mirror/ezbookkeeping
1
0
Fork 0
mirror of https://github.com/mayswind/ezbookkeeping.git synced 2026-05-21 10:14:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

create user token via cli

Browse Source
This commit is contained in:
MaysWind
2024-11-09 23:43:27 +08:00
parent 79fd9070e4
commit b8253b6dcc
6 changed files with 158 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cmd/user_data.go
+34
View File
@@ -192,6 +192,19 @@ var UserData = &cli.Command{
}, },
}, },
}, },
{
Name: "user-session-new",
Usage: "Create new session for user",
Action: bindAction(createNewUserToken),
Flags: []cli.Flag{
&cli.StringFlag{
Name: "username",
Aliases: []string{"n"},
Required: true,
Usage: "Specific user name",
},
},
},
{ {
Name: "user-session-clear", Name: "user-session-clear",
Usage: "Clear user all sessions", Usage: "Clear user all sessions",
@@ -549,6 +562,27 @@ func listUserTokens(c *core.CliContext) error {
return nil return nil
} }
func createNewUserToken(c *core.CliContext) error {
_, err := initializeSystem(c)
if err != nil {
return err
}
username := c.String("username")
token, tokenString, err := clis.UserData.CreateNewUserToken(c, username)
if err != nil {
log.CliErrorf(c, "[user_data.createNewUserToken] error occurs when creating user token")
return err
}
printTokenInfo(token)
fmt.Printf("[NewToken] %s\n", tokenString)
return nil
}
func clearUserTokens(c *core.CliContext) error { func clearUserTokens(c *core.CliContext) error {
_, err := initializeSystem(c) _, err := initializeSystem(c)
pkg/cli/user_data.go
+24
View File
@@ -352,6 +352,30 @@ func (l *UserDataCli) ListUserTokens(c *core.CliContext, username string) ([]*mo
return tokens, nil return tokens, nil
} }
// CreateNewUserToken returns a new token for the specified user
func (l *UserDataCli) CreateNewUserToken(c *core.CliContext, username string) (*models.TokenRecord, string, error) {
if username == "" {
log.CliErrorf(c, "[user_data.CreateNewUserToken] user name is empty")
return nil, "", errs.ErrUsernameIsEmpty
}
user, err := l.GetUserByUsername(c, username)
if err != nil {
log.CliErrorf(c, "[user_data.CreateNewUserToken] error occurs when getting user by user name")
return nil, "", err
}
token, tokenRecord, err := l.tokens.CreateTokenViaCli(c, user)
if err != nil {
log.CliErrorf(c, "[user_data.CreateNewUserToken] failed to create token for user \"%s\", because %s", username, err.Error())
return nil, "", err
}
return tokenRecord, token, nil
}
// ClearUserTokens clears all tokens of the specified user // ClearUserTokens clears all tokens of the specified user
func (l *UserDataCli) ClearUserTokens(c *core.CliContext, username string) error { func (l *UserDataCli) ClearUserTokens(c *core.CliContext, username string) error {
if username == "" { if username == "" {
pkg/services/tokens.go
+23 -11
View File
@@ -78,34 +78,46 @@ func (s *TokenService) ParseTokenByCookie(c *core.WebContext, tokenCookieName st
return s.parseToken(c, utils.CookieExtractor{tokenCookieName}) return s.parseToken(c, utils.CookieExtractor{tokenCookieName})
} }
// CreateTokenViaCli generates a new normal token and saves to database
func (s *TokenService) CreateTokenViaCli(c *core.CliContext, user *models.User) (string, *models.TokenRecord, error) {
token, _, tokenRecord, err := s.createToken(c, user, core.USER_TOKEN_TYPE_NORMAL, "ezbookkeeping Cli", s.CurrentConfig().TokenExpiredTimeDuration)
return token, tokenRecord, err
}
// CreateToken generates a new normal token and saves to database // CreateToken generates a new normal token and saves to database
func (s *TokenService) CreateToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) { func (s *TokenService) CreateToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) {
return s.createToken(c, user, core.USER_TOKEN_TYPE_NORMAL, s.getUserAgent(c), s.CurrentConfig().TokenExpiredTimeDuration) token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_NORMAL, s.getUserAgent(c), s.CurrentConfig().TokenExpiredTimeDuration)
return token, claims, err
} }
// CreateRequire2FAToken generates a new token requiring user to verify 2fa passcode and saves to database // CreateRequire2FAToken generates a new token requiring user to verify 2fa passcode and saves to database
func (s *TokenService) CreateRequire2FAToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) { func (s *TokenService) CreateRequire2FAToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) {
return s.createToken(c, user, core.USER_TOKEN_TYPE_REQUIRE_2FA, s.getUserAgent(c), s.CurrentConfig().TemporaryTokenExpiredTimeDuration) token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_REQUIRE_2FA, s.getUserAgent(c), s.CurrentConfig().TemporaryTokenExpiredTimeDuration)
return token, claims, err
} }
// CreateEmailVerifyToken generates a new email verify token and saves to database // CreateEmailVerifyToken generates a new email verify token and saves to database
func (s *TokenService) CreateEmailVerifyToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) { func (s *TokenService) CreateEmailVerifyToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) {
return s.createToken(c, user, core.USER_TOKEN_TYPE_EMAIL_VERIFY, s.getUserAgent(c), s.CurrentConfig().EmailVerifyTokenExpiredTimeDuration) token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_EMAIL_VERIFY, s.getUserAgent(c), s.CurrentConfig().EmailVerifyTokenExpiredTimeDuration)
return token, claims, err
} }
// CreateEmailVerifyTokenWithoutUserAgent generates a new email verify token and saves to database // CreateEmailVerifyTokenWithoutUserAgent generates a new email verify token and saves to database
func (s *TokenService) CreateEmailVerifyTokenWithoutUserAgent(c core.Context, user *models.User) (string, *core.UserTokenClaims, error) { func (s *TokenService) CreateEmailVerifyTokenWithoutUserAgent(c core.Context, user *models.User) (string, *core.UserTokenClaims, error) {
return s.createToken(c, user, core.USER_TOKEN_TYPE_EMAIL_VERIFY, "", s.CurrentConfig().EmailVerifyTokenExpiredTimeDuration) token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_EMAIL_VERIFY, "", s.CurrentConfig().EmailVerifyTokenExpiredTimeDuration)
return token, claims, err
} }
// CreatePasswordResetToken generates a new password reset token and saves to database // CreatePasswordResetToken generates a new password reset token and saves to database
func (s *TokenService) CreatePasswordResetToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) { func (s *TokenService) CreatePasswordResetToken(c *core.WebContext, user *models.User) (string, *core.UserTokenClaims, error) {
return s.createToken(c, user, core.USER_TOKEN_TYPE_PASSWORD_RESET, s.getUserAgent(c), s.CurrentConfig().PasswordResetTokenExpiredTimeDuration) token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_PASSWORD_RESET, s.getUserAgent(c), s.CurrentConfig().PasswordResetTokenExpiredTimeDuration)
return token, claims, err
} }
// CreatePasswordResetTokenWithoutUserAgent generates a new password reset token and saves to database // CreatePasswordResetTokenWithoutUserAgent generates a new password reset token and saves to database
func (s *TokenService) CreatePasswordResetTokenWithoutUserAgent(c core.Context, user *models.User) (string, *core.UserTokenClaims, error) { func (s *TokenService) CreatePasswordResetTokenWithoutUserAgent(c core.Context, user *models.User) (string, *core.UserTokenClaims, error) {
return s.createToken(c, user, core.USER_TOKEN_TYPE_PASSWORD_RESET, "", s.CurrentConfig().PasswordResetTokenExpiredTimeDuration) token, claims, _, err := s.createToken(c, user, core.USER_TOKEN_TYPE_PASSWORD_RESET, "", s.CurrentConfig().PasswordResetTokenExpiredTimeDuration)
return token, claims, err
} }
// UpdateTokenLastSeen updates the last seen time of specified token // UpdateTokenLastSeen updates the last seen time of specified token
@@ -350,7 +362,7 @@ func (s *TokenService) parseToken(c *core.WebContext, extractor request.Extracto
return token, claims, err return token, claims, err
} }
func (s *TokenService) createToken(c core.Context, user *models.User, tokenType core.TokenType, userAgent string, expiryDate time.Duration) (string, *core.UserTokenClaims, error) { func (s *TokenService) createToken(c core.Context, user *models.User, tokenType core.TokenType, userAgent string, expiryDate time.Duration) (string, *core.UserTokenClaims, *models.TokenRecord, error) {
var err error var err error
now := time.Now() now := time.Now()
@@ -365,7 +377,7 @@ func (s *TokenService) createToken(c core.Context, user *models.User, tokenType
} }
if tokenRecord.Secret, err = utils.GetRandomString(10); err != nil { if tokenRecord.Secret, err = utils.GetRandomString(10); err != nil {
return "", nil, err return "", nil, nil, err
} }
claims := &core.UserTokenClaims{ claims := &core.UserTokenClaims{
@@ -381,16 +393,16 @@ func (s *TokenService) createToken(c core.Context, user *models.User, tokenType
tokenString, err := jwtToken.SignedString([]byte(tokenRecord.Secret)) tokenString, err := jwtToken.SignedString([]byte(tokenRecord.Secret))
if err != nil { if err != nil {
return "", nil, err return "", nil, nil, err
} }
err = s.createTokenRecord(c, tokenRecord) err = s.createTokenRecord(c, tokenRecord)
if err != nil { if err != nil {
return "", nil, err return "", nil, nil, err
} }
return tokenString, claims, err return tokenString, claims, tokenRecord, err
} }
func (s *TokenService) getTokenRecord(c core.Context, uid int64, userTokenId int64, createUnixTime int64) (*models.TokenRecord, error) { func (s *TokenService) getTokenRecord(c core.Context, uid int64, userTokenId int64, createUnixTime int64) (*models.TokenRecord, error) {
src/lib/misc.js
+47 -5
View File
@@ -99,6 +99,10 @@ export function generateRandomUUID() {
return uuid; return uuid;
} }
export function isSessionUserAgentCreatedByCli(ua) {
return ua === 'ezbookkeeping Cli';
}
export function parseUserAgent(ua) { export function parseUserAgent(ua) {
const uaParseRet = uaParser(ua); const uaParseRet = uaParser(ua);
@@ -119,13 +123,16 @@ export function parseUserAgent(ua) {
}; };
} }
export function parseDeviceInfo(ua) { export function parseDeviceInfo(uaInfo) {
const uaInfo = parseUserAgent(ua); if (!uaInfo) {
return '';
}
let result = ''; let result = '';
if (uaInfo.device.model) { if (uaInfo.device && uaInfo.device.model) {
result = uaInfo.device.model; result = uaInfo.device.model;
} else if (uaInfo.os.name) { } else if (uaInfo.os && uaInfo.os.name) {
result = uaInfo.os.name; result = uaInfo.os.name;
if (uaInfo.os.version) { if (uaInfo.os.version) {
@@ -133,7 +140,7 @@ export function parseDeviceInfo(ua) {
} }
} }
if (uaInfo.browser.name) { if (uaInfo.browser && uaInfo.browser.name) {
let browserInfo = uaInfo.browser.name; let browserInfo = uaInfo.browser.name;
if (uaInfo.browser.version) { if (uaInfo.browser.version) {
@@ -154,6 +161,41 @@ export function parseDeviceInfo(ua) {
return result; return result;
} }
export function parseSessionInfo(token) {
const isCreatedByCli = isSessionUserAgentCreatedByCli(token.userAgent);
const uaInfo = parseUserAgent(token.userAgent);
let deviceType = '';
if (isCreatedByCli) {
deviceType = 'cli';
} else {
if (uaInfo && uaInfo.device) {
if (uaInfo.device.type === 'mobile') {
deviceType = 'phone';
} else if (uaInfo.device.type === 'wearable') {
deviceType = 'wearable';
} else if (uaInfo.device.type === 'tablet') {
deviceType = 'tablet';
} else if (uaInfo.device.type === 'smarttv') {
deviceType = 'tv';
} else {
deviceType = 'default';
}
} else {
deviceType = 'default';
}
}
return {
tokenId: token.tokenId,
isCurrent: token.isCurrent,
deviceType: deviceType,
deviceInfo: isCreatedByCli ? token.userAgent : parseDeviceInfo(uaInfo),
createdByCli: isCreatedByCli,
lastSeen: token.lastSeen
}
}
export function makeButtonCopyToClipboard({ text, el, successCallback, errorCallback }) { export function makeButtonCopyToClipboard({ text, el, successCallback, errorCallback }) {
const clipboard = new Clipboard(el, { const clipboard = new Clipboard(el, {
text: function () { text: function () {
src/views/desktop/user/settings/tabs/UserSecuritySettingTab.vue
+15 -23
View File
@@ -106,10 +106,10 @@
v-for="session in sessions"> v-for="session in sessions">
<td class="text-sm"> <td class="text-sm">
<v-icon start :icon="session.icon"/> <v-icon start :icon="session.icon"/>
{{ session.deviceType }} {{ $t(session.isCurrent ? 'Current' : 'Other Device') }}
</td> </td>
<td class="text-sm">{{ session.deviceInfo }}</td> <td class="text-sm">{{ session.deviceInfo }}</td>
<td class="text-sm">{{ session.lastSeen }}</td> <td class="text-sm">{{ session.lastSeenDateTime }}</td>
<td class="text-sm text-right"> <td class="text-sm text-right">
<v-btn density="comfortable" color="error" variant="tonal" <v-btn density="comfortable" color="error" variant="tonal"
:disabled="session.isCurrent || loadingSession" :disabled="session.isCurrent || loadingSession"
@@ -136,7 +136,7 @@ import { useUserStore } from '@/stores/user.js';
import { useTokensStore } from '@/stores/token.js'; import { useTokensStore } from '@/stores/token.js';
import { isEquals } from '@/lib/common.js'; import { isEquals } from '@/lib/common.js';
import { parseDeviceInfo, parseUserAgent } from '@/lib/misc.js'; import { parseSessionInfo } from '@/lib/misc.js';
import { import {
mdiRefresh, mdiRefresh,
@@ -144,6 +144,7 @@ import {
mdiTablet, mdiTablet,
mdiWatch, mdiWatch,
mdiTelevision, mdiTelevision,
mdiConsole,
mdiDevices mdiDevices
} from '@mdi/js'; } from '@mdi/js';
@@ -187,15 +188,10 @@ export default {
for (let i = 0; i < this.tokens.length; i++) { for (let i = 0; i < this.tokens.length; i++) {
const token = this.tokens[i]; const token = this.tokens[i];
const sessionInfo = parseSessionInfo(token);
sessions.push({ sessionInfo.icon = this.getTokenIcon(sessionInfo.deviceType);
tokenId: token.tokenId, sessionInfo.lastSeenDateTime = sessionInfo.lastSeen ? this.$locale.formatUnixTimeToLongDateTime(this.userStore, sessionInfo.lastSeen) : '-';
isCurrent: token.isCurrent, sessions.push(sessionInfo);
deviceType: this.$t(token.isCurrent ? 'Current' : 'Other Device'),
deviceInfo: parseDeviceInfo(token.userAgent),
icon: this.getTokenIcon(token),
lastSeen: token.lastSeen ? this.$locale.formatUnixTimeToLongDateTime(this.userStore, token.lastSeen) : '-'
});
} }
return sessions; return sessions;
@@ -335,21 +331,17 @@ export default {
}); });
}); });
}, },
getTokenIcon(token) { getTokenIcon(deviceType) {
const ua = parseUserAgent(token.userAgent); if (deviceType === 'phone') {
if (!ua || !ua.device) {
return mdiDevices;
}
if (ua.device.type === 'mobile') {
return mdiCellphone; return mdiCellphone;
} else if (ua.device.type === 'wearable') { } else if (deviceType === 'wearable') {
return mdiWatch; return mdiWatch;
} else if (ua.device.type === 'tablet') { } else if (deviceType === 'tablet') {
return mdiTablet; return mdiTablet;
} else if (ua.device.type === 'smarttv') { } else if (deviceType === 'tv') {
return mdiTelevision; return mdiTelevision;
} else if (deviceType === 'cli') {
return mdiConsole;
} else { } else {
return mdiDevices; return mdiDevices;
} }
src/views/mobile/users/SessionListPage.vue
+15 -24
View File
@@ -24,7 +24,7 @@
<f7-list strong inset dividers media-list class="margin-top" v-else-if="!loading"> <f7-list strong inset dividers media-list class="margin-top" v-else-if="!loading">
<f7-list-item class="list-item-media-valign-middle" swipeout <f7-list-item class="list-item-media-valign-middle" swipeout
:id="session.domId" :id="session.domId"
:title="session.deviceType" :title="$t(session.isCurrent ? 'Current' : 'Other Device')"
:text="session.deviceInfo" :text="session.deviceInfo"
:key="session.tokenId" :key="session.tokenId"
v-for="session in sessions"> v-for="session in sessions">
@@ -32,7 +32,7 @@
<f7-icon :f7="session.icon"></f7-icon> <f7-icon :f7="session.icon"></f7-icon>
</template> </template>
<template #after> <template #after>
<small>{{ session.lastSeen }}</small> <small>{{ session.lastSeenDateTime }}</small>
</template> </template>
<f7-swipeout-actions right v-if="!session.isCurrent"> <f7-swipeout-actions right v-if="!session.isCurrent">
<f7-swipeout-button color="red" :text="$t('Log Out')" @click="revoke(session)"></f7-swipeout-button> <f7-swipeout-button color="red" :text="$t('Log Out')" @click="revoke(session)"></f7-swipeout-button>
@@ -48,7 +48,7 @@ import { useUserStore } from '@/stores/user.js';
import { useTokensStore } from '@/stores/token.js'; import { useTokensStore } from '@/stores/token.js';
import { isEquals } from '@/lib/common.js'; import { isEquals } from '@/lib/common.js';
import { parseDeviceInfo, parseUserAgent } from '@/lib/misc.js'; import { parseSessionInfo } from '@/lib/misc.js';
import { onSwipeoutDeleted } from '@/lib/ui.mobile.js'; import { onSwipeoutDeleted } from '@/lib/ui.mobile.js';
@@ -74,16 +74,11 @@ export default {
for (let i = 0; i < this.tokens.length; i++) { for (let i = 0; i < this.tokens.length; i++) {
const token = this.tokens[i]; const token = this.tokens[i];
const sessionInfo = parseSessionInfo(token);
sessions.push({ sessionInfo.domId = this.getTokenDomId(sessionInfo.tokenId);
tokenId: token.tokenId, sessionInfo.icon = this.getTokenIcon(sessionInfo.deviceType);
domId: this.getTokenDomId(token.tokenId), sessionInfo.lastSeenDateTime = sessionInfo.lastSeen ? this.$locale.formatUnixTimeToLongDateTime(this.userStore, sessionInfo.lastSeen) : '-';
isCurrent: token.isCurrent, sessions.push(sessionInfo);
deviceType: this.$t(token.isCurrent ? 'Current' : 'Other Device'),
deviceInfo: parseDeviceInfo(token.userAgent),
icon: this.getTokenIcon(token),
lastSeen: token.lastSeen ? this.$locale.formatUnixTimeToLongDateTime(this.userStore, token.lastSeen) : '-'
});
} }
return sessions; return sessions;
@@ -191,21 +186,17 @@ export default {
}); });
}); });
}, },
getTokenIcon(token) { getTokenIcon(deviceType) {
const ua = parseUserAgent(token.userAgent); if (deviceType === 'phone') {
if (!ua || !ua.device) {
return 'device_desktop';
}
if (ua.device.type === 'mobile') {
return 'device_phone_portrait'; return 'device_phone_portrait';
} else if (ua.device.type === 'wearable') { } else if (deviceType === 'wearable') {
return 'device_phone_portrait'; return 'device_phone_portrait';
} else if (ua.device.type === 'tablet') { } else if (deviceType === 'tablet') {
return 'device_tablet_portrait'; return 'device_tablet_portrait';
} else if (ua.device.type === 'smarttv') { } else if (deviceType === 'tv') {
return 'tv'; return 'tv';
} else if (deviceType === 'cli') {
return 'chevron_left_slash_chevron_right';
} else { } else {
return 'device_desktop'; return 'device_desktop';
} }