From aa703ac90dacf761957b9cd7d9dacc5e741d62fd Mon Sep 17 00:00:00 2001 From: xjasonlyu Date: Sat, 6 Feb 2021 11:39:25 +0800 Subject: [PATCH] Chore: rename secret to token --- Dockerfile | 2 +- README.md | 2 +- docker/docker-compose.yml | 6 +++--- docker/entrypoint.sh | 4 ++-- engine/engine.go | 4 ++-- engine/opts.go | 4 ++-- main.go | 6 +++--- stats/server.go | 16 ++++++++-------- 8 files changed, 22 insertions(+), 22 deletions(-) diff --git a/Dockerfile b/Dockerfile index 7c7bb34..8566cc1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,6 +26,6 @@ ENV EXCLUDED= ENV EXTRACMD= ENV PROXY= ENV STATS= -ENV SECRET= +ENV TOKEN= ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md index 23a6671..9d98257 100644 --- a/README.md +++ b/README.md @@ -254,8 +254,8 @@ Usage of tun2socks: -l, --loglevel string Log level [debug|info|warn|error|silent] (default "info") -m, --mtu int Maximum transmission unit -p, --proxy string Use this proxy [protocol://]host[:port] - --secret string HTTP statistic server auth secret --stats string HTTP statistic server listen address + --token string HTTP statistic server auth token -v, --version Show version information and quit ``` diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 1c5a7a9..31667b1 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -9,12 +9,12 @@ services: - '/dev/net/tun:/dev/net/tun' environment: - GODEBUG=madvdontneed=1 - - PROXY= - LOGLEVEL= - - STATS= - - SECRET= - EXCLUDED= - EXTRACMD= + - PROXY= + - STATS= + - TOKEN= networks: switch: ipv4_address: 172.20.1.2 diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 5b25d36..90f224d 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -63,8 +63,8 @@ main() { ARGS="--stats $STATS" fi - if [ -n "$SECRET" ]; then - ARGS="$ARGS --secret $SECRET" + if [ -n "$TOKEN" ]; then + ARGS="$ARGS --token $TOKEN" fi exec tun2socks \ diff --git a/engine/engine.go b/engine/engine.go index 25621ad..13ec3b0 100755 --- a/engine/engine.go +++ b/engine/engine.go @@ -12,8 +12,8 @@ import ( type Engine struct { mtu uint32 iface string - secret string stats string + token string logLevel string rawProxy string rawDevice string @@ -76,7 +76,7 @@ func (e *Engine) setInterface() error { func (e *Engine) setStats() error { if e.stats != "" { go func() { - _ = stats.Start(e.stats, e.secret) + _ = stats.Start(e.stats, e.token) }() log.Infof("[STATS] listen and serve at: http://%s", e.stats) } diff --git a/engine/opts.go b/engine/opts.go index 8dc85e9..626b972 100755 --- a/engine/opts.go +++ b/engine/opts.go @@ -32,9 +32,9 @@ func WithProxy(proxy string) Option { } } -func WithStats(stats, secret string) Option { +func WithStats(stats, token string) Option { return func(e *Engine) { e.stats = stats - e.secret = secret + e.token = token } } diff --git a/main.go b/main.go index 4f0acfb..4eef964 100755 --- a/main.go +++ b/main.go @@ -19,8 +19,8 @@ var ( iface string level string proxy string - secret string stats string + token string mtu int version bool ) @@ -30,8 +30,8 @@ func init() { flag.StringVarP(&iface, "interface", "i", "", "Use network INTERFACE (Darwin/Linux only)") flag.StringVarP(&proxy, "proxy", "p", "", "Use this proxy [protocol://]host[:port]") flag.StringVarP(&level, "loglevel", "l", "info", "Log level [debug|info|warn|error|silent]") - flag.StringVar(&secret, "secret", "", "HTTP statistic server auth secret") flag.StringVar(&stats, "stats", "", "HTTP statistic server listen address") + flag.StringVar(&token, "token", "", "HTTP statistic server auth token") flag.IntVarP(&mtu, "mtu", "m", 0, "Maximum transmission unit") flag.BoolVarP(&version, "version", "v", false, "Show version information and quit") flag.Parse() @@ -56,7 +56,7 @@ func main() { engine.WithLogLevel(level), engine.WithMTU(mtu), engine.WithProxy(proxy), - engine.WithStats(stats, secret), + engine.WithStats(stats, token), } eng := engine.New(options...) diff --git a/stats/server.go b/stats/server.go index f1d69d6..5396364 100755 --- a/stats/server.go +++ b/stats/server.go @@ -26,7 +26,7 @@ var ( } ) -func Start(addr, secret string) error { +func Start(addr, token string) error { r := chi.NewRouter() c := cors.New(cors.Options{ @@ -38,7 +38,7 @@ func Start(addr, secret string) error { r.Use(c.Handler) r.Group(func(r chi.Router) { - r.Use(authenticator(secret)) + r.Use(authenticator(token)) r.Get("/", hello) r.Get("/logs", getLogs) r.Get("/traffic", traffic) @@ -63,18 +63,18 @@ func hello(w http.ResponseWriter, r *http.Request) { render.JSON(w, r, render.M{"hello": constant.Name}) } -func authenticator(secret string) func(http.Handler) http.Handler { +func authenticator(token string) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { fn := func(w http.ResponseWriter, r *http.Request) { - if secret == "" { + if token == "" { next.ServeHTTP(w, r) return } // Browser websocket not support custom header if websocket.IsWebSocketUpgrade(r) && r.URL.Query().Get("token") != "" { - token := r.URL.Query().Get("token") - if token != secret { + t := r.URL.Query().Get("token") + if t != token { render.Status(r, http.StatusUnauthorized) render.JSON(w, r, ErrUnauthorized) return @@ -87,8 +87,8 @@ func authenticator(secret string) func(http.Handler) http.Handler { text := strings.SplitN(header, " ", 2) hasInvalidHeader := text[0] != "Bearer" - hasInvalidSecret := len(text) != 2 || text[1] != secret - if hasInvalidHeader || hasInvalidSecret { + hasInvalidToken := len(text) != 2 || text[1] != token + if hasInvalidHeader || hasInvalidToken { render.Status(r, http.StatusUnauthorized) render.JSON(w, r, ErrUnauthorized) return