GithubFollow/One-KVM
1
0
Fork 0
mirror of https://github.com/mofeng-git/One-KVM.git synced 2025-12-12 01:00:29 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

additional checks for auth token

Browse Source
This commit is contained in:
Maxim Devaev 2024-01-08 21:45:30 +02:00
parent 4457187a86
commit f355c38fe1
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
kvmd/apps/kvmd/auth.py
View File

@ -120,13 +120,20 @@ class AuthManager:
for (token, token_user) in self.__tokens.items(): for (token, token_user) in self.__tokens.items():
if user == token_user: if user == token_user:
return token return token
token = secrets.token_hex(32) token = self.__make_new_token()
self.__tokens[token] = user self.__tokens[token] = user
get_logger().info("Logged in user %r", user) get_logger().info("Logged in user %r", user)
return token return token
else: else:
return None return None
def __make_new_token(self) -> str:
for _ in range(10):
token = secrets.token_hex(32)
if token not in self.__tokens:
return token
raise AssertionError("Can't generate new unique token")
def logout(self, token: str) -> None: def logout(self, token: str) -> None:
assert self.__enabled assert self.__enabled
user = self.__tokens.pop(token, "") user = self.__tokens.pop(token, "")