Merge branch 'dev'

app/Console/Commands/ResetUser.php

@@ -0,0 +1,55 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Plan;
+use App\Utils\Helper;
+use Illuminate\Console\Command;
+use App\Models\User;
+use Illuminate\Support\Facades\DB;
+
+class ResetUser extends Command
+{
+    protected $builder;
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'reset:user';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = '重置所有用户信息';
+
+    /**
+     * Create a new command instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        parent::__construct();
+    }
+
+    /**
+     * Execute the console command.
+     *
+     * @return mixed
+     */
+    public function handle()
+    {
+        ini_set('memory_limit', -1);
+        $users = User::all();
+        foreach ($users as $user)
+        {
+            $user->token = Helper::guid();
+            $user->uuid = Helper::guid(true);
+            $user->save();
+            $this->info("已重置用户{$user->email}的安全信息");
+        }
+    }
+}

app/Console/Commands/Test.php

@@ -2,7 +2,6 @@
 
 namespace App\Console\Commands;
 
-use App\Utils\Helper;
 use Illuminate\Console\Command;
 
 class Test extends Command

app/Console/Commands/V2boardUpdate.php

@@ -58,5 +58,7 @@ class V2boardUpdate extends Command
             }
         }
         $this->info('更新完毕，请重新启动队列服务。');
+        \Artisan::call('cache:clear');
+        \Artisan::call('config:cache');
     }
 }

app/Http/Controllers/Passport/AuthController.php

@@ -17,7 +17,6 @@ use App\Utils\Helper;
 use App\Utils\Dict;
 use App\Utils\CacheKey;
 use ReCaptcha\ReCaptcha;
-use Firebase\JWT\JWT;
 
 class AuthController extends Controller
 {
@@ -181,7 +180,7 @@ class AuthController extends Controller
         $authService = new AuthService($user);
 
         return response()->json([
-            'data' => $authService->generateAuthData('register')
+            'data' => $authService->generateAuthData($request)
         ]);
     }
 
@@ -220,7 +219,7 @@ class AuthController extends Controller
 
         $authService = new AuthService($user);
         return response([
-            'data' => $authService->generateAuthData('login')
+            'data' => $authService->generateAuthData($request)
         ]);
     }
 
@@ -252,7 +251,7 @@ class AuthController extends Controller
             Cache::forget($key);
             $authService = new AuthService($user);
             return response([
-                'data' => $authService->generateAuthData('token')
+                'data' => $authService->generateAuthData($request)
             ]);
         }
     }

app/Services/AuthService.php

@@ -2,10 +2,13 @@
 
 namespace App\Services;
 
+use App\Utils\CacheKey;
+use App\Utils\Helper;
 use Firebase\JWT\JWT;
 use Firebase\JWT\Key;
 use App\Models\User;
 use Illuminate\Support\Facades\Cache;
+use Illuminate\Http\Request;
 
 class AuthService
 {
@@ -16,26 +19,29 @@ class AuthService
         $this->user = $user;
     }
 
-    public function generateAuthData($utm)
+    public function generateAuthData(Request $request)
     {
+        $guid = Helper::guid();
+        $authData = JWT::encode([
+            'id' => $this->user->id,
+            'session' => $guid,
+        ], config('app.key'), 'HS256');
+        self::addSession($this->user->id, $guid, [
+            'ip' => $request->ip()
+        ]);
         return [
             'token' => $this->user->token,
             'is_admin' => $this->user->is_admin,
-            'auth_data' => JWT::encode([
+            'auth_data' => $authData
-                'expired_at' => time() + 3600,
-                'id' => $this->user->id,
-                'utm' => $utm,
-            ], config('app.key'), 'HS256')
         ];
     }
 
-
     public static function decryptAuthData($jwt)
     {
         try {
             if (!Cache::has($jwt)) {
                 $data = (array)JWT::decode($jwt, new Key(config('app.key'), 'HS256'));
-                if ($data['expired_at'] < time()) return false;
+                if (!self::checkSession($data['id'], $data['session'])) return false;
                 $user = User::select([
                     'id',
                     'email',
@@ -51,4 +57,27 @@ class AuthService
             return false;
         }
     }
+
+    private static function checkSession($userId, $session)
+    {
+        $sessions = (array)Cache::get(CacheKey::get("USER_SESSIONS", $userId)) ?? [];
+        if (!in_array($session, array_keys($sessions))) return false;
+        return true;
+    }
+
+    private static function addSession($userId, $guid, $meta)
+    {
+        $cacheKey = CacheKey::get("USER_SESSIONS", $userId);
+        $sessions = (array)Cache::get($cacheKey, []);
+        $sessions[$guid] = $meta;
+        if (!Cache::put(
+            $cacheKey,
+            $sessions
+        )) return false;
+    }
+
+    public function getSessions()
+    {
+        return (array)Cache::get(CacheKey::get("USER_SESSIONS", $this->user->id), []);
+    }
 }

app/Services/ServerService.php

@@ -119,7 +119,8 @@ class ServerService
             ->where('banned', 0)
             ->select([
                 'id',
-                'uuid'
+                'uuid',
+                'speed_limit'
             ])
             ->get();
     }

app/Utils/CacheKey.php

@@ -21,7 +21,8 @@ class CacheKey
         'SCHEDULE_LAST_CHECK_AT' => '计划任务最后检查时间',
         'REGISTER_IP_RATE_LIMIT' => '注册频率限制',
         'LAST_SEND_LOGIN_WITH_MAIL_LINK_TIMESTAMP' => '最后一次发送登入链接时间',
-        'PASSWORD_ERROR_LIMIT' => '密码错误次数限制'
+        'PASSWORD_ERROR_LIMIT' => '密码错误次数限制',
+        'USER_SESSIONS' => '用户session'
     ];
 
     public static function get(string $key, $uniqueValue)

config/app.php

@@ -237,5 +237,5 @@ return [
     | The only modification by laravel config
     |
     */
-    'version' => '1.7.0'
+    'version' => '1.7.1.1671082585916'
 ];

database/install.sql

@@ -198,7 +198,7 @@ DROP TABLE IF EXISTS `v2_server_route`;
 CREATE TABLE `v2_server_route` (
                                    `id` int(11) NOT NULL AUTO_INCREMENT,
                                    `remarks` varchar(255) NOT NULL,
-                                   `match` varchar(255) NOT NULL,
+                                   `match` text NOT NULL,
                                    `action` varchar(11) NOT NULL,
                                    `action_value` varchar(255) DEFAULT NULL,
                                    `created_at` int(11) NOT NULL,
@@ -397,4 +397,4 @@ CREATE TABLE `v2_user` (
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 
--- 2022-11-27 07:09:04
+-- 2022-12-15 05:24:08

database/update.sql

@@ -639,3 +639,6 @@ CREATE TABLE `v2_server_route` (
                                    `updated_at` int(11) NOT NULL,
                                    PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+ALTER TABLE `v2_server_route`
+    CHANGE `match` `match` text COLLATE 'utf8mb4_general_ci' NOT NULL AFTER `remarks`;

update.sh

@@ -5,7 +5,6 @@ rm -rf composer.lock composer.phar
 wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
 php composer.phar update -vvv
 php artisan v2board:update
-php artisan config:cache
 
 if [ -f "/etc/init.d/bt" ]; then
   chown -R www $(pwd);

update_dev.sh

@@ -6,7 +6,6 @@ rm -rf composer.lock composer.phar
 wget https://github.com/composer/composer/releases/latest/download/composer.phar -O composer.phar
 php composer.phar update -vvv
 php artisan v2board:update
-php artisan config:cache
 
 if [ -f "/etc/init.d/bt" ]; then
   chown -R www $(pwd);