diff --git a/application/constants/constants.go b/application/constants/constants.go index fc2e92c4..28afbf5c 100644 --- a/application/constants/constants.go +++ b/application/constants/constants.go @@ -3,7 +3,7 @@ package constants // These values will be injected at build time, DO NOT EDIT. // BackendVersion 当前后端版本号 -var BackendVersion = "4.12.0" +var BackendVersion = "4.13.0" // IsPro 是否为Pro版本 var IsPro = "false" diff --git a/inventory/migration.go b/inventory/migration.go index b779bf28..f581dbc3 100644 --- a/inventory/migration.go +++ b/inventory/migration.go @@ -15,6 +15,7 @@ import ( "github.com/cloudreve/Cloudreve/v4/ent/oauthclient" "github.com/cloudreve/Cloudreve/v4/ent/setting" "github.com/cloudreve/Cloudreve/v4/ent/storagepolicy" + "github.com/cloudreve/Cloudreve/v4/inventory/debug" "github.com/cloudreve/Cloudreve/v4/inventory/types" "github.com/cloudreve/Cloudreve/v4/pkg/boolset" "github.com/cloudreve/Cloudreve/v4/pkg/cache" @@ -563,6 +564,19 @@ var patches = []Patch{ return fmt.Errorf("failed to update thumb_entity_suffix setting: %w", err) } + return nil + }, + }, + { + Name: "reset_secret_key", + EndVersion: "4.13.0", + Func: func(l logging.Logger, client *ent.Client, ctx context.Context) error { + newSecretKey := util.RandStringRunesCrypto(256) + ctx = context.WithValue(ctx, debug.SkipDbLogging{}, true) + if err := client.Setting.Update().Where(setting.Name("secret_key")).SetValue(newSecretKey).Exec(ctx); err != nil { + return fmt.Errorf("failed to update secret_key setting: %w", err) + } + return nil }, }, diff --git a/inventory/oauth_client.go b/inventory/oauth_client.go index 0023f5fc..29e26944 100644 --- a/inventory/oauth_client.go +++ b/inventory/oauth_client.go @@ -201,7 +201,7 @@ func (c *oauthClientClient) Create(ctx context.Context, client *ent.OAuthClient) client.GUID = uuid.Must(uuid.NewV4()).String() } if client.Secret == "" { - client.Secret = util.RandStringRunes(32) + client.Secret = util.RandStringRunesCrypto(32) } return c.client.OAuthClient.Create(). diff --git a/inventory/setting.go b/inventory/setting.go index c4565cbd..307ddcac 100644 --- a/inventory/setting.go +++ b/inventory/setting.go @@ -523,7 +523,7 @@ var DefaultSettings = map[string]string{ "defaultTheme": `#1976d2`, "theme_options": `{"#1976d2":{"light":{"palette":{"primary":{"main":"#1976d2","light":"#42a5f5","dark":"#1565c0"},"secondary":{"main":"#9c27b0","light":"#ba68c8","dark":"#7b1fa2"}}},"dark":{"palette":{"primary":{"main":"#90caf9","light":"#e3f2fd","dark":"#42a5f5"},"secondary":{"main":"#ce93d8","light":"#f3e5f5","dark":"#ab47bc"}}}},"#3f51b5":{"light":{"palette":{"primary":{"main":"#3f51b5"},"secondary":{"main":"#f50057"}}},"dark":{"palette":{"primary":{"main":"#9fa8da"},"secondary":{"main":"#ff4081"}}}}}`, "max_parallel_transfer": `4`, - "secret_key": util.RandStringRunes(256), + "secret_key": util.RandStringRunesCrypto(256), "temp_path": "temp", "avatar_path": "avatar", "avatar_size": "4194304", @@ -588,7 +588,7 @@ var DefaultSettings = map[string]string{ "show_app_promotion": "1", "public_resource_maxage": "86400", "viewer_session_timeout": "36000", - "hash_id_salt": util.RandStringRunes(64), + "hash_id_salt": util.RandStringRunesCrypto(64), "access_token_ttl": "3600", "refresh_token_ttl": "1209600", // 2 weeks "use_cursor_pagination": "1", diff --git a/pkg/conf/conf.go b/pkg/conf/conf.go index 372f68ef..3f5bbd3b 100644 --- a/pkg/conf/conf.go +++ b/pkg/conf/conf.go @@ -33,7 +33,7 @@ func NewIniConfigProvider(configPath string, l logging.Logger) (ConfigProvider, l.Info("Config file %q not found, creating a new one.", configPath) // 创建初始配置文件 confContent := util.Replace(map[string]string{ - "{SessionSecret}": util.RandStringRunes(64), + "{SessionSecret}": util.RandStringRunesCrypto(64), }, defaultConf) f, err := util.CreatNestedFile(configPath) if err != nil { diff --git a/pkg/filemanager/fs/dbfs/upload.go b/pkg/filemanager/fs/dbfs/upload.go index de796c31..c95b8184 100644 --- a/pkg/filemanager/fs/dbfs/upload.go +++ b/pkg/filemanager/fs/dbfs/upload.go @@ -247,7 +247,7 @@ func (f *DBFS) PrepareUpload(ctx context.Context, req *fs.UploadRequest, opts .. EntityID: entityId, UID: f.user.ID, Policy: policy, - CallbackSecret: util.RandStringRunes(32), + CallbackSecret: util.RandStringRunesCrypto(32), LockToken: lockToken, // Prevent lock being released. } diff --git a/pkg/filemanager/manager/viewer.go b/pkg/filemanager/manager/viewer.go index 30fd8a61..80e93516 100644 --- a/pkg/filemanager/manager/viewer.go +++ b/pkg/filemanager/manager/viewer.go @@ -60,7 +60,7 @@ func (m *manager) CreateViewerSession(ctx context.Context, uri *fs.URI, version } sessionID := uuid.Must(uuid.NewV4()).String() - token := util.RandStringRunes(128) + token := util.RandStringRunesCrypto(128) sessionCache := &ViewerSessionCache{ ID: sessionID, Uri: file.Uri(false).String(), diff --git a/service/admin/site.go b/service/admin/site.go index 19693cc6..a316a322 100644 --- a/service/admin/site.go +++ b/service/admin/site.go @@ -343,7 +343,7 @@ func siteUrlPreProcessor(ctx context.Context, settings map[string]string) error } func secretKeyPreProcessor(ctx context.Context, settings map[string]string) error { - settings["secret_key"] = util.RandStringRunes(256) + settings["secret_key"] = util.RandStringRunesCrypto(256) return nil } diff --git a/service/user/login.go b/service/user/login.go index f380a283..d466ccdb 100644 --- a/service/user/login.go +++ b/service/user/login.go @@ -96,7 +96,7 @@ func (service *UserResetEmailService) Reset(c *gin.Context) error { return serializer.NewError(serializer.CodeUserNotActivated, "This user is not activated", nil) } - secret := util.RandStringRunes(32) + secret := util.RandStringRunesCrypto(32) if err := dep.KV().Set(fmt.Sprintf("%s%d", userResetPrefix, u.ID), secret, 3600); err != nil { return serializer.NewError(serializer.CodeInternalSetting, "Failed to create reset session", err) }