优化数据连接处理逻辑，避免数据通道连接空等待问题；授权部分添加全局白名单支持；现在节点丢失连接后不会清空授权数据

2025-05-23 18:59:53 +08:00
parent 12038f0af7
commit 52907b3fae
10 changed files with 170 additions and 92 deletions
--- a/gateway/fwd/auth/auth.go
+++ b/gateway/fwd/auth/auth.go
@@ -5,6 +5,8 @@ import (
 	"net"
 	"proxy-server/gateway/app"
 	"proxy-server/gateway/core"
+	"proxy-server/gateway/env"
+	"slices"
 	"strconv"
 	"time"

@@ -35,6 +37,21 @@ func Protect(conn net.Conn, proto Protocol, username, password *string) (*core.A
 		return nil, fmt.Errorf("noAuth 认证失败: %w", err)
 	}

+	var id, _ = app.Assigns.Load(uint16(localPort))
+
+	// 检查全局白名单
+	var remoteIp = net.ParseIP(remoteHost)
+	if remoteIp == nil {
+		return nil, fmt.Errorf("无法解析 IP 地址: %s", remoteHost)
+	}
+	if slices.ContainsFunc(env.AuthWhitelist, func(ip net.IP) bool { return ip.Equal(remoteIp) }) {
+		return &core.AuthContext{
+			Payload: core.Payload{
+				ID: id,
+			},
+		}, nil
+	}
+
 	// 查找权限配置
 	var permit = app.LoadPermit(uint16(localPort))
 	if permit == nil {
@@ -68,9 +85,7 @@ func Protect(conn net.Conn, proto Protocol, username, password *string) (*core.A
 		}
 	}

-	var id, _ = app.Assigns.Load(uint16(localPort))
 	return &core.AuthContext{
-		Timeout: time.Since(permit.Expire).Seconds(),
 		Payload: core.Payload{
 			ID: id,
 		},