fix(auth): 固定验证码改为显式 AUTH_EMAIL_DEV_CODE 环境开关(安全评审反馈)
不再从 mailer 运行时类型推导认证材料:固定码仅当显式设置 AUTH_EMAIL_DEV_CODE 时生效(run-dev.sh 设 888888,生产部署不经 该脚本即为随机码),设置时启动打印醒目告警。 Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
@@ -73,11 +73,10 @@ func (h *Handlers) EmailCode(c *gin.Context) {
|
||||
}
|
||||
|
||||
code := randCode()
|
||||
// ⚠️ 开发期便利【上线阻断项】:mock 邮件(SMTP 未配置)时验证码固定 888888,
|
||||
// 免翻日志。真实 Mailer 接入后自动回到随机码;若生产误配 mock,
|
||||
// 任何人可用固定码登录任意邮箱——pickMailer 的 TODO 必须先解决。
|
||||
if _, mock := h.Mailer.(MockMailer); mock {
|
||||
code = "888888"
|
||||
// ⚠️ 开发期便利:AUTH_EMAIL_DEV_CODE 显式设置时验证码固定(run-dev.sh 设 888888),
|
||||
// 免翻日志。仅开发脚本会设置该变量;生产部署不设即为随机码,启动时若设有醒目告警。
|
||||
if h.DevCode != "" {
|
||||
code = h.DevCode
|
||||
}
|
||||
if err := h.RDB.Set(c, store.KeyAuthEmail(email), code, emailCodeTTL).Err(); err != nil {
|
||||
c.JSON(http.StatusInternalServerError, protocol.NewAPIError(protocol.ErrInternal))
|
||||
|
||||
@@ -21,6 +21,8 @@ type Handlers struct {
|
||||
JWT *JWT
|
||||
Wechat WechatClient
|
||||
Mailer Mailer
|
||||
// DevCode 非空时邮箱验证码固定为该值(AUTH_EMAIL_DEV_CODE,仅开发脚本设置)。
|
||||
DevCode string
|
||||
// QrAuthURL 二维码内容模板(真实环境为微信开放平台授权页,%s 为 state)
|
||||
QrAuthURL string
|
||||
}
|
||||
|
||||
@@ -42,6 +42,8 @@ type Config struct {
|
||||
|
||||
// SMTP(邮箱验证码登录;未配置降级 mock mailer)
|
||||
SMTPHost string
|
||||
// EmailDevCode 非空时邮箱验证码固定为该值(仅开发脚本设置,生产禁用)
|
||||
EmailDevCode string
|
||||
|
||||
// AppLatest 启动时解析 APP_LATEST_JSON 一次(17G):平台→版本信息。
|
||||
// 解析失败或未配置则为 nil/空,handler 据此返回 204,不 fail-fast。
|
||||
@@ -74,6 +76,7 @@ func Load() Config {
|
||||
OSSEndpoint: os.Getenv("OSS_ENDPOINT"),
|
||||
OSSBucket: os.Getenv("OSS_BUCKET"),
|
||||
SMTPHost: os.Getenv("SMTP_HOST"),
|
||||
EmailDevCode: os.Getenv("AUTH_EMAIL_DEV_CODE"),
|
||||
OSSKeyID: os.Getenv("OSS_KEY_ID"),
|
||||
OSSKeySecret: os.Getenv("OSS_KEY_SECRET"),
|
||||
|
||||
|
||||
@@ -94,7 +94,10 @@ func Register(r *gin.Engine, d *Deps) {
|
||||
"asr_provider", providerKind, "wechat", wechatKind, "pay", payKind,
|
||||
"storage", storageKind, "mailer", mailerKind)
|
||||
|
||||
authH := &auth.Handlers{DB: d.DB, RDB: d.RDB, JWT: d.JWT, Wechat: wechat, Mailer: mailer}
|
||||
if d.Cfg.EmailDevCode != "" {
|
||||
slog.Warn("⚠️ AUTH_EMAIL_DEV_CODE 已设置:邮箱验证码为固定值,任何人可登录任意邮箱账号——生产环境严禁")
|
||||
}
|
||||
authH := &auth.Handlers{DB: d.DB, RDB: d.RDB, JWT: d.JWT, Wechat: wechat, Mailer: mailer, DevCode: d.Cfg.EmailDevCode}
|
||||
billH := &billing.Handlers{DB: d.DB, Pay: pay, Quota: d.Quota}
|
||||
userH := &user.Handlers{DB: d.DB, Quota: d.Quota, AppVersions: d.Cfg.AppLatest}
|
||||
fbH := &feedback.Handlers{DB: d.DB, RDB: d.RDB, Storage: storage}
|
||||
|
||||
Binary file not shown.
|
After Width: | Height: | Size: 12 B |
@@ -3,6 +3,9 @@
|
||||
# DashScope Key 从 Bitwarden 取(条目名 dashscope-api-key),有则真实识别,无则自动落 mock provider。
|
||||
# 前置:rbw unlock 已解锁;docker compose up -d 已起 pg/redis。
|
||||
set -e
|
||||
|
||||
# 开发期固定邮箱验证码(仅本脚本设置;生产部署不经此脚本,不会带上)
|
||||
export AUTH_EMAIL_DEV_CODE=888888
|
||||
if rbw get dashscope-api-key >/dev/null 2>&1; then
|
||||
echo "[run-dev] 使用真实 gummy provider"
|
||||
rbw get dashscope-api-key | { read -r K; ASR_PROVIDER=gummy DASHSCOPE_API_KEY="$K" exec go run ./cmd/server; }
|
||||
|
||||
Reference in New Issue
Block a user