xofine/SiteProxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
90e91a5579aa215330e0385809a9ff408d675b86
SiteProxy/auth/middleware.go
XOF 90e91a5579 添加 auth/middleware.go
2025-12-15 01:14:34 +08:00

188 lines
5.1 KiB
Go
Raw Blame History

// auth/middleware.go
package auth
import (
"crypto/subtle"
"net/http"
"time"
)
type AuthMiddleware struct {
username string
password string
sessions *SessionManager
}
func NewAuthMiddleware(username, password string, sessions *SessionManager) *AuthMiddleware {
return &AuthMiddleware{
username: username,
password: password,
sessions: sessions,
}
}
func (a *AuthMiddleware) Login(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
a.serveLoginPage(w)
return
}
if r.Method != "POST" {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
username := r.FormValue("username")
password := r.FormValue("password")
// 使用常量时间比较防止时序攻击
usernameMatch := subtle.ConstantTimeCompare([]byte(username), []byte(a.username)) == 1
passwordMatch := subtle.ConstantTimeCompare([]byte(password), []byte(a.password)) == 1
if usernameMatch && passwordMatch {
sessionID := a.sessions.Create(30 * time.Minute)
http.SetCookie(w, &http.Cookie{
Name: "session_id",
Value: sessionID,
Path: "/",
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteStrictMode,
MaxAge: 1800,
})
http.Redirect(w, r, "/", http.StatusSeeOther)
return
}
// 登录失败,延迟响应防止暴力破解
time.Sleep(2 * time.Second)
http.Redirect(w, r, "/login?error=1", http.StatusSeeOther)
}
func (a *AuthMiddleware) Logout(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("session_id")
if err == nil {
a.sessions.Delete(cookie.Value)
}
http.SetCookie(w, &http.Cookie{
Name: "session_id",
Value: "",
Path: "/",
HttpOnly: true,
Secure: true,
MaxAge: -1,
})
http.Redirect(w, r, "/login", http.StatusSeeOther)
}
func (a *AuthMiddleware) Require(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
cookie, err := r.Cookie("session_id")
if err != nil || !a.sessions.Valid(cookie.Value) {
http.Redirect(w, r, "/login", http.StatusFound)
return
}
next.ServeHTTP(w, r)
})
}
func (a *AuthMiddleware) serveLoginPage(w http.ResponseWriter) {
html := `<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Login - Secure Site Proxy</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
}
.login-container {
background: white;
padding: 40px;
border-radius: 10px;
box-shadow: 0 10px 40px rgba(0,0,0,0.2);
width: 100%;
max-width: 400px;
}
h1 {
text-align: center;
margin-bottom: 30px;
color: #333;
}
.form-group {
margin-bottom: 20px;
}
label {
display: block;
margin-bottom: 5px;
color: #555;
font-weight: 500;
}
input {
width: 100%;
padding: 12px;
border: 2px solid #e0e0e0;
border-radius: 5px;
font-size: 14px;
transition: border-color 0.3s;
}
input:focus {
outline: none;
border-color: #667eea;
}
button {
width: 100%;
padding: 12px;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
border: none;
border-radius: 5px;
font-size: 16px;
font-weight: 600;
cursor: pointer;
transition: transform 0.2s;
}
button:hover {
transform: translateY(-2px);
}
.error {
background: #fee;
color: #c33;
padding: 10px;
border-radius: 5px;
margin-bottom: 20px;
text-align: center;
}
</style>
</head>
<body>
<div class="login-container">
<h1>🔒 Secure Login</h1>
<form method="POST" action="/login">
<div class="form-group">
<label for="username">Username</label>
<input type="text" id="username" name="username" required autofocus>
</div>
<div class="form-group">
<label for="password">Password</label>
<input type="password" id="password" name="password" required>
</div>
<button type="submit">Login</button>
</form>
</div>
</body>
</html>`
w.Header().Set("Content-Type", "text/html; charset=utf-8")
w.Write([]byte(html))
}
Reference in New Issue View Git Blame Copy Permalink