GithubFollow/One-KVM
1
0
Fork 0
mirror of https://github.com/mofeng-git/One-KVM.git synced 2025-12-15 18:50:29 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

unique token for each separate logins

Browse Source
This commit is contained in:
Maxim Devaev 2024-01-08 23:50:38 +02:00
parent f355c38fe1
commit 0676a3cee9
2 changed files with 29 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
kvmd/apps/kvmd/auth.py
View File

@ -117,9 +117,6 @@ class AuthManager:
assert user assert user
assert self.__enabled assert self.__enabled
if (await self.authorize(user, passwd)): if (await self.authorize(user, passwd)):
for (token, token_user) in self.__tokens.items():
if user == token_user:
return token
token = self.__make_new_token() token = self.__make_new_token()
self.__tokens[token] = user self.__tokens[token] = user
get_logger().info("Logged in user %r", user) get_logger().info("Logged in user %r", user)
@ -136,9 +133,14 @@ class AuthManager:
def logout(self, token: str) -> None: def logout(self, token: str) -> None:
assert self.__enabled assert self.__enabled
user = self.__tokens.pop(token, "") if token in self.__tokens:
if user: user = self.__tokens[token]
get_logger().info("Logged out user %r", user) count = 0
for (r_token, r_user) in list(self.__tokens.items()):
if r_user == user:
count += 1
del self.__tokens[r_token]
get_logger().info("Logged out user %r (%d)", user, count)
def check(self, token: str) -> (str | None): def check(self, token: str) -> (str | None):
assert self.__enabled assert self.__enabled

31
testenv/tests/apps/kvmd/test_auth.py
View File

@ -100,19 +100,30 @@ async def test_ok__internal(tmpdir) -> None: # type: ignore
assert (await manager.login("admin", "foo")) is None assert (await manager.login("admin", "foo")) is None
assert (await manager.login("user", "pass")) is None assert (await manager.login("user", "pass")) is None
token = await manager.login("admin", "pass") token1 = await manager.login("admin", "pass")
assert isinstance(token, str) assert isinstance(token1, str)
assert len(token) == 64 assert len(token1) == 64
again = await manager.login("admin", "pass") token2 = await manager.login("admin", "pass")
assert token == again assert isinstance(token2, str)
assert len(token2) == 64
assert token1 != token2
assert manager.check(token) == "admin" assert manager.check(token1) == "admin"
manager.logout(token) assert manager.check(token2) == "admin"
assert manager.check(token) is None assert manager.check("foobar") is None
again = await manager.login("admin", "pass") manager.logout(token1)
assert token != again
assert manager.check(token1) is None
assert manager.check(token2) is None
assert manager.check("foobar") is None
token3 = await manager.login("admin", "pass")
assert isinstance(token3, str)
assert len(token3) == 64
assert token1 != token3
assert token2 != token3
@pytest.mark.asyncio @pytest.mark.asyncio