Chore: rename secret to token

2025-10-15 13:20:45 +08:00 · 2021-02-06 11:39:25 +08:00
parent d1df910888
commit aa703ac90d
8 changed files with 22 additions and 22 deletions
--- a/2
+++ b/2
@@ -26,6 +26,6 @@ ENV EXCLUDED=
 ENV EXTRACMD=
 ENV PROXY=
 ENV STATS=
-ENV SECRET=
+ENV TOKEN=

 ENTRYPOINT ["/entrypoint.sh"]
--- a/README.md
+++ b/README.md
@@ -254,8 +254,8 @@ Usage of tun2socks:
  -l, --loglevel string    Log level [debug|info|warn|error|silent] (default "info")
  -m, --mtu int            Maximum transmission unit
  -p, --proxy string       Use this proxy [protocol://]host[:port]
-      --secret string      HTTP statistic server auth secret
      --stats string       HTTP statistic server listen address
+      --token string      HTTP statistic server auth token
  -v, --version            Show version information and quit
 ```

--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -9,12 +9,12 @@ services:
        - '/dev/net/tun:/dev/net/tun'
    environment:
      - GODEBUG=madvdontneed=1
-      - PROXY=
      - LOGLEVEL=
-      - STATS=
-      - SECRET=
      - EXCLUDED=
      - EXTRACMD=
+      - PROXY=
+      - STATS=
+      - TOKEN=
    networks:
      switch:
        ipv4_address: 172.20.1.2
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@@ -63,8 +63,8 @@ main() {
    ARGS="--stats $STATS"
  fi

-  if [ -n "$SECRET" ]; then
-    ARGS="$ARGS --secret $SECRET"
+  if [ -n "$TOKEN" ]; then
+    ARGS="$ARGS --token $TOKEN"
  fi

  exec tun2socks \
--- a/engine/engine.go
+++ b/engine/engine.go
@@ -12,8 +12,8 @@ import (
 type Engine struct {
 	mtu       uint32
 	iface     string
-	secret    string
 	stats     string
+	token     string
 	logLevel  string
 	rawProxy  string
 	rawDevice string
@@ -76,7 +76,7 @@ func (e *Engine) setInterface() error {
 func (e *Engine) setStats() error {
 	if e.stats != "" {
 		go func() {
-			_ = stats.Start(e.stats, e.secret)
+			_ = stats.Start(e.stats, e.token)
 		}()
 		log.Infof("[STATS] listen and serve at: http://%s", e.stats)
 	}
--- a/engine/opts.go
+++ b/engine/opts.go
@@ -32,9 +32,9 @@ func WithProxy(proxy string) Option {
 	}
 }

-func WithStats(stats, secret string) Option {
+func WithStats(stats, token string) Option {
 	return func(e *Engine) {
 		e.stats = stats
-		e.secret = secret
+		e.token = token
 	}
 }
--- a/main.go
+++ b/main.go
@@ -19,8 +19,8 @@ var (
 	iface   string
 	level   string
 	proxy   string
-	secret  string
 	stats   string
+	token   string
 	mtu     int
 	version bool
 )
@@ -30,8 +30,8 @@ func init() {
 	flag.StringVarP(&iface, "interface", "i", "", "Use network INTERFACE (Darwin/Linux only)")
 	flag.StringVarP(&proxy, "proxy", "p", "", "Use this proxy [protocol://]host[:port]")
 	flag.StringVarP(&level, "loglevel", "l", "info", "Log level [debug|info|warn|error|silent]")
-	flag.StringVar(&secret, "secret", "", "HTTP statistic server auth secret")
 	flag.StringVar(&stats, "stats", "", "HTTP statistic server listen address")
+	flag.StringVar(&token, "token", "", "HTTP statistic server auth token")
 	flag.IntVarP(&mtu, "mtu", "m", 0, "Maximum transmission unit")
 	flag.BoolVarP(&version, "version", "v", false, "Show version information and quit")
 	flag.Parse()
@@ -56,7 +56,7 @@ func main() {
 		engine.WithLogLevel(level),
 		engine.WithMTU(mtu),
 		engine.WithProxy(proxy),
-		engine.WithStats(stats, secret),
+		engine.WithStats(stats, token),
 	}

 	eng := engine.New(options...)
--- a/stats/server.go
+++ b/stats/server.go
@@ -26,7 +26,7 @@ var (
 	}
 )

-func Start(addr, secret string) error {
+func Start(addr, token string) error {
 	r := chi.NewRouter()

 	c := cors.New(cors.Options{
@@ -38,7 +38,7 @@ func Start(addr, secret string) error {

 	r.Use(c.Handler)
 	r.Group(func(r chi.Router) {
-		r.Use(authenticator(secret))
+		r.Use(authenticator(token))
 		r.Get("/", hello)
 		r.Get("/logs", getLogs)
 		r.Get("/traffic", traffic)
@@ -63,18 +63,18 @@ func hello(w http.ResponseWriter, r *http.Request) {
 	render.JSON(w, r, render.M{"hello": constant.Name})
 }

-func authenticator(secret string) func(http.Handler) http.Handler {
+func authenticator(token string) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		fn := func(w http.ResponseWriter, r *http.Request) {
-			if secret == "" {
+			if token == "" {
 				next.ServeHTTP(w, r)
 				return
 			}

 			// Browser websocket not support custom header
 			if websocket.IsWebSocketUpgrade(r) && r.URL.Query().Get("token") != "" {
-				token := r.URL.Query().Get("token")
-				if token != secret {
+				t := r.URL.Query().Get("token")
+				if t != token {
 					render.Status(r, http.StatusUnauthorized)
 					render.JSON(w, r, ErrUnauthorized)
 					return
@@ -87,8 +87,8 @@ func authenticator(secret string) func(http.Handler) http.Handler {
 			text := strings.SplitN(header, " ", 2)

 			hasInvalidHeader := text[0] != "Bearer"
-			hasInvalidSecret := len(text) != 2 || text[1] != secret
-			if hasInvalidHeader || hasInvalidSecret {
+			hasInvalidToken := len(text) != 2 || text[1] != token
+			if hasInvalidHeader || hasInvalidToken {
 				render.Status(r, http.StatusUnauthorized)
 				render.JSON(w, r, ErrUnauthorized)
 				return