修改默认登录超时为24小时

申请证书支持自定义acme zerossl修改eab非必填
2026-03-17 11:42:01 +08:00 · 2025-06-12 19:51:31 +08:00
parent d8f4ee0e80
commit 884c8407b5
3 changed files with 270 additions and 83 deletions
--- a/backend/internal/cert/apply/account.go
+++ b/backend/internal/cert/apply/account.go
@@ -3,6 +3,9 @@ package apply
 import (
 	"ALLinSSL/backend/public"
 	"crypto"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
 	"crypto/x509"
 	"encoding/json"
 	"encoding/pem"
@@ -47,48 +50,158 @@ func SaveUserToDB(db *public.Sqlite, user *MyUser, Type string) error {
 		Bytes: keyBytes,
 	})
 	now := time.Now().Format("2006-01-02 15:04:05")
-	_, err = db.Insert(map[string]interface{}{
-		"email":       user.Email,
-		"private_key": string(pemBytes),
-		"reg":         regBytes,
-		"create_time": now,
-		"update_time": now,
-		"type":        Type,
-	})
+	data, err := db.Where(`email=? and type=?`, []interface{}{user.Email, Type}).Select()
+	if err != nil {
+		return err
+	}
+	if len(data) > 0 {
+		_, err = db.Update(map[string]interface{}{
+			"private_key": string(pemBytes),
+			"reg":         regBytes,
+			"update_time": now,
+		})
+	} else {
+		_, err = db.Insert(map[string]interface{}{
+			"email":       user.Email,
+			"private_key": string(pemBytes),
+			"reg":         regBytes,
+			"create_time": now,
+			"update_time": now,
+			"type":        Type,
+		})
+	}
 	return err
 }

-func LoadUserFromDB(db *public.Sqlite, email string, Type string) (*MyUser, error) {
-	data, err := db.Where(`email=? and type=?`, []interface{}{email, Type}).Select()
+func GetAcmeUser(email string, logger *public.Logger, accData map[string]any) (user *MyUser) {
+	privateKey, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	user = &MyUser{
+		Email: email,
+		key:   privateKey,
+	}
+
+	if accData == nil {
+		return
+	}
+	reg, ok := accData["reg"].(string)
+	if !ok || reg == "" {
+		logger.Debug("acme账号未注册，注册新账号")
+		return
+	}
+	key, ok := accData["private_key"].(string)
+	if !ok || key == "" {
+		logger.Debug("acme账号私钥不存在，注册新账号")
+		return
+	}
+
+	var Registration registration.Resource
+	localKey, err1 := public.ParsePrivateKey([]byte(key))
+	if err1 != nil {
+		logger.Debug("acme账号私钥解析失败", err1)
+		return
+	}
+	err2 := json.Unmarshal([]byte(reg), &Registration)
+	if err2 != nil {
+		return
+	}
+	logger.Debug("acme账号私钥和注册信息解析成功")
+	user.key = localKey
+	user.Registration = &Registration
+
+	return
+}
+
+func GetAccount(db *public.Sqlite, email, ca string) (map[string]interface{}, error) {
+	data, err := db.Where(`email=? and type=?`, []interface{}{email, ca}).Select()
 	if err != nil {
 		return nil, err
 	}
 	if len(data) == 0 {
 		return nil, fmt.Errorf("user not found")
 	}
-	regStr, ok := data[0]["reg"].(string)
-	if !ok {
-		return nil, fmt.Errorf("invalid reg data")
-	}
-	regBytes := []byte(regStr)
-	privPEM, ok := data[0]["private_key"].(string)
-	if !ok {
-		return nil, fmt.Errorf("invalid private key data")
-	}
-	privateKey, err := public.ParsePrivateKey([]byte(privPEM))
+	return data[0], nil
+}
+
+func AddAccount(email, ca, Kid, HmacEncoded, CADirURL string) error {
+	db, err := GetSqlite()
 	if err != nil {
-		return nil, err
+		return fmt.Errorf("failed to get sqlite: %w", err)
 	}
-	var reg *registration.Resource
-	if len(regBytes) > 0 {
-		reg = &registration.Resource{}
-		if err := json.Unmarshal(regBytes, reg); err != nil {
-			return nil, err
+	now := time.Now().Format("2006-01-02 15:04:05")
+	account := map[string]interface{}{
+		"email":       email,
+		"type":        ca,
+		"Kid":         Kid,
+		"HmacEncoded": HmacEncoded,
+		"CADirURL":    CADirURL,
+		"create_time": now,
+		"update_time": now,
+	}
+	_, err = db.Insert(account)
+	if err != nil {
+		return fmt.Errorf("failed to insert account: %w", err)
+	}
+	return nil
+}
+
+func UpdateAccount(id, email, ca, Kid, HmacEncoded, CADirURL string) error {
+	db, err := GetSqlite()
+	if err != nil {
+		return fmt.Errorf("failed to get sqlite: %w", err)
+	}
+	account := map[string]interface{}{
+		"email":       email,
+		"type":        ca,
+		"Kid":         Kid,
+		"HmacEncoded": HmacEncoded,
+		"CADirURL":    CADirURL,
+		"update_time": time.Now().Format("2006-01-02 15:04:05"),
+	}
+	_, err = db.Where("id=?", []any{id}).Update(account)
+	if err != nil {
+		return fmt.Errorf("failed to update account: %w", err)
+	}
+	return nil
+}
+
+func DeleteAccount(id string) error {
+	db, err := GetSqlite()
+	if err != nil {
+		return fmt.Errorf("failed to get sqlite: %w", err)
+	}
+	_, err = db.Where("id=?", []any{id}).Delete()
+	if err != nil {
+		return fmt.Errorf("failed to delete account: %w", err)
+	}
+	return nil
+}
+
+func GetAccountList(search, ca string, p, limit int64) ([]map[string]interface{}, error) {
+	db, err := GetSqlite()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get sqlite: %w", err)
+	}
+	whereSql := "1=1"
+	var whereArgs []any
+	limits := []int64{0, 100}
+	if p >= 0 && limit >= 0 {
+		limits = []int64{0, limit}
+		if p > 1 {
+			limits[0] = (p - 1) * limit
+			limits[1] = limit
 		}
 	}
-	return &MyUser{
-		Email:        email,
-		key:          privateKey,
-		Registration: reg,
-	}, nil
+	if search != "" {
+		whereSql += " and (email like ? or type like ?)"
+		whereArgs = append(whereArgs, "%"+search+"%", "%"+search+"%")
+	}
+	if ca != "" {
+		if ca == "custom" {
+			whereSql += `and type not in ('Let's Encrypt','buypass', 'google', 'sslcom', 'zerossl')`
+		} else {
+			whereSql += " and type=?"
+			whereArgs = append(whereArgs, ca)
+		}
+	}
+	return db.Where(whereSql, whereArgs).Limit(limits).Select()
 }