) channels = append(channels, channel)
req := &g.ProxyPermitConfig{
Id: channel.EdgeID,
Expire: time.Time(channel.Expiration),
}
if channel.AuthIP {
req.Whitelists = &config.Whitelists
}
if channel.AuthPass {
req.Username = &channel.Username
req.Password = &channel.Password
}
reqs[edge.Host] = append(reqs[edge.Host], req)
} }
} }
// todo 发送配置到网关 // 发送配置到网关
if env.DebugExternalChange {
var step = time.Now()
for host, reqs := range reqs {
err := g.Proxy.Permit(host, reqs)
if err != nil {
return nil, err
}
}
slog.Debug("提交端口配置", "step", time.Since(step))
}
return channels, nil return channels, nil
} }