- 增加登录日志

- 增加数据库索引
- 修改原生安装文档

pkg/api/account.go

@@ -11,6 +11,11 @@ import (
 	"github.com/labstack/echo/v4"
 )
 
+const (
+	RememberEffectiveTime    = time.Hour * time.Duration(24*14)
+	NotRememberEffectiveTime = time.Minute * time.Duration(2)
+)
+
 type LoginAccount struct {
 	Username string `json:"username"`
 	Password string `json:"password"`
@@ -53,7 +58,16 @@ func LoginEndpoint(c echo.Context) error {
 		return Fail(c, 0, "")
 	}
 
-	token := strings.Join([]string{utils.UUID(), utils.UUID(), utils.UUID(), utils.UUID()}, "")
+	token, err := Login(c, loginAccount, user)
+	if err != nil {
+		return err
+	}
+
+	return Success(c, token)
+}
+
+func Login(c echo.Context, loginAccount LoginAccount, user model.User) (token string, err error) {
+	token = strings.Join([]string{utils.UUID(), utils.UUID(), utils.UUID(), utils.UUID()}, "")
 
 	authorization := Authorization{
 		Token:    token,
@@ -63,14 +77,28 @@ func LoginEndpoint(c echo.Context) error {
 
 	if authorization.Remember {
 		// 记住登录有效期两周
-		global.Cache.Set(token, authorization, time.Hour*time.Duration(24*14))
+		global.Cache.Set(token, authorization, RememberEffectiveTime)
 	} else {
-		global.Cache.Set(token, authorization, time.Hour*time.Duration(2))
+		global.Cache.Set(token, authorization, NotRememberEffectiveTime)
 	}
 
-	model.UpdateUserById(&model.User{Online: true}, user.ID)
+	// 保存登录日志
+	loginLog := model.LoginLog{
+		ID:              token,
+		UserId:          user.ID,
+		ClientIP:        c.RealIP(),
+		ClientUserAgent: c.Request().UserAgent(),
+		LoginTime:       utils.NowJsonTime(),
+		Remember:        authorization.Remember,
+	}
 
-	return Success(c, token)
+	if model.CreateNewLoginLog(&loginLog) != nil {
+		return "", err
+	}
+
+	// 修改登录状态
+	model.UpdateUserById(&model.User{Online: true}, user.ID)
+	return token, nil
 }
 
 func loginWithTotpEndpoint(c echo.Context) error {
@@ -92,29 +120,18 @@ func loginWithTotpEndpoint(c echo.Context) error {
 		return Fail(c, -2, "您的TOTP不匹配")
 	}
 
-	token := strings.Join([]string{utils.UUID(), utils.UUID(), utils.UUID(), utils.UUID()}, "")
-
-	authorization := Authorization{
-		Token:    token,
-		Remember: loginAccount.Remember,
-		User:     user,
+	token, err := Login(c, loginAccount, user)
+	if err != nil {
+		return err
 	}
 
-	if authorization.Remember {
-		// 记住登录有效期两周
-		global.Cache.Set(token, authorization, time.Hour*time.Duration(24*14))
-	} else {
-		global.Cache.Set(token, authorization, time.Hour*time.Duration(2))
-	}
-
-	model.UpdateUserById(&model.User{Online: true}, user.ID)
-
 	return Success(c, token)
 }
 
 func LogoutEndpoint(c echo.Context) error {
 	token := GetToken(c)
 	global.Cache.Delete(token)
+	model.Logout(token)
 	return Success(c, nil)
 }
 

pkg/api/login-log.go

@@ -0,0 +1,42 @@
+package api
+
+import (
+	"github.com/labstack/echo/v4"
+	"next-terminal/pkg/global"
+	"next-terminal/pkg/model"
+	"strconv"
+	"strings"
+)
+
+func LoginLogPagingEndpoint(c echo.Context) error {
+	pageIndex, _ := strconv.Atoi(c.QueryParam("pageIndex"))
+	pageSize, _ := strconv.Atoi(c.QueryParam("pageSize"))
+	userId := c.QueryParam("userId")
+	clientIp := c.QueryParam("clientIp")
+
+	items, total, err := model.FindPageLoginLog(pageIndex, pageSize, userId, clientIp)
+
+	if err != nil {
+		return err
+	}
+
+	return Success(c, H{
+		"total": total,
+		"items": items,
+	})
+}
+
+func LoginLogDeleteEndpoint(c echo.Context) error {
+	ids := c.Param("id")
+	split := strings.Split(ids, ",")
+	for i := range split {
+		token := split[i]
+		global.Cache.Delete(token)
+		model.Logout(token)
+	}
+	if err := model.DeleteLoginLogByIdIn(split); err != nil {
+		return err
+	}
+
+	return Success(c, nil)
+}

pkg/api/middleware.go

@@ -3,7 +3,6 @@ package api
 import (
 	"fmt"
 	"github.com/labstack/echo/v4"
-	"github.com/sirupsen/logrus"
 	"next-terminal/pkg/global"
 	"next-terminal/pkg/model"
 	"strings"
@@ -44,7 +43,6 @@ func Auth(next echo.HandlerFunc) echo.HandlerFunc {
 		token := GetToken(c)
 		authorization, found := global.Cache.Get(token)
 		if !found {
-			logrus.Debugf("您的登录信息已失效，请重新登录后再试。")
 			return Fail(c, 401, "您的登录信息已失效，请重新登录后再试。")
 		}
 
@@ -62,7 +60,10 @@ func Auth(next echo.HandlerFunc) echo.HandlerFunc {
 func Admin(next echo.HandlerFunc) echo.HandlerFunc {
 	return func(c echo.Context) error {
 
-		account, _ := GetCurrentAccount(c)
+		account, found := GetCurrentAccount(c)
+		if !found {
+			return Fail(c, 401, "您的登录信息已失效，请重新登录后再试。")
+		}
 
 		if account.Type != model.TypeAdmin {
 			return Fail(c, 403, "permission denied")

pkg/api/routes.go

@@ -53,13 +53,13 @@ func SetupRoutes() *echo.Echo {
 		users.POST("/:id/reset-totp", Admin(UserResetTotpEndpoint))
 	}
 
-	userGroups := e.Group("/user-groups")
+	userGroups := e.Group("/user-groups", Admin)
 	{
-		userGroups.POST("", Admin(UserGroupCreateEndpoint))
-		userGroups.GET("/paging", Admin(UserGroupPagingEndpoint))
-		userGroups.PUT("/:id", Admin(UserGroupUpdateEndpoint))
-		userGroups.DELETE("/:id", Admin(UserGroupDeleteEndpoint))
-		userGroups.GET("/:id", Admin(UserGroupGetEndpoint))
+		userGroups.POST("", UserGroupCreateEndpoint)
+		userGroups.GET("/paging", UserGroupPagingEndpoint)
+		userGroups.PUT("/:id", UserGroupUpdateEndpoint)
+		userGroups.DELETE("/:id", UserGroupDeleteEndpoint)
+		userGroups.GET("/:id", UserGroupGetEndpoint)
 		//userGroups.POST("/:id/members", UserGroupAddMembersEndpoint)
 		//userGroups.DELETE("/:id/members/:memberId", UserGroupDelMembersEndpoint)
 	}
@@ -125,6 +125,12 @@ func SetupRoutes() *echo.Echo {
 		resourceSharers.POST("/add-resources", Admin(ResourceAddByUserIdAssignEndPoint))
 	}
 
+	loginLogs := e.Group("login-logs", Admin)
+	{
+		loginLogs.GET("/paging", LoginLogPagingEndpoint)
+		loginLogs.DELETE("/:id", LoginLogDeleteEndpoint)
+	}
+
 	e.GET("/properties", PropertyGetEndpoint)
 	e.PUT("/properties", Admin(PropertyUpdateEndpoint))