lanhu/proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

使用 base32 解码传入的密钥;优化调试接口返回内容;新增 RUN_MODE,根据环境变量确定是否要公开调试接口

Browse Source
This commit is contained in:
luorijun
2025-05-22 14:52:31 +08:00
parent 8c824595f4
commit 12038f0af7
6 changed files with 71 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cmd/gateway/.env.example
View File

@@ -1,13 +0,0 @@
# 应用配置
APP_CTRL_PORT=18080
APP_DATA_PORT=18081
APP_WEB_PORT=8848
APP_LOG_MODE=dev# dev | test
# 数据库配置
DB_HOST=localhost
DB_PORT=5432
DB_DATABASE=app
DB_USERNAME=proxy
DB_PASSWORD=proxy
DB_TIMEZONE=Asia/Shanghai

16
gateway/core/security.go
View File

@@ -4,6 +4,7 @@ import (
"context" "context"
"crypto/aes" "crypto/aes"
"crypto/cipher" "crypto/cipher"
"encoding/base32"
"encoding/base64" "encoding/base64"
"encoding/json" "encoding/json"
"fmt" "fmt"
@@ -17,10 +18,16 @@ type SecuredReq struct {
Timestamp int64 `json:"timestamp"` Timestamp int64 `json:"timestamp"`
} }
func Decrypt[T any](req *SecuredReq, secret string) (resp *T, err error) { func Decrypt[T any](req *SecuredReq, secretStr string) (resp *T, err error) {
var encoding = base32.StdEncoding.WithPadding(base32.NoPadding)
secret, err := encoding.DecodeString(secretStr)
if err != nil {
return nil, fmt.Errorf("解码密钥失败: %w", err)
}
// 解密请求 // 解密请求
block, err := aes.NewCipher([]byte(secret)) block, err := aes.NewCipher(secret)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -30,7 +37,10 @@ func Decrypt[T any](req *SecuredReq, secret string) (resp *T, err error) {
return nil, err return nil, err
} }
var nonce = []byte(req.Nonce) nonce, err := encoding.DecodeString(req.Nonce)
if err != nil {
return nil, err
}
content, err := base64.StdEncoding.DecodeString(req.Content) content, err := base64.StdEncoding.DecodeString(req.Content)
if err != nil { if err != nil {

11
gateway/env/env.go vendored
View File

@@ -10,6 +10,8 @@ import (
) )
var ( var (
RunMode = "dev" // 运行模式dev: 开发模式prod: 生产模式
AppCtrlPort uint16 = 18080 AppCtrlPort uint16 = 18080
AppDataPort uint16 = 18081 AppDataPort uint16 = 18081
AppWebPort uint16 = 8848 AppWebPort uint16 = 8848
@@ -38,6 +40,15 @@ func Init() {
} }
var value string var value string
value = os.Getenv("RUN_MODE")
switch value {
case "dev", "prod":
RunMode = value
case "":
default:
panic(fmt.Sprintf("环境变量 RUN_MODE 格式错误: %s", value))
}
value = os.Getenv("APP_CTRL_PORT") value = os.Getenv("APP_CTRL_PORT")
if value != "" { if value != "" {
appCtrlPort, err := strconv.Atoi(value) appCtrlPort, err := strconv.Atoi(value)

47
gateway/web/handlers/info.go
View File

@@ -15,7 +15,10 @@ type InfoResp struct {
CtrlConnections int `json:"ctrl_connections"` CtrlConnections int `json:"ctrl_connections"`
DataConnections int `json:"data_connections"` DataConnections int `json:"data_connections"`
Edges []EdgeResp `json:"edges"` // Edges []EdgeResp `json:"edges"`
Assigns map[uint16]int32 `json:"assigns"`
Edges map[int32]uint16 `json:"edges"`
Permits map[int32]*core.Permit `json:"permits"`
} }
type EdgeResp struct { type EdgeResp struct {
@@ -26,18 +29,36 @@ type EdgeResp struct {
func Info(c *fiber.Ctx) error { func Info(c *fiber.Ctx) error {
var edges = make([]EdgeResp, 0) // var edges = make([]EdgeResp, 0)
app.Edges.Range(func(id int32, port uint16) bool { // app.Edges.Range(func(id int32, port uint16) bool {
permit, ok := app.Permits.Load(id) // permit, ok := app.Permits.Load(id)
if !ok { // if !ok {
return true // return true
} // }
//
// edges = append(edges, EdgeResp{
// Id: id,
// Port: port,
// Permit: permit,
// })
// return true
// })
edges = append(edges, EdgeResp{ var assigns = make(map[uint16]int32)
Id: id, app.Assigns.Range(func(port uint16, id int32) bool {
Port: port, assigns[port] = id
Permit: permit, return true
}) })
var edges = make(map[int32]uint16)
app.Edges.Range(func(id int32, port uint16) bool {
edges[id] = port
return true
})
var permits = make(map[int32]*core.Permit)
app.Permits.Range(func(id int32, permit *core.Permit) bool {
permits[id] = permit
return true return true
}) })
@@ -48,6 +69,8 @@ func Info(c *fiber.Ctx) error {
UserConnections: int(app.UserConnWg.Count()), UserConnections: int(app.UserConnWg.Count()),
CtrlConnections: int(app.CtrlConnWg.Count()), CtrlConnections: int(app.CtrlConnWg.Count()),
DataConnections: int(app.DataConnWg.Count()), DataConnections: int(app.DataConnWg.Count()),
Assigns: assigns,
Edges: edges, Edges: edges,
Permits: permits,
}) })
} }

13
gateway/web/router.go
View File

@@ -2,15 +2,18 @@ package web
import ( import (
"github.com/gofiber/fiber/v2" "github.com/gofiber/fiber/v2"
"proxy-server/gateway/env"
"proxy-server/gateway/web/handlers" "proxy-server/gateway/web/handlers"
) )
func Router(r *fiber.App) { func Router(r *fiber.App) {
var debug = r.Group("/debug")
debug.Get("/info", handlers.Info)
debug.Get("/consuming/list", handlers.GetConsuming)
debug.Get("/consuming/reset", handlers.RestConsuming)
var api = r.Group("/api") var api = r.Group("/api")
api.Post("/permit", handlers.Permit) api.Post("/permit", handlers.Permit)
if env.RunMode == "dev" {
var debug = r.Group("/debug")
debug.Get("/info", handlers.Info)
debug.Get("/consuming/list", handlers.GetConsuming)
debug.Get("/consuming/reset", handlers.RestConsuming)
}
} }

4
gateway/web/web.go
View File

@@ -1,6 +1,8 @@
package web package web
import ( import (
"github.com/gofiber/fiber/v2/middleware/logger"
"github.com/gofiber/fiber/v2/middleware/recover"
"log/slog" "log/slog"
"proxy-server/gateway/env" "proxy-server/gateway/env"
"strconv" "strconv"
@@ -23,6 +25,8 @@ func (s *Server) Run() error {
}) })
// 配置中间件和路由 // 配置中间件和路由
s.web.Use(recover.New())
s.web.Use(logger.New())
Router(s.web) Router(s.web)
// 启动服务 // 启动服务