u

6 years ago · 6ec4e4d85e
parent 1ed4d7f018
commit 6ec4e4d85e
4 changed files with 86 additions and 1 deletions
--- a/class/core/config_api.py
+++ b/class/core/config_api.py
@ -96,6 +96,44 @@ class config_api:
        }
        return public.returnJson(True, '保存成功!', info)

+    def setAdminPathApi(self):
+        admin_path = request.form.get('admin_path', '').strip()
+        admin_path_checks = ['/', '/close', '/login', '/site',
+                             '/sites',
+                             '/download_file', '/control',
+                             '/crontab', '/firewall', '/files',
+                             'config', '/soft', '/ajax',
+                             '/system', '/code',
+                             '/ssl', '/plugin']
+        if admin_path == '':
+            admin_path = '/'
+        if admin_path != '/':
+            if len(admin_path) < 6:
+                return public.returnJson(False, '安全入口地址长度不能小于6位!')
+            if admin_path in admin_path_checks:
+                return public.returnJson(False, '该入口已被面板占用,请使用其它入口!')
+            if not re.match("^/[\w\./-_]+$", admin_path):
+                return public.returnJson(False, '入口地址格式不正确,示例: /my_panel')
+        else:
+            domain = public.readFile('data/domain.conf')
+            if not domain:
+                domain = ''
+            limitip = public.readFile('data/limitip.conf')
+            if not limitip:
+                limitip = ''
+            if not domain.strip() and not limitip.strip():
+                return public.returnJson(False, '警告，关闭安全入口等于直接暴露你的后台地址在外网，十分危险，至少开启以下一种安全方式才能关闭：<a style="color:red;"><br>1、绑定访问域名<br>2、绑定授权IP</a>')
+
+        admin_path_file = 'data/admin_path.pl'
+        admin_path_old = '/'
+        if os.path.exists(admin_path_file):
+            admin_path_old = public.readFile(admin_path_file).strip()
+
+        if admin_path_old != admin_path:
+            public.writeFile(admin_path_file, admin_path)
+            public.restartMw()
+        return public.returnJson(True, '修改成功!')
+
    ##### ----- end ----- ###

    def getVersion(self):
@ -113,6 +151,12 @@ class config_api:
        data['port'] = public.getHostPort()
        data['ip'] = public.getHostAddr()

+        admin_path_file = 'data/admin_path.pl'
+        if not os.path.exists(admin_path_file):
+            data['admin_path'] = '/'
+        else:
+            data['admin_path'] = public.readFile(admin_path_file)
+
        data['username'] = public.M('users').where(
            "id=?", (1,)).getField('username')

--- a/class/core/public.py
+++ b/class/core/public.py
@ -107,6 +107,11 @@ def restartWeb():
        execShell(initd + ' ' + 'reload')


+def restartMw():
+    import system_api
+    system_api.system_api().restartMw()
+
+
 def checkWebConfig():
    op_dir = getServerDir() + '/openresty'
    cmd = "ulimit -n 10240 && " + op_dir + \
--- a/route/static/app/config.js
+++ b/route/static/app/config.js
@ -14,6 +14,42 @@ $(".set-submit").click(function(){
 });


+function modifyAuthPath() {
+    var auth_path = $("#admin_path").val();
+    btn = "<button type='button' class='btn btn-success btn-sm' onclick=\"bindBTName(1,'b')\">确定</button>";
+    layer.open({
+        type: 1,
+        area: "500px",
+        title: "修改安全入口",
+        closeBtn: 2,
+        shift: 5,
+        shadeClose: false,
+        content: '<div class="bt-form bt-form pd20 pb70">\
+                    <div class="line ">\
+                        <span class="tname">入口地址</span>\
+                        <div class="info-r">\
+                            <input name="auth_path_set" class="bt-input-text mr5" type="text" style="width: 311px" value="'+ auth_path+'">\
+                        </div></div>\
+                        <div class="bt-form-submit-btn">\
+                            <button type="button" class= "btn btn-sm btn-danger" onclick="layer.closeAll()"> 关闭</button>\
+                            <button type="button" class="btn btn-sm btn-success" onclick="setAuthPath();">提交</button>\
+                    </div></div>'
+    });
+}
+
+function setAuthPath() {
+    var auth_path = $("input[name='auth_path_set']").val();
+    var loadT = layer.msg(lan.config.config_save, { icon: 16, time: 0, shade: [0.3, '#000'] });
+    $.post('/config/set_admin_path', { admin_path: auth_path }, function (rdata) {
+        layer.close(loadT);
+        if (rdata.status) {
+            layer.closeAll();
+            $("#admin_path").val(auth_path);
+        }
+        setTimeout(function () { layer.msg(rdata.msg, { icon: rdata.status ? 1 : 2 }); }, 200);
+    },'json');
+}
+
 function setPassword(a) {
 	if(a == 1) {
 		p1 = $("#p1").val();
--- a/route/templates/default/config.html
+++ b/route/templates/default/config.html
@ -49,7 +49,7 @@

 						<p class="mtb15">
 							<span class="set-tit text-right">安全入口</span>
-							<input id="admin_path" name="admin_path" class="inputtxt bt-input-text disable" type="text" value="/"><span class="modify btn btn-xs btn-success" onclick="">修改</span>
+							<input id="admin_path" name="admin_path" class="inputtxt bt-input-text disable" type="text" value="{{data['admin_path']}}"><span class="modify btn btn-xs btn-success" onclick="modifyAuthPath();">修改</span>
 							<span class="set-info c7">面板管理入口,设置后只能通过指定安全入口登录面板,如: /abc</span>
 						</p>
 						<p class="mtb15">