midoks
/
mdserver-web
mirror of https://github.com/midoks/mdserver-web
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

配置添加【未认证响应状态】功能

Browse Source
pull/368/head
midoks 2 years ago
parent 2646d0565d
commit b9ca4fc11e
5 changed files with 228 additions and 131 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      .gitignore
  2. 41
      class/core/config_api.py
  3. 3
      route/__init__.py
  4. 55
      route/static/app/config.js
  5. 23
      route/templates/default/config.html

1
.gitignore vendored
Unescape View File

@ -174,3 +174,4 @@ plugins/file_search
debug.out
data/unauthorized_status.pl

41
class/core/config_api.py
Unescape View File

@ -647,6 +647,20 @@ class config_api:
else:
return False, ''
def setStatusCodeApi(self):
status_code = request.form.get('status_code', '').strip()
if re.match("^\d+$", status_code):
status_code = int(status_code)
if status_code != 0:
if status_code < 100 or status_code > 999:
return mw.returnJson(False, '状态码范围错误!')
else:
return mw.returnJson(False, '状态码范围错误!')
mw.writeFile('data/unauthorized_status.pl', str(status_code))
mw.writeLog('面板设置', '将未授权响应状态码设置为:{}'.format(status_code))
return mw.returnJson(True, '设置成功!')
def getPanelTokenApi(self):
api_file = self.__api_addr
tmp = mw.readFile(api_file)
@ -713,6 +727,31 @@ class config_api:
mw.writeFile(api_file, json.dumps(data))
return mw.returnJson(True, '保存成功!')
def renderUnauthorizedStatus(self, data):
cfg_unauth_status = 'data/unauthorized_status.pl'
if os.path.exists(cfg_unauth_status):
status_code = mw.readFile(cfg_unauth_status)
data['status_code'] = status_code
data['status_code_msg'] = status_code
if status_code == '0':
data['status_code_msg'] = "默认-安全入口错误提示"
elif status_code == '400':
data['status_code_msg'] = "400-客户端请求错误"
elif status_code == '401':
data['status_code_msg'] = "401-未授权访问"
elif status_code == '403':
data['status_code_msg'] = "403-拒绝访问"
elif status_code == '404':
data['status_code_msg'] = "404-页面不存在"
elif status_code == '408':
data['status_code_msg'] = "408-客户端超时"
elif status_code == '416':
data['status_code_msg'] = "416-无效的请求"
else:
data['status_code'] = '0'
data['status_code_msg'] = "默认-安全入口错误提示"
return data
def get(self):
data = {}
@ -765,6 +804,8 @@ class config_api:
else:
data['bind_domain'] = ''
data = self.renderUnauthorizedStatus(data)
api_token = self.__api_addr
if os.path.exists(api_token):
bac = mw.readFile(api_token)

3
route/__init__.py
Unescape View File

@ -386,7 +386,10 @@ def get_admin_safe():
def admin_safe_path(path, req, data, pageFile):
if path != req and not isLogined():
if data['status_code'] == '0':
return render_template('path.html')
else:
return Response(status=int(data['status_code']))
if not isLogined():
return render_template('login.html', data=data)

55
route/static/app/config.js
Unescape View File

@ -550,6 +550,61 @@ function setTempAccessReq(page){
},'json');
}
function setStatusCode(o){
var code = $(o).data('code');
layer.open({
type: 1,
area: ['420px', '220px'],
title: "设置未认证时的响应状态",
closeBtn: 1,
shift: 5,
btn:['提交','关闭'],
shadeClose: false,
content: '<div class="bt-form bt-form pd20">\
<div class="line">\
<span class="tname">相应状态</span>\
<div class="info-r">\
<select class="bt-input-text mr5" name="status_code" style="width: 250px;"></select>\
</div>\
</div>\
<ul class="help-info-text c7"><li style="color: red;">用于未登录且未正确输入安全入口时的响应,用于隐藏面板特征</li></ul>\
</div>',
success:function(){
var msg_list = [
{'code':'0','msg':'默认-安全入口错误提示'},
{'code':'403','msg':'403-拒绝访问'},
{'code':'404','msg':'404-页面不存在'},
{'code':'416','msg':'416-无效的请求'},
{'code':'408','msg':'408-客户端超时'},
{'code':'400','msg':'400-客户端请求错误'},
{'code':'401','msg':'401-未授权访问'},
];
var tbody = '';
for(i in msg_list){
if (msg_list[i]['code'] == code){
tbody += '<option value="'+msg_list[i]['code']+'" selected>'+msg_list[i]['msg']+'</option>';
} else{
tbody += '<option value="'+msg_list[i]['code']+'">'+msg_list[i]['msg']+'</option>';
}
}
$('select[name="status_code"]').append(tbody);
},
yes:function(index){
var loadT = layer.msg("正在设置未认证时的响应状态", { icon: 16, time: 0, shade: [0.3, '#000'] });
var status_code = $('select[name="status_code"]').val();
$.post('/config/set_status_code', { status_code: status_code }, function (rdata) {
showMsg(rdata.msg, function(){
layer.close(index);
layer.close(loadT);
location.reload();
},{ icon: rdata.status ? 1 : 2 }, 2000);
},'json');
}
});
}
function setTempAccess(){
layer.open({
area: ['700px', '250px'],

23
route/templates/default/config.html
Unescape View File

@ -3,13 +3,10 @@
<div class="main-content">
<div class="container-fluid" style="padding-bottom:54px">
<div class="pos-box bgw mtb15">
<div class="position f14 c9 pull-left">
<a class="plr10 c4" href="/">首页</a>/<span class="plr10 c4">面板设置</span>
</div>
<div class="position f14 c9 pull-left"><a class="plr10 c4" href="/">首页</a>/<span class="plr10 c4">面板设置</span></div>
</div>
<div class="clearfix bgw mtb15 pd15">
<div class="safe-port pull-left">
<div class="ss-text pull-left mr50">
<em>关闭面板</em>
<div class="ssh-item">
@ -17,7 +14,6 @@
<label class="btswitch-btn" for="closePl" onclick="closePanel()"></label>
</div>
</div>
<div class="ss-text pull-left mr50">
<em>开发模式</em>
<div class="ssh-item">
@ -33,13 +29,10 @@
<label class='btswitch-btn' for='panelIPv6' onclick="setIPv6()"></label>
</div>
</div>
</div>
</div>
<div class="setbox bgw mtb15">
<div class="title c6 plr15">
<h3 class="f16">设置</h3>
</div>
<div class="title c6 plr15"><h3 class="f16">设置</h3></div>
<div class="info-title-tips" style="margin: 20px 30px 0px;">
<p><span class="glyphicon glyphicon-alert" style="color: #f39c12; margin-right: 10px;"></span>为了提高安全,修改面板密码!</p>
</div>
@ -108,9 +101,7 @@
</form>
</div>
<div class="title c6 plr15">
<h3 class="f16">安全</h3>
</div>
<div class="title c6 plr15"><h3 class="f16">安全</h3></div>
<div class="setting-con pd15">
@ -144,6 +135,13 @@
<span class="set-info c7">提供面板API接口访问的支持</span>
</p>
<p class="mtb15">
<span class="set-tit text-right" title="未认证响应状态">未认证响应状态</span>
<input name="status_code" class="inputtxt bt-input-text disable" type="text" value="{{data['status_code_msg']}}" disabled>
<button type="button" class="btn btn-success btn-sm ml5" data-code="{{data['status_code']}}" onclick="setStatusCode(this)">设置</button>
<span class="set-info c7">用于在未登录且未正确输入安全入口时的响应,可用于隐藏面板特征</span>
</p>
<p class="mtb15">
<span class="set-tit text-right" title="临时访问授权">临时访问授权</span>
<button type="button" class="btn btn-success btn-sm ml5" onclick="setTempAccess()">临时访问授权管理</button>
@ -152,7 +150,6 @@
</div>
</div>
</div>
</div>
</div>
<script src="/static/app/config.js?v={{config.version}}"></script>
{% endblock %}
Write Preview
Loading…
Cancel
Save