mirror of https://github.com/IoTcat/ushio-auth.git
parent
92305f6cac
commit
16a0090ca2
6 changed files with 807 additions and 0 deletions
@ -0,0 +1,84 @@ |
||||
<html> |
||||
<head> |
||||
<title>Ushio Auth</title> |
||||
<script src="https://cdn.jsdelivr.net/npm/fp3@3.0.3/dist/fp.min.js"></script> |
||||
<script> |
||||
/* func define */ |
||||
var cookie={set:function(e,r,a){if(a==undefined)var a=3e3;var t=new Date;t.setTime(t.getTime()+a*24*60*60*1e3);document.cookie=e+"="+escape(r)+";expires="+t.toGMTString()+";path=/"},get:function(e){var r,a=new RegExp("(^| )"+e+"=([^;]*)(;|$)");if(r=document.cookie.match(a)){return unescape(r[2])}else{return null}},del:function(e){var r=new Date;r.setTime(r.getTime()-1);var a,t=new RegExp("(^| )"+e+"=([^;]*)(;|$)");if(a=document.cookie.match(t)){var n=unescape(a[2])}else{var n=null}if(n!=null){document.cookie=e+"="+n+";expires="+r.toGMTString()}}} |
||||
|
||||
function getQueryString(name) { |
||||
let reg = new RegExp("(^|&)" + name + "=([^&]*)(&|$)", "i"); |
||||
let r = window.location.search.substr(1).match(reg); |
||||
if (r != null) { |
||||
return decodeURIComponent(r[2]); |
||||
}; |
||||
return null; |
||||
} |
||||
function randomStr(length) { |
||||
var result = '', chars = '0123456789abcdefghijklmnopqrstuvwxyz'; |
||||
for (var i = length; i > 0; --i) result += chars[Math.floor(Math.random() * chars.length)]; |
||||
return result; |
||||
} |
||||
|
||||
|
||||
|
||||
/* get Ip */ |
||||
var ip = ''; |
||||
function getIp(){ |
||||
return new Promise((resolve, reject)=>{ |
||||
var ajax = new XMLHttpRequest(); |
||||
ajax.onreadystatechange = function(){ |
||||
if(ajax.readyState == 4 && ajax.status == 200){ |
||||
var data = JSON.parse(ajax.responseText); |
||||
ip = data.ip; |
||||
resolve(ip); |
||||
} |
||||
} |
||||
ajax.open('get','https://log.yimian.xyz/iis.php'); |
||||
ajax.send(null); |
||||
}); |
||||
} |
||||
|
||||
|
||||
/* get father page mask */ |
||||
var mask = getQueryString('mask'); |
||||
|
||||
/* break cookie rule */ |
||||
document.cookie = 'cross-site-cookie2=noneCookie; SameSite=None; Secure'; |
||||
var isCrossDomain = true; |
||||
cookie.set('_icd', '15'); |
||||
if(cookie.get('_icd') == '15'){ |
||||
isCrossDomain = false; |
||||
} |
||||
|
||||
|
||||
var token = ''; |
||||
console.log(cookie.get('_token')) |
||||
/* get local token */ |
||||
if(cookie.get('_token')){ |
||||
token = cookie.get('_token'); |
||||
}else{ |
||||
if(!isCrossDomain){ |
||||
token = randomStr(64); |
||||
cookie.set('_token', token); |
||||
} |
||||
} |
||||
|
||||
|
||||
/* web request */ |
||||
;(async function(){ |
||||
var ajax = new XMLHttpRequest(); |
||||
var fp_v = await fp; |
||||
var ip = await getIp(); |
||||
if(token){ |
||||
ajax.open('get','checkin.php?fp='+fp_v+'&token='+token+'&mask='+mask+'&ip='+ip); |
||||
if(fp_v && mask && token) ajax.send(null); |
||||
}else{ |
||||
ajax.open('get','checkin.php?fp='+fp_v+'&ip='+ip+'&mask='+mask); |
||||
if(fp_v && mask && ip) ajax.send(null); |
||||
} |
||||
})() |
||||
</script> |
||||
</head> |
||||
<body></body> |
||||
</html> |
@ -0,0 +1,60 @@ |
||||
<?php |
||||
include './functions.php'; |
||||
|
||||
$redis = new redis(); |
||||
$redis->connect('redis',6379); |
||||
|
||||
|
||||
$fp = $_REQUEST['fp']; |
||||
$mask = $_REQUEST['mask']; |
||||
$token = $_REQUEST['token']; |
||||
$ip = $_REQUEST['ip']; |
||||
if(!isset($fp)) die(); |
||||
if(!isset($mask)) die(); |
||||
|
||||
|
||||
$id = md5($fp.$mask); |
||||
|
||||
|
||||
if(isset($token) && isset($ip)){ |
||||
$fip = md5($fp.$ip); |
||||
$redis->set('auth/fip/'.$fip, $token); |
||||
$redis->expire('auth/fip/'.$fip, 3600*72); |
||||
} |
||||
|
||||
if(isset($ip) && !isset($token)){ |
||||
$fip = md5($fp.$ip); |
||||
if($redis->exists('auth/fip/'.$fip)){ |
||||
$token = $redis->get('auth/fip/'.$fip); |
||||
}else{ |
||||
die(); |
||||
} |
||||
} |
||||
|
||||
if(!$redis->exists('auth/token/'.$token)){ |
||||
$redis->set('session/redirect/'.$id, $token); |
||||
if(!$redis->exists('session/dialog/'.$token)){ |
||||
$redis->hMset('session/dialog/'.$token, array("group"=>"anonymous")); |
||||
} |
||||
echo $token; |
||||
die(); |
||||
} |
||||
|
||||
$cnn = db__connect(); |
||||
$hash = $redis->get('auth/token/'.$token); |
||||
if(!db__rowNum($cnn, "account", "hash", $hash)){ |
||||
$redis->set('session/redirect/'.$id, $token); |
||||
$redis->del('auth/token/'.$token); |
||||
if(!$redis->exists('session/dialog/'.$token)){ |
||||
$redis->hMset('session/dialog/'.$token, array("group"=>"anonymous")); |
||||
} |
||||
}else{ |
||||
$redis->set('session/redirect/'.$id, $token); |
||||
if(!$redis->exists('session/dialog/'.$hash)){ |
||||
$data = db__getData($cnn, "account", "hash", $hash); |
||||
$redis->hMset('session/dialog/'.$hash, $data[0]); |
||||
} |
||||
} |
||||
|
||||
echo $token; |
||||
|
@ -0,0 +1,3 @@ |
||||
<?php |
||||
setcookie("_token", "", time()-3600); |
||||
echo '<script>window.location.href="https://login.yimian.xyz/"</script>'; |
@ -0,0 +1 @@ |
||||
<script>window.location.href="https://ushio.cool/"</script> |
@ -0,0 +1,27 @@ |
||||
<?php |
||||
include './functions.php'; |
||||
|
||||
$redis = new redis(); |
||||
$redis->connect('redis',6379); |
||||
|
||||
if (isset($_COOKIE["_token"])){ |
||||
$redis->del('auth/token/'.$_COOKIE['_token']); |
||||
} |
||||
|
||||
$token = $_REQUEST['token']; |
||||
$from = $_REQUEST['from']; |
||||
if(!isset($token)) die(); |
||||
if(!isset($from)) die(); |
||||
|
||||
if(strlen($token) < 60 || !$redis->exists('auth/token/'.$token)){ |
||||
echo "<script>alert('Illegal Token!!');window.location.href='https://login.yimian.xyz/'</script>"; |
||||
die(); |
||||
} |
||||
|
||||
setcookie("_token", $token, time()+60*60*24*30*6); |
||||
|
||||
|
||||
echo '<html><head><script src="https://cdn.yimian.xyz/ushio-js/ushio-head.min.js"></script>'; |
||||
echo '<script src="https://cdn.yimian.xyz/ushio-js/ushio-footer.min.js"></script>'; |
||||
echo '</head><body>'; |
||||
echo "<script>setTimeout(()=>{window.location.href='$from'}, 1000)</script></body></html>"; |
Loading…
Reference in new issue