diff --git a/bootstrap/init.go b/bootstrap/init.go index 6a09d2e..8c8958e 100644 --- a/bootstrap/init.go +++ b/bootstrap/init.go @@ -4,7 +4,6 @@ import ( model "github.com/HFO4/cloudreve/models" "github.com/HFO4/cloudreve/pkg/aria2" "github.com/HFO4/cloudreve/pkg/auth" - "github.com/HFO4/cloudreve/pkg/authn" "github.com/HFO4/cloudreve/pkg/cache" "github.com/HFO4/cloudreve/pkg/conf" "github.com/HFO4/cloudreve/pkg/crontab" @@ -24,7 +23,6 @@ func Init(path string) { cache.Init() if conf.SystemConfig.Mode == "master" { model.Init() - authn.Init() task.Init() aria2.Init() email.Init() diff --git a/pkg/authn/auth.go b/pkg/authn/auth.go index 98742ce..ee719e1 100644 --- a/pkg/authn/auth.go +++ b/pkg/authn/auth.go @@ -2,26 +2,15 @@ package authn import ( model "github.com/HFO4/cloudreve/models" - "github.com/HFO4/cloudreve/pkg/util" "github.com/duo-labs/webauthn/webauthn" - "sync" ) -var AuthnInstance *webauthn.WebAuthn -var Lock sync.RWMutex - -// Init 初始化webauthn -func Init() { - Lock.Lock() - defer Lock.Unlock() - var err error +// NewAuthnInstance 新建Authn实例 +func NewAuthnInstance() (*webauthn.WebAuthn, error) { base := model.GetSiteURL() - AuthnInstance, err = webauthn.New(&webauthn.Config{ + return webauthn.New(&webauthn.Config{ RPDisplayName: model.GetSettingByName("siteName"), // Display Name for your site RPID: base.Hostname(), // Generally the FQDN for your site RPOrigin: base.String(), // The origin URL for WebAuthn requests }) - if err != nil { - util.Log().Error("无法初始化WebAuthn, %s", err) - } } diff --git a/pkg/authn/auth_test.go b/pkg/authn/auth_test.go index eac390d..036aa53 100644 --- a/pkg/authn/auth_test.go +++ b/pkg/authn/auth_test.go @@ -10,8 +10,7 @@ func TestInit(t *testing.T) { asserts := assert.New(t) cache.Set("setting_siteURL", "http://cloudreve.org", 0) cache.Set("setting_siteName", "Cloudreve", 0) - asserts.NotPanics(func() { - Init() - }) - asserts.NotNil(AuthnInstance) + res, err := NewAuthnInstance() + asserts.NotNil(res) + asserts.NoError(err) } diff --git a/routers/controllers/admin.go b/routers/controllers/admin.go index 44f9eda..434e244 100644 --- a/routers/controllers/admin.go +++ b/routers/controllers/admin.go @@ -1,7 +1,6 @@ package controllers import ( - "github.com/HFO4/cloudreve/pkg/authn" "github.com/HFO4/cloudreve/pkg/request" "github.com/HFO4/cloudreve/pkg/serializer" "github.com/HFO4/cloudreve/service/admin" @@ -64,8 +63,6 @@ func AdminGetGroups(c *gin.Context) { func AdminReloadService(c *gin.Context) { service := c.Param("service") switch service { - case "authn": - authn.Init() } c.JSON(200, serializer.Response{}) diff --git a/routers/controllers/user.go b/routers/controllers/user.go index 1d26f63..858da99 100644 --- a/routers/controllers/user.go +++ b/routers/controllers/user.go @@ -23,9 +23,13 @@ func StartLoginAuthn(c *gin.Context) { return } - authn.Lock.RLock() - options, sessionData, err := authn.AuthnInstance.BeginLogin(expectedUser) - authn.Lock.RUnlock() + instance, err := authn.NewAuthnInstance() + if err != nil { + c.JSON(200, serializer.Err(serializer.CodeInternalSetting, "无法初始化Authn", err)) + return + } + + options, sessionData, err := instance.BeginLogin(expectedUser) if err != nil { c.JSON(200, ErrorResponse(err)) @@ -58,9 +62,13 @@ func FinishLoginAuthn(c *gin.Context) { var sessionData webauthn.SessionData err = json.Unmarshal(sessionDataJSON, &sessionData) - authn.Lock.RLock() - _, err = authn.AuthnInstance.FinishLogin(expectedUser, sessionData, c.Request) - authn.Lock.RUnlock() + instance, err := authn.NewAuthnInstance() + if err != nil { + c.JSON(200, serializer.Err(serializer.CodeInternalSetting, "无法初始化Authn", err)) + return + } + + _, err = instance.FinishLogin(expectedUser, sessionData, c.Request) if err != nil { c.JSON(200, serializer.Err(401, "登录验证失败", err)) @@ -77,9 +85,13 @@ func FinishLoginAuthn(c *gin.Context) { func StartRegAuthn(c *gin.Context) { currUser := CurrentUser(c) - authn.Lock.RLock() - options, sessionData, err := authn.AuthnInstance.BeginRegistration(currUser) - authn.Lock.RUnlock() + instance, err := authn.NewAuthnInstance() + if err != nil { + c.JSON(200, serializer.Err(serializer.CodeInternalSetting, "无法初始化Authn", err)) + return + } + + options, sessionData, err := instance.BeginRegistration(currUser) if err != nil { c.JSON(200, ErrorResponse(err)) @@ -106,9 +118,13 @@ func FinishRegAuthn(c *gin.Context) { var sessionData webauthn.SessionData err := json.Unmarshal(sessionDataJSON, &sessionData) - authn.Lock.RLock() - credential, err := authn.AuthnInstance.FinishRegistration(currUser, sessionData, c.Request) - authn.Lock.RUnlock() + instance, err := authn.NewAuthnInstance() + if err != nil { + c.JSON(200, serializer.Err(serializer.CodeInternalSetting, "无法初始化Authn", err)) + return + } + + credential, err := instance.FinishRegistration(currUser, sessionData, c.Request) if err != nil { c.JSON(200, ErrorResponse(err))