客户端授权验证

service/monitor/monitor.go

@@ -1,7 +1,11 @@
 package monitor
 
 import (
+	"encoding/json"
 	"fmt"
+	"io/ioutil"
+	"net/http"
+	"strings"
 	"time"
 
 	"github.com/shirou/gopsutil/cpu"
@@ -13,6 +17,11 @@ import (
 	"github.com/p14yground/nezha/model"
 )
 
+type ipDotSbGeoIP struct {
+	CountryCode string
+	IP          string
+}
+
 // GetHost ..
 func GetHost() *model.Host {
 	hi, _ := host.Info()
@@ -21,6 +30,16 @@ func GetHost() *model.Host {
 	for i := 0; i < len(ci); i++ {
 		cpus = append(cpus, fmt.Sprintf("%v-%vC%vT", ci[i].ModelName, ci[i].Cores, ci[i].Stepping))
 	}
+	ip := ipDotSbGeoIP{
+		IP:          "127.0.0.1",
+		CountryCode: "cn",
+	}
+	resp, err := http.Get("https://api.ip.sb/geoip")
+	if err == nil {
+		defer resp.Body.Close()
+		body, _ := ioutil.ReadAll(resp.Body)
+		json.Unmarshal(body, &ip)
+	}
 	return &model.Host{
 		Platform:        hi.OS,
 		PlatformVersion: hi.PlatformVersion,
@@ -29,6 +48,8 @@ func GetHost() *model.Host {
 		Virtualization:  hi.VirtualizationSystem,
 		Uptime:          fmt.Sprintf("%v", hi.Uptime),
 		BootTime:        fmt.Sprintf("%v", hi.BootTime),
+		IP:              ip.IP,
+		CountryCode:     strings.ToLower(ip.CountryCode),
 	}
 }
 

service/rpc/auth.go

@@ -2,7 +2,10 @@ package rpc
 
 import (
 	"context"
+	"fmt"
 
+	"github.com/p14yground/nezha/model"
+	"github.com/p14yground/nezha/service/dao"
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/metadata"
 	"google.golang.org/grpc/status"
@@ -10,51 +13,41 @@ import (
 
 // AuthHandler ..
 type AuthHandler struct {
-	AppKey    string
-	AppSecret string
+	ClientID     string
+	ClientSecret string
 }
 
 // GetRequestMetadata ..
 func (a *AuthHandler) GetRequestMetadata(ctx context.Context, uri ...string) (map[string]string, error) {
-	return map[string]string{"app_key": a.AppKey, "app_secret": a.AppSecret}, nil
+	return map[string]string{"app_key": a.ClientID, "app_secret": a.ClientSecret}, nil
 }
 
 // RequireTransportSecurity ..
 func (a *AuthHandler) RequireTransportSecurity() bool {
-	return false
+	return !dao.Conf.Debug
 }
 
 // Check ..
 func (a *AuthHandler) Check(ctx context.Context) error {
 	md, ok := metadata.FromIncomingContext(ctx)
 	if !ok {
-		return status.Errorf(codes.Unauthenticated, "metadata.FromIncomingContext err")
+		return status.Errorf(codes.Unauthenticated, "获取 metaData 失败")
 	}
 
 	var (
-		AppKey    string
-		AppSecret string
+		ClientID     string
+		ClientSecret string
 	)
 	if value, ok := md["app_key"]; ok {
-		AppKey = value[0]
+		ClientID = value[0]
 	}
 	if value, ok := md["app_secret"]; ok {
-		AppSecret = value[0]
+		ClientSecret = value[0]
 	}
 
-	if AppKey != a.GetAppKey() || AppSecret != a.GetAppSecret() {
-		return status.Errorf(codes.Unauthenticated, "invalid token")
+	if _, ok := dao.Cache.Get(fmt.Sprintf("%s%s%s", model.CtxKeyServer, ClientID, ClientSecret)); !ok {
+		return status.Errorf(codes.Unauthenticated, "客户端认证失败")
 	}
 
 	return nil
 }
-
-// GetAppKey ..
-func (a *AuthHandler) GetAppKey() string {
-	return a.AppKey
-}
-
-// GetAppSecret ..
-func (a *AuthHandler) GetAppSecret() string {
-	return a.AppSecret
-}

service/rpc/nezha.go

@@ -3,7 +3,9 @@ package rpc
 import (
 	"context"
 	"fmt"
+	"log"
 
+	"github.com/p14yground/nezha/model"
 	pb "github.com/p14yground/nezha/proto"
 )
 
@@ -23,11 +25,17 @@ func (s *NezhaHandler) ReportState(c context.Context, r *pb.State) (*pb.Receipt,
 
 // Heartbeat ..
 func (s *NezhaHandler) Heartbeat(r *pb.Beat, stream pb.NezhaService_HeartbeatServer) error {
+	defer log.Println("Heartbeat exit")
 	if err := s.Auth.Check(stream.Context()); err != nil {
 		return err
 	}
-	fmt.Printf("ReportState receive: %s\n", r)
-	return nil
+	err := stream.Send(&pb.Command{
+		Type: model.MTReportState,
+	})
+	if err != nil {
+		log.Printf("Heartbeat stream.Send err:%v", err)
+	}
+	select {}
 }
 
 // Register ..