blackteay/open-im-server
1
0
Fork 0
mirror of https://github.com/openimsdk/open-im-server.git synced 2025-04-05 05:12:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: check if the secret in config/share.yml has been changed during registration (#3223)

Browse Source 
* feat: check if the secret in config/share.yml has been changed during registration.

* fix: cicd

* fix: code

* fix: cicd

* fix: cicd

* fix: cicd

* fix: cicd

* fix: cicd
This commit is contained in:
icey-yu 2025-03-13 18:21:48 +08:00 committed by GitHub
parent 3516f843db
commit 0b9dbd301c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 38 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
.github/workflows/go-build-test.yml vendored
View File

@ -12,6 +12,10 @@ jobs:
go-build: go-build:
name: Test with go ${{ matrix.go_version }} on ${{ matrix.os }} name: Test with go ${{ matrix.go_version }} on ${{ matrix.os }}
runs-on: ${{ matrix.os }} runs-on: ${{ matrix.os }}
env:
SHARE_CONFIG_PATH: config/share.yml
permissions: permissions:
contents: write contents: write
pull-requests: write pull-requests: write
@ -40,6 +44,10 @@ jobs:
with: with:
compose-file: "./docker-compose.yml" compose-file: "./docker-compose.yml"
- name: Modify Server Configuration
run: |
yq e '.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
# - name: Get Internal IP Address # - name: Get Internal IP Address
# id: get-ip # id: get-ip
# run: | # run: |
@ -71,6 +79,11 @@ jobs:
go mod download go mod download
go install github.com/magefile/mage@latest go install github.com/magefile/mage@latest
- name: Modify Chat Configuration
run: |
cd ${{ github.workspace }}/chat-repo
yq e '.openIM.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
- name: Build and test Chat Services - name: Build and test Chat Services
run: | run: |
cd ${{ github.workspace }}/chat-repo cd ${{ github.workspace }}/chat-repo
@ -132,7 +145,7 @@ jobs:
# Test get admin token # Test get admin token
get_admin_token_response=$(curl -X POST -H "Content-Type: application/json" -H "operationID: imAdmin" -d '{ get_admin_token_response=$(curl -X POST -H "Content-Type: application/json" -H "operationID: imAdmin" -d '{
"secret": "openIM123", "secret": "123456",
"platformID": 2, "platformID": 2,
"userID": "imAdmin" "userID": "imAdmin"
}' http://127.0.0.1:10002/auth/get_admin_token) }' http://127.0.0.1:10002/auth/get_admin_token)
@ -169,7 +182,8 @@ jobs:
contents: write contents: write
env: env:
SDK_DIR: openim-sdk-core SDK_DIR: openim-sdk-core
CONFIG_PATH: config/notification.yml NOTIFICATION_CONFIG_PATH: config/notification.yml
SHARE_CONFIG_PATH: config/share.yml
strategy: strategy:
matrix: matrix:
@ -184,7 +198,7 @@ jobs:
uses: actions/checkout@v4 uses: actions/checkout@v4
with: with:
repository: "openimsdk/openim-sdk-core" repository: "openimsdk/openim-sdk-core"
ref: "release-v3.8" ref: "main"
path: ${{ env.SDK_DIR }} path: ${{ env.SDK_DIR }}
- name: Set up Go ${{ matrix.go_version }} - name: Set up Go ${{ matrix.go_version }}
@ -199,8 +213,9 @@ jobs:
- name: Modify Server Configuration - name: Modify Server Configuration
run: | run: |
yq e '.groupCreated.isSendMsg = true' -i ${{ env.CONFIG_PATH }} yq e '.groupCreated.isSendMsg = true' -i ${{ env.NOTIFICATION_CONFIG_PATH }}
yq e '.friendApplicationApproved.isSendMsg = true' -i ${{ env.CONFIG_PATH }} yq e '.friendApplicationApproved.isSendMsg = true' -i ${{ env.NOTIFICATION_CONFIG_PATH }}
yq e '.secret = 123456' -i ${{ env.SHARE_CONFIG_PATH }}
- name: Start Server Services - name: Start Server Services
run: | run: |

8
internal/rpc/user/user.go
View File

@ -49,6 +49,10 @@ import (
"google.golang.org/grpc" "google.golang.org/grpc"
) )
const (
defaultSecret = "openIM123"
)
type userServer struct { type userServer struct {
pbuser.UnimplementedUserServer pbuser.UnimplementedUserServer
online cache.OnlineCache online cache.OnlineCache
@ -273,6 +277,10 @@ func (s *userServer) UserRegister(ctx context.Context, req *pbuser.UserRegisterR
if len(req.Users) == 0 { if len(req.Users) == 0 {
return nil, errs.ErrArgs.WrapMsg("users is empty") return nil, errs.ErrArgs.WrapMsg("users is empty")
} }
// check if secret is changed
if s.config.Share.Secret == defaultSecret {
return nil, servererrs.ErrSecretNotChanged.Wrap()
}
if err = authverify.CheckAdmin(ctx, s.config.Share.IMAdminUserID); err != nil { if err = authverify.CheckAdmin(ctx, s.config.Share.IMAdminUserID); err != nil {
return nil, err return nil, err

2
pkg/common/servererrs/code.go
View File

@ -38,6 +38,7 @@ const (
// General error codes. // General error codes.
const ( const (
NoError = 0 // No error NoError = 0 // No error
DatabaseError = 90002 // Database error (redis/mysql, etc.) DatabaseError = 90002 // Database error (redis/mysql, etc.)
NetworkError = 90004 // Network error NetworkError = 90004 // Network error
DataError = 90007 // Data error DataError = 90007 // Data error
@ -50,6 +51,7 @@ const (
NoPermissionError = 1002 // Insufficient permission NoPermissionError = 1002 // Insufficient permission
DuplicateKeyError = 1003 DuplicateKeyError = 1003
RecordNotFoundError = 1004 // Record does not exist RecordNotFoundError = 1004 // Record does not exist
SecretNotChangedError = 1050 // secret not changed
// Account error codes. // Account error codes.
UserIDNotFoundError = 1101 // UserID does not exist or is not registered UserIDNotFoundError = 1101 // UserID does not exist or is not registered

2
pkg/common/servererrs/predefine.go
View File

@ -17,6 +17,8 @@ package servererrs
import "github.com/openimsdk/tools/errs" import "github.com/openimsdk/tools/errs"
var ( var (
ErrSecretNotChanged = errs.NewCodeError(SecretNotChangedError, "secret not changed, please change secret in config/share.yml for security reasons")
ErrDatabase = errs.NewCodeError(DatabaseError, "DatabaseError") ErrDatabase = errs.NewCodeError(DatabaseError, "DatabaseError")
ErrNetwork = errs.NewCodeError(NetworkError, "NetworkError") ErrNetwork = errs.NewCodeError(NetworkError, "NetworkError")
ErrCallback = errs.NewCodeError(CallbackError, "CallbackError") ErrCallback = errs.NewCodeError(CallbackError, "CallbackError")