Skip to content

Commit

Permalink
feat: 优化客户端hash使用sha256计算
Browse files Browse the repository at this point in the history
  • Loading branch information
@devhaozi
devhaozi committed Dec 9, 2024
1 parent 939d108 commit 1902a59
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions internal/http/middleware/must_login.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package middleware

import (
"context"
"crypto/sha256"
"fmt"
"net"
"net/http"
Expand All @@ -10,7 +11,6 @@ import (

"github.com/go-rat/chix"
"github.com/spf13/cast"
"golang.org/x/crypto/sha3"

"github.com/TheTNB/panel/internal/app"
)
Expand Down Expand Up @@ -65,7 +65,7 @@ func MustLogin(next http.Handler) http.Handler {
if safeLogin {
safeClientHash := cast.ToString(sess.Get("safe_client"))
ip, _, _ := net.SplitHostPort(strings.TrimSpace(r.RemoteAddr))
clientHash := fmt.Sprintf("%x", sha3.Sum256([]byte(ip)))
clientHash := fmt.Sprintf("%x", sha256.Sum256([]byte(ip)))
if safeClientHash != clientHash || safeClientHash == "" {
render := chix.NewRender(w)
render.Status(http.StatusUnauthorized)
Expand Down

0 comments on commit 1902a59

Please sign in to comment.