refactor

backend/acl/login.go

@@ -8,8 +8,8 @@ import (
 	"encoding/json"
 	"fmt"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/remote"
 )
 
 func LoginByPassword(ctx context.Context, username string, password string) (cookie string, err error) {

backend/acl/perm.go

@@ -8,7 +8,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/samber/lo"
 
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
 )
 
 func GetSessionFromCtx(ctx *gin.Context) (res *Session, err error) {

backend/acl/resource.go

@@ -6,8 +6,8 @@ import (
 
 	"github.com/spf13/cast"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/remote"
 )
 
 func AddResource(ctx context.Context, uid int, resourceTypeId string, name string) (res *Resource, err error) {

backend/acl/role.go

@@ -7,8 +7,8 @@ import (
 	"github.com/spf13/cast"
 	"golang.org/x/sync/errgroup"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/remote"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/remote"
 )
 
 func GetRoleResources(ctx context.Context, rid int, resourceTypeId string) (res []*Resource, err error) {

backend/api/api.go

@@ -0,0 +1,133 @@
+package api
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+
+	"github.com/veops/oneterm/api/controller"
+	"github.com/veops/oneterm/logger"
+)
+
+var (
+	ctx, cancel = context.WithCancel(context.Background())
+	srv         = &http.Server{}
+)
+
+func RunApi() error {
+	c := controller.Controller{}
+	r := gin.New()
+	r.SetTrustedProxies([]string{"0.0.0.0/0", "::/0"})
+	r.MaxMultipartMemory = 128 << 20
+	r.Use(gin.Recovery(), ginLogger())
+	v1 := r.Group("/api/oneterm/v1", auth())
+	{
+		account := v1.Group("account")
+		{
+			account.POST("", c.CreateAccount)
+			account.DELETE("/:id", c.DeleteAccount)
+			account.PUT("/:id", c.UpdateAccount)
+			account.GET("", c.GetAccounts)
+		}
+
+		asset := v1.Group("asset")
+		{
+			asset.POST("", c.CreateAsset)
+			asset.DELETE("/:id", c.DeleteAsset)
+			asset.PUT("/:id", c.UpdateAsset)
+			asset.GET("", c.GetAssets)
+		}
+
+		node := v1.Group("node")
+		{
+			node.POST("", c.CreateNode)
+			node.DELETE("/:id", c.DeleteNode)
+			node.PUT("/:id", c.UpdateNode)
+			node.GET("", c.GetNodes)
+		}
+
+		publicKey := v1.Group("public_key")
+		{
+			publicKey.POST("", c.CreatePublicKey)
+			publicKey.DELETE("/:id", c.DeletePublicKey)
+			publicKey.PUT("/:id", c.UpdatePublicKey)
+			publicKey.GET("", c.GetPublicKeys)
+		}
+
+		gateway := v1.Group("gateway")
+		{
+			gateway.POST("", c.CreateGateway)
+			gateway.DELETE("/:id", c.DeleteGateway)
+			gateway.PUT("/:id", c.UpdateGateway)
+			gateway.GET("", c.GetGateways)
+		}
+
+		stat := v1.Group("stat")
+		{
+			stat.GET("assettype", c.StatAssetType)
+			stat.GET("count", c.StatCount)
+			stat.GET("count/ofuser", c.StatCountOfUser)
+			stat.GET("account", c.StatAccount)
+			stat.GET("asset", c.StatAsset)
+			stat.GET("rank/ofuser", c.StatRankOfUser)
+		}
+
+		command := v1.Group("command")
+		{
+			command.POST("", c.CreateCommand)
+			command.DELETE("/:id", c.DeleteCommand)
+			command.PUT("/:id", c.UpdateCommand)
+			command.GET("", c.GetCommands)
+		}
+
+		session := v1.Group("session")
+		{
+			session.GET("", c.GetSessions)
+			session.GET("/:session_id/cmd", c.GetSessionCmds)
+			session.GET("/option/asset", c.GetSessionOptionAsset)
+			session.GET("/option/clientip", c.GetSessionOptionClientIp)
+			session.GET("/replay/:session_id", c.GetSessionReplay)
+			session.POST("/replay/:session_id", c.CreateSessionReplay)
+			session.POST("", c.UpsertSession)
+			session.POST("/cmd", c.CreateSessionCmd)
+		}
+
+		connect := v1.Group("connect")
+		{
+			connect.POST("/:asset_id/:account_id/:protocol", c.Connect)
+			connect.GET("/:session_id", c.Connecting)
+			connect.GET("/monitor/:session_id", c.ConnectMonitor)
+			connect.POST("/close/:session_id", c.ConnectClose)
+		}
+
+		file := v1.Group("file")
+		{
+			file.GET("/history", c.GetFileHistory)
+			file.GET("/ls/:asset_id/:account_id", c.FileLS)
+			file.POST("/mkdir/:asset_id/:account_id", c.FileMkdir)
+			file.POST("/upload/:asset_id/:account_id", c.FileUpload)
+			file.GET("/download/:asset_id/:account_id", c.FileDownload)
+		}
+
+		history := v1.Group("history")
+		{
+			history.GET("", c.GetHistories)
+			history.GET("/type/mapping", c.GetHistoryTypeMapping)
+		}
+	}
+
+	srv.Addr = ":8888"
+	srv.Handler = r
+	err := srv.ListenAndServe()
+	if err != nil {
+		logger.L().Fatal("start http failed", zap.Error(err))
+	}
+	return err
+}
+
+func StopApi() {
+	defer cancel()
+	srv.Shutdown(ctx)
+}

backend/api/controller/account.go

@@ -11,11 +11,11 @@ import (
 	"golang.org/x/crypto/ssh"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/conf"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/util"
 )
 
 var (
@@ -61,13 +61,6 @@ var (
 				d.AssetCount = m[d.Id]
 			}
 		},
-		func(ctx *gin.Context, data []*model.Account) {
-			for _, d := range data {
-				d.Password = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Password), "")
-				d.Pk = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Pk), "")
-				d.Phrase = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Phrase), "")
-			}
-		},
 	}
 	accountDcs = []deleteCheck{
 		func(ctx *gin.Context, id int) {
@@ -137,7 +130,7 @@ func (c *Controller) GetAccounts(ctx *gin.Context) {
 	info := cast.ToBool(ctx.Query("info"))
 
 	db := mysql.DB.Model(&model.Account{})
-	db = filterEqual(ctx, db, "id","type")
+	db = filterEqual(ctx, db, "id", "type")
 	db = filterLike(ctx, db, "name")
 	db = filterSearch(ctx, db, "name", "account")
 	if q, ok := ctx.GetQuery("ids"); ok {

backend/api/controller/asset.go

@@ -10,12 +10,12 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/schedule/connectable"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/conf"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/schedule"
 )
 
 var (
@@ -31,7 +31,7 @@ var (
 func (c *Controller) CreateAsset(ctx *gin.Context) {
 	asset := &model.Asset{}
 	doCreate(ctx, true, asset, conf.RESOURCE_ASSET)
-	connectable.CheckUpdate(asset.Id)
+	schedule.CheckUpdate(asset.Id)
 }
 
 // DeleteAsset godoc
@@ -53,7 +53,7 @@ func (c *Controller) DeleteAsset(ctx *gin.Context) {
 //	@Router		/asset/:id [put]
 func (c *Controller) UpdateAsset(ctx *gin.Context) {
 	doUpdate(ctx, true, &model.Asset{})
-	connectable.CheckUpdate(cast.ToInt(ctx.Param("id")))
+	schedule.CheckUpdate(cast.ToInt(ctx.Param("id")))
 }
 
 // GetAssets godoc
@@ -84,7 +84,7 @@ func (c *Controller) GetAssets(ctx *gin.Context) {
 	if q, ok := ctx.GetQuery("parent_id"); ok {
 		parentIds, err := handleParentId(cast.ToInt(q))
 		if err != nil {
-			logger.L.Error("parent id found failed", zap.Error(err))
+			logger.L().Error("parent id found failed", zap.Error(err))
 			return
 		}
 		db = db.Where("parent_id IN ?", parentIds)
@@ -163,7 +163,7 @@ func assetPostHookCount(ctx *gin.Context, data []*model.Asset) {
 		Model(nodes).
 		Find(&nodes).
 		Error; err != nil {
-		logger.L.Error("asset posthookfailed", zap.Error(err))
+		logger.L().Error("asset posthookfailed", zap.Error(err))
 		return
 	}
 	g := make(map[int][]model.Pair[int, string])

backend/api/controller/authorization.go

@@ -14,11 +14,11 @@ import (
 	"golang.org/x/sync/errgroup"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/conf"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
 )
 
 func HandleAuthorization(currentUser *acl.Session, tx *gorm.DB, action int, old, new *model.Asset) (err error) {
@@ -158,7 +158,7 @@ func HasAuthorization(ctx *gin.Context) (ok bool) {
 	currentUser, _ := acl.GetSessionFromCtx(ctx)
 	rs, err := acl.GetRoleResources(ctx, currentUser.Acl.Rid, conf.RESOURCE_AUTHORIZATION)
 	if err != nil {
-		logger.L.Error("check authorization failed", zap.Error(err))
+		logger.L().Error("check authorization failed", zap.Error(err))
 		return
 	}
 	k := fmt.Sprintf("%d-%d", ctx.Param("asset_id"), ctx.Param("account_id"))

backend/api/controller/command.go

@@ -11,10 +11,10 @@ import (
 	"github.com/spf13/cast"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/conf"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
 )
 
 var (

backend/api/controller/config.go

@@ -8,9 +8,9 @@ import (
 	"github.com/spf13/cast"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
 )
 
 // PostConfig godoc

backend/api/controller/connect.go

@@ -24,15 +24,15 @@ import (
 	"golang.org/x/sync/errgroup"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/conf"
-	myi18n "github.com/veops/oneterm/pkg/i18n"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	gsession "github.com/veops/oneterm/pkg/server/global/session"
-	"github.com/veops/oneterm/pkg/server/guacd"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/api/guacd"
+	"github.com/veops/oneterm/conf"
+	mysql "github.com/veops/oneterm/db"
+	myi18n "github.com/veops/oneterm/i18n"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
+	gsession "github.com/veops/oneterm/session"
+	"github.com/veops/oneterm/util"
 )
 
 var (
@@ -100,10 +100,10 @@ func handleSsh(ctx *gin.Context, ws *websocket.Conn, session *gsession.Session)
 				ws.WriteMessage(websocket.TextMessage, out)
 				writeToMonitors(session.Monitors, out)
 				err := fmt.Errorf("colse by admin %s", closeBy)
-				logger.L.Warn(err.Error())
+				logger.L().Warn(err.Error())
 				return err
 			case err := <-chs.ErrChan:
-				logger.L.Error("server disconnected", zap.Error(err))
+				logger.L().Error("server disconnected", zap.Error(err))
 				return err
 			case in := <-chs.InChan:
 				rt := in[0]
@@ -149,7 +149,7 @@ func handleGuacd(ctx *gin.Context, ws *websocket.Conn, session *gsession.Session
 			case closeBy := <-chs.CloseChan:
 				return &ApiError{Code: ErrAdminClose, Data: map[string]any{"admin": closeBy}}
 			case err := <-chs.ErrChan:
-				logger.L.Error("disconnected", zap.Error(err))
+				logger.L().Error("disconnected", zap.Error(err))
 				return err
 			case <-tk.C:
 				if mysql.DB.Model(asset).Where("id = ?", session.AssetId).First(asset).Error != nil {
@@ -217,17 +217,17 @@ func (c *Controller) Connect(ctx *gin.Context) {
 		}
 		go connectGuacd(ctx, asset, protocol, chs)
 	default:
-		logger.L.Error("wrong protocol " + protocol)
+		logger.L().Error("wrong protocol " + protocol)
 	}
 
 	if err := <-chs.ErrChan; err != nil {
-		logger.L.Error("failed to connect", zap.Error(err))
+		logger.L().Error("failed to connect", zap.Error(err))
 		ctx.AbortWithError(http.StatusInternalServerError, &ApiError{Code: ErrConnectServer, Data: map[string]any{"err": err}})
 		return
 	}
 	resp = <-chs.RespChan
 	if resp.Code != 0 {
-		logger.L.Error("failed to connect", zap.Any("resp", *resp))
+		logger.L().Error("failed to connect", zap.Any("resp", *resp))
 		ctx.AbortWithError(http.StatusInternalServerError, &ApiError{Code: ErrConnectServer, Data: map[string]any{"err": resp.Message}})
 		return
 	}
@@ -260,7 +260,7 @@ func readWsMsg(ctx context.Context, ws *websocket.Conn, session *gsession.Sessio
 				return err
 			}
 			if len(msg) <= 0 {
-				logger.L.Warn("websocket msg length is zero")
+				logger.L().Warn("websocket msg length is zero")
 				continue
 			}
 			switch t {
@@ -322,14 +322,14 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 	}
 	conn, err := ssh.Dial("tcp", fmt.Sprintf("%s:%d", conf.Cfg.SshServer.Ip, conf.Cfg.SshServer.Port), cfg)
 	if err != nil {
-		logger.L.Error("ssh tcp dail failed", zap.Error(err))
+		logger.L().Error("ssh tcp dail failed", zap.Error(err))
 		return
 	}
 	defer conn.Close()
 
 	sess, err := conn.NewSession()
 	if err != nil {
-		logger.L.Error("ssh session create failed", zap.Error(err))
+		logger.L().Error("ssh session create failed", zap.Error(err))
 		return
 	}
 	defer sess.Close()
@@ -345,21 +345,21 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 		ssh.TTY_OP_OSPEED: 14400,
 	}
 	if err = sess.RequestPty("xterm", h, w, modes); err != nil {
-		logger.L.Error("ssh request pty failed", zap.Error(err))
+		logger.L().Error("ssh request pty failed", zap.Error(err))
 		return
 	}
 	if err = sess.Shell(); err != nil {
-		logger.L.Error("ssh start shell failed", zap.Error(err))
+		logger.L().Error("ssh start shell failed", zap.Error(err))
 		return
 	}
 
 	bs, err := json.Marshal(req)
 	if err != nil {
-		logger.L.Error("ssh req marshal failed", zap.Error(err))
+		logger.L().Error("ssh req marshal failed", zap.Error(err))
 		return
 	}
 	if _, err = chs.Win.Write(append(bs, '\r')); err != nil {
-		logger.L.Error("ssh req", zap.Error(err), zap.String("req content", string(bs)))
+		logger.L().Error("ssh req", zap.Error(err), zap.String("req content", string(bs)))
 		return
 	}
 
@@ -367,12 +367,12 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 
 	line, err := buf.ReadBytes('\r')
 	if err != nil {
-		logger.L.Error("ssh read bytes failed", zap.Error(err))
+		logger.L().Error("ssh read bytes failed", zap.Error(err))
 		return
 	}
 	resp := &gsession.ServerResp{}
 	if err = json.Unmarshal([]byte(line)[0:len(line)-1], resp); err != nil {
-		logger.L.Error("ssh resp", zap.Error(err), zap.String("resp content", string(line)))
+		logger.L().Error("ssh resp", zap.Error(err), zap.String("resp content", string(line)))
 		return
 	}
 
@@ -395,7 +395,7 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 					return nil
 				}
 				if err != nil {
-					logger.L.Debug("buf ReadRune failed", zap.Error(err))
+					logger.L().Debug("buf ReadRune failed", zap.Error(err))
 					return err
 				}
 				if size <= 0 || rn == utf8.RuneError {
@@ -416,7 +416,7 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 			case err = <-waitCh:
 				return err
 			case <-chs.AwayChan:
-				logger.L.Debug("doSsh away")
+				logger.L().Debug("doSsh away")
 				return fmt.Errorf("away")
 			case s := <-chs.WindowChan:
 				wh := strings.Split(s, ",")
@@ -429,13 +429,13 @@ func connectSsh(ctx *gin.Context, req *gsession.SshReq, chs *gsession.SessionCha
 					continue
 				}
 				if err := sess.WindowChange(h, w); err != nil {
-					logger.L.Warn("reset window size failed", zap.Error(err))
+					logger.L().Warn("reset window size failed", zap.Error(err))
 				}
 			}
 		}
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("doSsh stopped", zap.Error(err))
+		logger.L().Warn("doSsh stopped", zap.Error(err))
 	}
 
 	return
@@ -452,12 +452,12 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 
 	account, gateway := &model.Account{}, &model.Gateway{}
 	if err = mysql.DB.Model(&account).Where("id = ?", ctx.Param("account_id")).First(account).Error; err != nil {
-		logger.L.Error("find account failed", zap.Error(err))
+		logger.L().Error("find account failed", zap.Error(err))
 		return
 	}
 	if asset.GatewayId != 0 {
 		if err = mysql.DB.Model(&gateway).Where("id = ?", asset.GatewayId).First(gateway).Error; err != nil {
-			logger.L.Error("find gateway failed", zap.Error(err))
+			logger.L().Error("find gateway failed", zap.Error(err))
 			return
 		}
 		gateway.Password = util.DecryptAES(gateway.Password)
@@ -467,7 +467,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 
 	t, err := guacd.NewTunnel("", w, h, dpi, protocol, asset, account, gateway)
 	if err != nil {
-		logger.L.Error("guacd tunnel failed", zap.Error(err))
+		logger.L().Error("guacd tunnel failed", zap.Error(err))
 		return
 	}
 
@@ -513,7 +513,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 					return nil
 				}
 				if err != nil {
-					logger.L.Debug("read instruction failed", zap.Error(err))
+					logger.L().Debug("read instruction failed", zap.Error(err))
 					return err
 				}
 				if len(p) <= 0 {
@@ -530,7 +530,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 			session.Status = model.SESSIONSTATUS_OFFLINE
 			session.ClosedAt = lo.ToPtr(time.Now())
 			if err = gsession.HandleUpsertSession(ctx, session); err != nil {
-				logger.L.Error("offline guacd session failed", zap.Error(err))
+				logger.L().Error("offline guacd session failed", zap.Error(err))
 				return
 			}
 		}()
@@ -546,7 +546,7 @@ func connectGuacd(ctx *gin.Context, asset *model.Asset, protocol string, chs *gs
 		}
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("doGuacd stopped", zap.Error(err))
+		logger.L().Warn("doGuacd stopped", zap.Error(err))
 	}
 }
 
@@ -655,7 +655,7 @@ func (c *Controller) ConnectMonitor(ctx *gin.Context) {
 			default:
 				_, p, err := ws.ReadMessage()
 				if err != nil {
-					logger.L.Warn("end monitor", zap.Error(err))
+					logger.L().Warn("end monitor", zap.Error(err))
 					return err
 				}
 				if !session.IsSsh() {
@@ -671,7 +671,7 @@ func (c *Controller) ConnectMonitor(ctx *gin.Context) {
 func monitSsh(ctx *gin.Context, session *gsession.Session, chs *gsession.SessionChans) (err error) {
 	req := newSshReq(ctx, model.SESSIONACTION_MONITOR)
 	req.SessionId = session.SessionId
-	logger.L.Debug("connect to monitor client", zap.String("sessionId", session.SessionId))
+	logger.L().Debug("connect to monitor client", zap.String("sessionId", session.SessionId))
 	go connectSsh(ctx, req, chs)
 	if err = <-chs.ErrChan; err != nil {
 		err = &ApiError{Code: ErrConnectServer, Data: map[string]any{"err": err}}
@@ -691,10 +691,10 @@ func monitSsh(ctx *gin.Context, session *gsession.Session, chs *gsession.Session
 				return nil
 			case closeBy := <-chs.CloseChan:
 				writeToMonitors(session.Monitors, []byte("\r\n \033[31m closed by admin"))
-				logger.L.Warn("close by admin", zap.String("username", closeBy))
+				logger.L().Warn("close by admin", zap.String("username", closeBy))
 				return nil
 			case err := <-chs.ErrChan:
-				logger.L.Error("ssh connection failed", zap.Error(err))
+				logger.L().Error("ssh connection failed", zap.Error(err))
 				return err
 			case out := <-chs.OutChan:
 				chs.Buf.Write(out)
@@ -705,7 +705,7 @@ func monitSsh(ctx *gin.Context, session *gsession.Session, chs *gsession.Session
 	})
 
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("monit ssh stopped", zap.Error(err))
+		logger.L().Warn("monit ssh stopped", zap.Error(err))
 	}
 
 	return
@@ -720,7 +720,7 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 
 	t, err := guacd.NewTunnel(connectionId, w, h, dpi, ":", nil, nil, nil)
 	if err != nil {
-		logger.L.Error("guacd tunnel failed", zap.Error(err))
+		logger.L().Error("guacd tunnel failed", zap.Error(err))
 		return
 	}
 
@@ -733,7 +733,7 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 			default:
 				p, err := t.Read()
 				if err != nil {
-					logger.L.Debug("read instruction failed", zap.Error(err))
+					logger.L().Debug("read instruction failed", zap.Error(err))
 					return err
 				}
 				if len(p) <= 0 {
@@ -749,10 +749,10 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 			case closeBy := <-chs.CloseChan:
 				err := fmt.Errorf("colse by admin %s", closeBy)
 				ws.WriteMessage(websocket.TextMessage, guacd.NewInstruction("disconnect", err.Error()).Bytes())
-				logger.L.Warn(err.Error())
+				logger.L().Warn(err.Error())
 				return err
 			case err := <-chs.ErrChan:
-				logger.L.Error("disconnected", zap.Error(err))
+				logger.L().Error("disconnected", zap.Error(err))
 				return err
 			case out := <-chs.OutChan:
 				ws.WriteMessage(websocket.TextMessage, out)
@@ -762,7 +762,7 @@ func monitGuacd(ctx *gin.Context, connectionId string, chs *gsession.SessionChan
 		}
 	})
 	if err = g.Wait(); err != nil {
-		logger.L.Warn("monit guacd stopped", zap.Error(err))
+		logger.L().Warn("monit guacd stopped", zap.Error(err))
 	}
 
 	return
@@ -796,7 +796,7 @@ func (c *Controller) ConnectClose(ctx *gin.Context) {
 		return
 	}
 
-	logger.L.Info("closing...", zap.String("sessionId", session.SessionId), zap.Int("type", session.SessionType))
+	logger.L().Info("closing...", zap.String("sessionId", session.SessionId), zap.Int("type", session.SessionType))
 	defer offlineSession(ctx, session.SessionId, currentUser.GetUserName())
 	if session.IsSsh() {
 		chs := makeChans()
@@ -822,7 +822,7 @@ func (c *Controller) ConnectClose(ctx *gin.Context) {
 }
 
 func offlineSession(ctx *gin.Context, sessionId string, closer string) {
-	logger.L.Debug("offline", zap.String("session_id", sessionId), zap.String("closer", closer))
+	logger.L().Debug("offline", zap.String("session_id", sessionId), zap.String("closer", closer))
 	defer gsession.GetOnlineSession().Delete(sessionId)
 	v, ok := gsession.GetOnlineSession().Load(sessionId)
 	if ok {
@@ -911,7 +911,7 @@ func handleError(ctx *gin.Context, session *gsession.Session, err error, ws *web
 	if err == nil {
 		return
 	}
-	logger.L.Debug("", zap.String("session_id", session.SessionId), zap.Error(err))
+	logger.L().Debug("", zap.String("session_id", session.SessionId), zap.Error(err))
 	ae, ok := err.(*ApiError)
 	if !ok {
 		return

backend/api/controller/controller.go

@@ -14,10 +14,10 @@ import (
 	"golang.org/x/sync/errgroup"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/remote"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/remote"
 )
 
 var (

backend/api/controller/errors.go

@@ -7,8 +7,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 
-	"github.com/veops/oneterm/pkg/conf"
-	myi18n "github.com/veops/oneterm/pkg/i18n"
+	myi18n "github.com/veops/oneterm/i18n"
 )
 
 const (
@@ -82,7 +81,7 @@ func (ae *ApiError) Message(localizer *i18n.Localizer) (msg string) {
 func (ae *ApiError) MessageWithCtx(ctx *gin.Context) string {
 	lang := ctx.PostForm("lang")
 	accept := ctx.GetHeader("Accept-Language")
-	localizer := i18n.NewLocalizer(conf.Bundle, lang, accept)
+	localizer := i18n.NewLocalizer(myi18n.Bundle, lang, accept)
 	return ae.Message(localizer)
 }
 

backend/api/controller/file.go

@@ -13,11 +13,11 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
 
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/global/file"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/api/file"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
 )
 
 // GetFileHistory godoc
@@ -126,7 +126,7 @@ func (c *Controller) FileMkdir(ctx *gin.Context) {
 		Dir:       ctx.Query("dir"),
 	}
 	if err = mysql.DB.Model(h).Create(h).Error; err != nil {
-		logger.L.Error("record mkdir failed", zap.Error(err), zap.Any("history", h))
+		logger.L().Error("record mkdir failed", zap.Error(err), zap.Any("history", h))
 	}
 	ctx.JSON(http.StatusOK, defaultHttpResponse)
 }
@@ -184,7 +184,7 @@ func (c *Controller) FileUpload(ctx *gin.Context) {
 		Filename:  fh.Filename,
 	}
 	if err = mysql.DB.Model(h).Create(h).Error; err != nil {
-		logger.L.Error("record upload failed", zap.Error(err), zap.Any("history", h))
+		logger.L().Error("record upload failed", zap.Error(err), zap.Any("history", h))
 	}
 
 	ctx.JSON(http.StatusOK, defaultHttpResponse)
@@ -238,6 +238,6 @@ func (c *Controller) FileDownload(ctx *gin.Context) {
 	}
 
 	if err = mysql.DB.Model(h).Create(h).Error; err != nil {
-		logger.L.Error("record download failed", zap.Error(err), zap.Any("history", h))
+		logger.L().Error("record download failed", zap.Error(err), zap.Any("history", h))
 	}
 }

backend/api/controller/gateway.go

@@ -11,11 +11,11 @@ import (
 	"golang.org/x/crypto/ssh"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/conf"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/util"
 )
 
 var (
@@ -60,13 +60,6 @@ var (
 				d.AssetCount = m[d.Id]
 			}
 		},
-		func(ctx *gin.Context, data []*model.Gateway) {
-			for _, d := range data {
-				d.Password = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Password), "")
-				d.Pk = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Pk), "")
-				d.Phrase = lo.Ternary(!cast.ToBool(ctx.Query("info")) || ctx.GetHeader("X-Token") == conf.Cfg.SshServer.Xtoken, util.DecryptAES(d.Phrase), "")
-			}
-		},
 	}
 	gatewayDcs = []deleteCheck{
 		func(ctx *gin.Context, id int) {

backend/api/controller/history.go

@@ -6,10 +6,9 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/nicksnyder/go-i18n/v2/i18n"
 
-	"github.com/veops/oneterm/pkg/conf"
-	myi18n "github.com/veops/oneterm/pkg/i18n"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	mysql "github.com/veops/oneterm/db"
+	myi18n "github.com/veops/oneterm/i18n"
+	"github.com/veops/oneterm/model"
 )
 
 // GetHistories godoc
@@ -46,7 +45,7 @@ func (c *Controller) GetHistories(ctx *gin.Context) {
 func (c *Controller) GetHistoryTypeMapping(ctx *gin.Context) {
 	lang := ctx.PostForm("lang")
 	accept := ctx.GetHeader("Accept-Language")
-	localizer := i18n.NewLocalizer(conf.Bundle, lang, accept)
+	localizer := i18n.NewLocalizer(myi18n.Bundle, lang, accept)
 	cfg := &i18n.LocalizeConfig{}
 	key2msg := map[string]*i18n.Message{
 		"account":    myi18n.MsgTypeMappingAccount,

backend/api/controller/node.go

@@ -11,10 +11,10 @@ import (
 	"go.uber.org/zap"
 	"gorm.io/gorm"
 
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
 )
 
 var (
@@ -142,12 +142,12 @@ func nodePostHookCountAsset(ctx *gin.Context, data []*model.Node) {
 		db = db.Where("id IN ?", ids)
 	}
 	if err := db.Find(&assets).Error; err != nil {
-		logger.L.Error("node posthookfailed asset count", zap.Error(err))
+		logger.L().Error("node posthookfailed asset count", zap.Error(err))
 		return
 	}
 	nodes := make([]*model.NodeIdPid, 0)
 	if err := mysql.DB.Model(&model.Node{}).Find(&nodes).Error; err != nil {
-		logger.L.Error("node posthookfailed node", zap.Error(err))
+		logger.L().Error("node posthookfailed node", zap.Error(err))
 		return
 	}
 	m := make(map[int]int64)
@@ -179,7 +179,7 @@ func nodePostHookHasChild(ctx *gin.Context, data []*model.Node) {
 		Where("parent_id IN ?", lo.Map(data, func(n *model.Node, _ int) int { return n.Id })).
 		Pluck("parent_id", &ps).
 		Error; err != nil {
-		logger.L.Error("node posthookfailed has child", zap.Error(err))
+		logger.L().Error("node posthookfailed has child", zap.Error(err))
 		return
 	}
 	pm := lo.SliceToMap(ps, func(pid int) (int, bool) { return pid, true })

backend/api/controller/publicKey.go

@@ -8,10 +8,10 @@ import (
 	"github.com/gin-gonic/gin"
 	"golang.org/x/crypto/ssh"
 
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/acl"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/util"
 )
 
 var (

backend/api/controller/session.go

@@ -12,11 +12,11 @@ import (
 	"github.com/samber/lo"
 	"go.uber.org/zap"
 
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	gsession "github.com/veops/oneterm/pkg/server/global/session"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
+	gsession "github.com/veops/oneterm/session"
 )
 
 var (
@@ -34,7 +34,7 @@ var (
 				Group("session_id").
 				Find(&post).
 				Error; err != nil {
-				logger.L.Error("gateway posthookfailed", zap.Error(err))
+				logger.L().Error("gateway posthookfailed", zap.Error(err))
 				return
 			}
 			m := lo.SliceToMap(post, func(p *model.CmdCount) (string, int64) { return p.SessionId, p.Count })
@@ -68,7 +68,7 @@ func (c *Controller) UpsertSession(ctx *gin.Context) {
 		return
 	}
 	if err := gsession.HandleUpsertSession(ctx, data); err != nil {
-		logger.L.Error("upsert session failed", zap.Error(err))
+		logger.L().Error("upsert session failed", zap.Error(err))
 		ctx.AbortWithError(http.StatusInternalServerError, &ApiError{Code: ErrInternal, Data: map[string]any{"err": err}})
 	}
 

backend/api/controller/stat.go

@@ -10,10 +10,10 @@ import (
 	"github.com/samber/lo"
 	"golang.org/x/sync/errgroup"
 
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
+	"github.com/veops/oneterm/acl"
+	redis "github.com/veops/oneterm/cache"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/model"
 )
 
 // StatAssetType godoc

backend/api/file/file.go

@@ -11,10 +11,10 @@ import (
 	"github.com/spf13/cast"
 	"golang.org/x/crypto/ssh"
 
-	ggateway "github.com/veops/oneterm/pkg/server/global/gateway"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-	"github.com/veops/oneterm/pkg/util"
+	mysql "github.com/veops/oneterm/db"
+	ggateway "github.com/veops/oneterm/gateway"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/util"
 )
 
 var (

backend/api/guacd/conn.go

@@ -10,11 +10,11 @@ import (
 	"github.com/google/uuid"
 	"github.com/samber/lo"
 	"github.com/spf13/cast"
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	ggateway "github.com/veops/oneterm/pkg/server/global/gateway"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/util"
+	"github.com/veops/oneterm/conf"
+	ggateway "github.com/veops/oneterm/gateway"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/util"
 )
 
 const (
@@ -214,6 +214,6 @@ func (t *Tunnel) Close() {
 }
 
 func (t *Tunnel) Disconnect() {
-	logger.L.Debug("client disconnect")
+	logger.L().Debug("client disconnect")
 	t.WriteInstruction(NewInstruction("disconnect"))
 }

backend/api/middleware.go

@@ -0,0 +1,55 @@
+package api
+
+import (
+	"encoding/json"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"go.uber.org/zap"
+
+	"github.com/veops/oneterm/acl"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/logger"
+)
+
+func ginLogger() gin.HandlerFunc {
+	return func(ctx *gin.Context) {
+		start := time.Now()
+
+		ctx.Next()
+
+		cost := time.Since(start)
+		logger.L().Info(ctx.Request.URL.String(),
+			zap.String("method", ctx.Request.Method),
+			zap.Int("status", ctx.Writer.Status()),
+			zap.String("ip", ctx.ClientIP()),
+			zap.Duration("cost", cost),
+		)
+
+	}
+}
+
+func auth() gin.HandlerFunc {
+	return func(ctx *gin.Context) {
+		session := &acl.Session{}
+
+		sess, err := ctx.Cookie("session")
+		if err == nil && sess != "" {
+			s := acl.NewSignature(conf.Cfg.SecretKey, "cookie-session", "", "hmac", nil, nil)
+			content, err := s.Unsign(sess)
+			if err != nil {
+				ctx.AbortWithStatus(http.StatusUnauthorized)
+				return
+			}
+			err = json.Unmarshal(content, &session)
+			if err != nil {
+				ctx.AbortWithStatus(http.StatusUnauthorized)
+				return
+			}
+			ctx.Set("session", session)
+		}
+
+		ctx.Next()
+	}
+}

backend/cache/redis.go

@@ -6,8 +6,10 @@ import (
 	"time"
 
 	"github.com/redis/go-redis/v9"
+	"go.uber.org/zap"
 
-	"github.com/veops/oneterm/pkg/conf"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/logger"
 )
 
 var (
@@ -15,28 +17,16 @@ var (
 	RC *redis.Client
 )
 
-func Init(cfg *conf.RedisConfig) (err error) {
-	if cfg == nil {
-		return
-	}
-
+func init() {
 	ctx := context.Background()
-	readTimeout := time.Duration(30) * time.Second
-	writeTimeout := time.Duration(30) * time.Second
 	RC = redis.NewClient(&redis.Options{
-		Addr:         cfg.Addr,
-		DB:           cfg.Db,
-		Password:     cfg.Password,
-		PoolSize:     cfg.PoolSize,
-		MaxIdleConns: cfg.MaxIdle,
-		ReadTimeout:  readTimeout,
-		WriteTimeout: writeTimeout,
+		Addr:     conf.Cfg.Redis.Addr,
+		Password: conf.Cfg.Redis.Password,
 	})
 
-	if _, err = RC.Ping(ctx).Result(); err != nil {
-		return err
+	if _, err := RC.Ping(ctx).Result(); err != nil {
+		logger.L().Fatal("ping redis failed", zap.Error(err))
 	}
-	return nil
 }
 
 func Get(ctx context.Context, key string, dst any) (err error) {

backend/cmd/api/api.go

@@ -1,17 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/veops/oneterm/cmd/api/app"
-)
-
-func main() {
-	command := app.NewServerCommand()
-
-	if err := command.Execute(); err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-}

backend/cmd/api/app/api.go

@@ -1,137 +0,0 @@
-// Package app
-
-package app
-
-import (
-	"context"
-	"fmt"
-	"os"
-	"os/signal"
-	"syscall"
-
-	"github.com/gin-gonic/gin"
-	"github.com/oklog/run"
-	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
-
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	gsession "github.com/veops/oneterm/pkg/server/global/session"
-	"github.com/veops/oneterm/pkg/server/router"
-	"github.com/veops/oneterm/pkg/server/schedule/cmdb"
-	"github.com/veops/oneterm/pkg/server/schedule/connectable"
-	"github.com/veops/oneterm/pkg/server/storage/cache/local"
-	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-)
-
-const (
-	componentServer = "./server"
-)
-
-var (
-	configFilePath string
-)
-
-var cmdRun = &cobra.Command{
-	Use:     "run",
-	Example: fmt.Sprintf("%s run -c apps", componentServer),
-	Short:   "run",
-	Long:    `a run test`,
-	Args:    cobra.MinimumNArgs(0),
-	Run: func(cmd *cobra.Command, args []string) {
-		Run()
-		os.Exit(0)
-	},
-}
-
-func NewServerCommand() *cobra.Command {
-	command := &cobra.Command{
-		Use: componentServer,
-	}
-
-	cmdRun.PersistentFlags().StringVarP(&configFilePath, "config", "c", "./", "config path")
-	command.AddCommand(cmdRun)
-	return command
-}
-
-func Run() {
-	parseConfig(configFilePath)
-	gr := run.Group{}
-	ctx, logCancel := context.WithCancel(context.Background())
-
-	if err := logger.Init(ctx, conf.Cfg.Log); err != nil {
-		fmt.Println("err init failed", err)
-		os.Exit(1)
-	}
-
-	if err := mysql.Init(conf.Cfg.Mysql); err != nil {
-		logger.L.Error("mysql init failed: " + err.Error())
-		os.Exit(1)
-	}
-
-	if err := redis.Init(conf.Cfg.Redis); err != nil {
-		logger.L.Error("redis init failed: " + err.Error())
-		os.Exit(1)
-	}
-
-	if err := local.Init(); err != nil {
-		logger.L.Error("local init failed: " + err.Error())
-		os.Exit(1)
-	}
-
-	if err := gsession.Init(); err != nil {
-		logger.L.Error("local init failed: " + err.Error())
-		os.Exit(1)
-	}
-
-	{
-		// Termination handler.
-		term := make(chan os.Signal, 1)
-		signal.Notify(term, os.Interrupt, syscall.SIGTERM)
-		gr.Add(
-			func() error {
-				<-term
-				logger.L.Warn("Received SIGTERM, exiting gracefully...")
-				return nil
-			},
-			func(err error) {},
-		)
-	}
-	{
-		cancel := make(chan struct{})
-		gr.Add(func() error {
-			gin.SetMode(conf.Cfg.Mode)
-			srv := router.Server(conf.Cfg)
-			router.GracefulExit(srv, cancel)
-			return nil
-		}, func(err error) {
-			close(cancel)
-		})
-		gr.Add(cmdb.Run, cmdb.Stop)
-		gr.Add(connectable.Run, connectable.Stop)
-	}
-
-	if err := gr.Run(); err != nil {
-		logger.L.Error(err.Error())
-	}
-
-	logger.L.Info("exiting")
-	logCancel()
-}
-
-func parseConfig(filePath string) {
-	viper.SetConfigName("config")
-	viper.SetConfigType("yaml")
-	viper.AddConfigPath(filePath)
-	viper.AddConfigPath(".")
-
-	err := viper.ReadInConfig()
-	if err != nil { // Handle errors reading the config file
-		panic(fmt.Errorf("fatal error config file: %s", err))
-	}
-
-	if err = viper.Unmarshal(&conf.Cfg); err != nil {
-		panic(fmt.Sprintf("parse config from config.yaml failed:%s", err))
-	}
-}

backend/cmd/ssh/app/ssh.go

@@ -1,137 +0,0 @@
-package app
-
-import (
-	"context"
-	"fmt"
-	"os"
-	"os/signal"
-	"syscall"
-
-	"github.com/mitchellh/mapstructure"
-	"github.com/oklog/run"
-	"github.com/spf13/cobra"
-	"github.com/spf13/viper"
-
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	sshproto "github.com/veops/oneterm/pkg/proto/ssh"
-	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
-	"github.com/veops/oneterm/pkg/proto/ssh/handler"
-)
-
-const (
-	componentServer = "./server"
-)
-
-var (
-	configFilePath string
-)
-
-var cmdRun = &cobra.Command{
-	Use:     "ssh",
-	Example: fmt.Sprintf("%s ssh -c apps", componentServer),
-	Short:   "run",
-	Long:    `a run test`,
-	Args:    cobra.MinimumNArgs(0),
-	Run: func(cmd *cobra.Command, args []string) {
-		Run()
-		os.Exit(0)
-	},
-}
-
-func NewServerCommand() *cobra.Command {
-	command := &cobra.Command{
-		Use: componentServer,
-	}
-
-	cmdRun.PersistentFlags().StringVarP(&configFilePath, "config", "c", "./", "config path")
-	command.AddCommand(cmdRun)
-	return command
-}
-
-func Run() {
-	parseConfig(configFilePath)
-
-	gr := run.Group{}
-	ctx, logCancel := context.WithCancel(context.Background())
-
-	if err := logger.Init(ctx, conf.Cfg.Log); err != nil {
-		fmt.Println("err init failed", err)
-		os.Exit(1)
-	}
-	handler.I18nInit(conf.Cfg.I18nDir)
-
-	{
-		// Termination handler.
-		term := make(chan os.Signal, 1)
-		signal.Notify(term, os.Interrupt, syscall.SIGTERM)
-		gr.Add(
-			func() error {
-				<-term
-				logger.L.Warn("Received SIGTERM, exiting gracefully...")
-				return nil
-			},
-			func(err error) {},
-		)
-	}
-	{
-		cancel := make(chan struct{})
-		gr.Add(func() error {
-			_ = sshproto.Run(fmt.Sprintf("%s:%d", cfg.SSHConfig.Ip, cfg.SSHConfig.Port),
-				cfg.SSHConfig.Api,
-				cfg.SSHConfig.Token,
-				cfg.SSHConfig.PrivateKeyPath,
-				conf.Cfg.SecretKey)
-			<-cancel
-			return nil
-		}, func(err error) {
-			close(cancel)
-		})
-	}
-
-	if err := gr.Run(); err != nil {
-		logger.L.Error(err.Error())
-	}
-
-	logger.L.Info("exiting")
-	logCancel()
-}
-
-func parseConfig(filePath string) {
-	viper.SetConfigName("config")
-	viper.SetConfigType("yaml")
-	viper.AddConfigPath(filePath)
-	viper.AddConfigPath(".")
-
-	err := viper.ReadInConfig()
-	if err != nil { // Handle errors reading the config file
-		panic(fmt.Errorf("fatal error config file: %s", err))
-	}
-
-	if err = viper.Unmarshal(&conf.Cfg); err != nil {
-		panic(fmt.Sprintf("parse config from config.yaml failed:%s", err))
-	}
-
-	if sc, ok := conf.Cfg.Protocols["ssh"]; ok {
-		er := mapstructure.Decode(sc, &cfg.SSHConfig)
-		if er != nil {
-			panic(er)
-		}
-		switch v := sc.(type) {
-		case map[string]interface{}:
-			if v1, ok := v["ip"]; ok {
-				cfg.SSHConfig.Ip = v1.(string)
-			} else {
-				cfg.SSHConfig.Ip = "127.0.0.1"
-			}
-			if v1, ok := v["port"]; ok {
-				cfg.SSHConfig.Port = v1.(int)
-			} else {
-				cfg.SSHConfig.Port = 45622
-			}
-			//cfg.SSHConfig.Api = fmt.Sprintf("%v", v["api"])
-			//cfg.SSHConfig.Token = fmt.Sprintf("%v", v["token"])
-			//cfg.SSHConfig.WebUser = v["webUser"]
-		}
-	}
-}

backend/cmd/ssh/config.example.yaml

@@ -1,12 +0,0 @@
-
-protocols:
-  ssh:
-    api: oneterm-api:8080
-    ip: '0.0.0.0'
-    port: 2222
-    webUser: "test"
-    webToken: "135790"
-    privateKeyPath: /root/.ssh/id_ed25519
-
-
-i18nDir: ./translate

backend/cmd/ssh/ssh.go

@@ -1,17 +0,0 @@
-package main
-
-import (
-	"fmt"
-	"os"
-
-	"github.com/veops/oneterm/cmd/ssh/app"
-)
-
-func main() {
-	command := app.NewServerCommand()
-
-	if err := command.Execute(); err != nil {
-		fmt.Println(err)
-		os.Exit(1)
-	}
-}

backend/conf/conf.go

@@ -1,27 +1,11 @@
 package conf
 
 import (
-	"fmt"
-
-	"github.com/BurntSushi/toml"
-	"github.com/nicksnyder/go-i18n/v2/i18n"
-	"golang.org/x/text/language"
-)
-
-var (
-	Bundle = i18n.NewBundle(language.English)
+	"github.com/spf13/pflag"
 )
 
 func init() {
-	Bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
-	_, err := Bundle.LoadMessageFile("./translate/active.en.toml")
-	if err != nil {
-		fmt.Println("load i18n message failed", err)
-	}
-	_, err = Bundle.LoadMessageFile("./translate/active.zh.toml")
-	if err != nil {
-		fmt.Println("load i18n message failed", err)
-	}
+	pflag.Parse()
 }
 
 const (
@@ -35,11 +19,11 @@ const (
 var (
 	Cfg = &ConfigYaml{
 		Mode: "debug",
-		Http: &HttpConfig{
+		Http: HttpConfig{
 			Host: "0.0.0.0",
 			Port: 80,
 		},
-		Log: &LogConfig{
+		Log: LogConfig{
 			Level:         "info",
 			MaxSize:       100, // megabytes
 			MaxBackups:    5,
@@ -48,12 +32,11 @@ var (
 			Path:          "app.log",
 			ConsoleEnable: true,
 		},
-		Auth: &Auth{
+		Auth: Auth{
 			Custom: map[string]string{},
 		},
-		Cmdb:      &Cmdb{},
-		Worker:    &Worker{},
-		Protocols: map[string]any{},
+		Cmdb:   Cmdb{},
+		Worker: Worker{},
 	}
 )
 
@@ -64,10 +47,7 @@ type HttpConfig struct {
 
 type RedisConfig struct {
 	Addr     string `yaml:"addr"`
-	Db       int    `yaml:"db"`
 	Password string `yaml:"password"`
-	MaxIdle  int    `yaml:"maxIdle"`
-	PoolSize int    `yaml:"poolSize"`
 }
 
 type MysqlConfig struct {
@@ -138,19 +118,17 @@ type Guacd struct {
 
 type ConfigYaml struct {
 	Mode      string      `yaml:"mode"`
-	Http      *HttpConfig    `yaml:"http"`
-	Log       *LogConfig     `yaml:"log"`
-	Redis     *RedisConfig   `yaml:"redis"`
-	Mysql     *MysqlConfig   `yaml:"mysql"`
-	Auth      *Auth          `yaml:"auth"`
-	SecretKey string         `yaml:"secretKey"`
-	Cmdb      *Cmdb          `yaml:"cmdb"`
-	Worker    *Worker        `yaml:"worker"`
-	SshServer *SshServer     `yaml:"sshServer"`
-	Guacd     *Guacd         `yaml:"guacd"`
-	Protocols map[string]any `yaml:"protocols"`
-
 	I18nDir   string      `yaml:"i18nDir"`
+	Log       LogConfig   `yaml:"log"`
+	Redis     RedisConfig `yaml:"redis"`
+	Mysql     MysqlConfig `yaml:"mysql"`
+	Guacd     Guacd       `yaml:"guacd"`
+	Http      HttpConfig  `yaml:"http"`
+	Ssh       SshServer   `yaml:"ssh"`
+	Auth      Auth        `yaml:"auth"`
+	SecretKey string      `yaml:"secretKey"`
+	Cmdb      Cmdb        `yaml:"cmdb"`
+	Worker    Worker      `yaml:"worker"`
 }
 
 func GetResourceTypeName(key string) (val string) {

backend/config.example.yaml

@@ -2,7 +2,16 @@ mode: debug
 
 http:
   ip: 0.0.0.0
-  port: 8080
+  port: 8888
+
+ssh:
+  ip: 0.0.0.0
+  port: 2222
+
+guacd:
+  ip: oneterm-guacd
+  port: 4822
+  gateway: oneterm-api 
 
 mysql:
   ip: mysql
@@ -11,15 +20,13 @@ mysql:
   password: root
 
 redis:
-  addr: myredis:6379
+  addr: redis:6379
   password: root
 
 log:
   level: debug
-  path: app.log
   format: json
   maxSize: 1
-  # consoleEnable Whether to enable outputting logs to the console as the sametime
   consoleEnable: true
 
 auth:
@@ -50,14 +57,4 @@ worker:
   key: acl key
   secret: acl secret
 
-sshServer:
-  ip: 127.0.0.1
-  port: 2222
-  account: test
-  password: 135790
-  xtoken: 123456
 
-guacd:
-  ip: oneterm-guacd
-  port: 4822
-  gateway: oneterm-api 

backend/db/mysql.go

@@ -0,0 +1,25 @@
+package mysql
+
+import (
+	"fmt"
+
+	"go.uber.org/zap"
+	"gorm.io/driver/mysql"
+	"gorm.io/gorm"
+
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/logger"
+)
+
+var (
+	DB *gorm.DB
+)
+
+func init() {
+	var err error
+	dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/oneterm?charset=utf8mb4&parseTime=True&loc=Local",
+		conf.Cfg.Mysql.User, conf.Cfg.Mysql.Password, conf.Cfg.Mysql.Ip, conf.Cfg.Mysql.Port)
+	if DB, err = gorm.Open(mysql.Open(dsn), &gorm.Config{}); err != nil {
+		logger.L().Fatal("init mysql failed", zap.Error(err))
+	}
+}

backend/gateway/gateway.go

@@ -10,9 +10,9 @@ import (
 	"go.uber.org/zap"
 	"golang.org/x/crypto/ssh"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/model"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
 )
 
 var (
@@ -45,19 +45,19 @@ func (gt *GatewayTunnel) Open() (err error) {
 	defer close(gt.Chan)
 	go func() {
 		<-time.After(time.Second * 5)
-		logger.L.Debug("timeout 5 second close listener", zap.String("sessionId", gt.SessionId))
+		logger.L().Debug("timeout 5 second close listener", zap.String("sessionId", gt.SessionId))
 		gt.listener.Close()
 	}()
 	gt.LocalConn, err = gt.listener.Accept()
 	if err != nil {
-		logger.L.Error("accept failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
+		logger.L().Error("accept failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
 		return err
 	}
 
 	remoteAddr := fmt.Sprintf("%s:%d", gt.RemoteIp, gt.RemotePort)
 	gt.RemoteConn, err = manager.sshClients[gt.GatewayId].Dial("tcp", remoteAddr)
 	if err != nil {
-		logger.L.Error("dial remote failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
+		logger.L().Error("dial remote failed", zap.String("sessionId", gt.SessionId), zap.Error(err))
 		return err
 	}
 
@@ -120,7 +120,7 @@ func (gm *GateWayManager) Open(sessionId, remoteIp string, remotePort int, gatew
 		Chan:       make(chan struct{}),
 	}
 	gm.gateways[sessionId] = g
-	logger.L.Debug("opening gateway", zap.Any("sessionId", sessionId))
+	logger.L().Debug("opening gateway", zap.Any("sessionId", sessionId))
 	go g.Open()
 
 	return

backend/i18n/i18n.go

@@ -1,179 +1,198 @@
 package i18n
 
 import (
-	goi18n "github.com/nicksnyder/go-i18n/v2/i18n"
+	"fmt"
+
+	"github.com/BurntSushi/toml"
+	"github.com/nicksnyder/go-i18n/v2/i18n"
+	"golang.org/x/text/language"
 )
 
+var (
+	Bundle = i18n.NewBundle(language.English)
+	langs  = []string{"en", "zh"}
+)
+
+func init() {
+	Bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
+	for _, lang := range langs {
+		_, err := Bundle.LoadMessageFile(fmt.Sprintf("./translate/active.%s.toml", lang))
+		if err != nil {
+			fmt.Println("load i18n message failed", err)
+		}
+	}
+}
+
 var (
 	// errors
-	MsgBadRequest = &goi18n.Message{
+	MsgBadRequest = &i18n.Message{
 		ID:    "MsgBadRequest",
 		One:   "Bad Request: {{.err}}",
 		Other: "Bad Request: {{.err}}",
 	}
-	MsgInvalidArguemnt = &goi18n.Message{
+	MsgInvalidArguemnt = &i18n.Message{
 		ID:    "MsgArgumentError",
 		One:   "Bad Request: Argument is invalid, {{.err}}",
 		Other: "Bad Request: Argument is invalid, {{.err}}",
 	}
-	MsgDupName = &goi18n.Message{
+	MsgDupName = &i18n.Message{
 		ID:    "MsgDupName",
 		One:   "Bad Request: {{.name}} is duplicate",
 		Other: "Bad Request: {{.name}} is duplicate",
 	}
-	MsgHasChild = &goi18n.Message{
+	MsgHasChild = &i18n.Message{
 		ID:    "MsgHasChild",
 		One:   "Bad Request: This folder has sub folder or assert, cannot be deleted",
 		Other: "Bad Request: This folder has sub folder or assert, cannot be deleted",
 	}
-	MsgHasDepdency = &goi18n.Message{
+	MsgHasDepdency = &i18n.Message{
 		ID:    "MsgHasDepdency",
 		One:   "Bad Request: Asset {{.name}} dependens on this, cannot be deleted",
 		Other: "Bad Request: Asset {{.name}} dependens on this, cannot be deleted",
 	}
-	MsgNoPerm = &goi18n.Message{
+	MsgNoPerm = &i18n.Message{
 		ID:    "MsgNoPerm",
 		One:   "Bad Request: You do not have {{.perm}} permission",
 		Other: "Bad Request: You do not have {{.perm}} permission",
 	}
-	MsgRemoteClient = &goi18n.Message{
+	MsgRemoteClient = &i18n.Message{
 		ID:    "MsgRemote",
 		One:   "Bad Request: {{.message}}",
 		Other: "Bad Request: {{.message}}",
 	}
-	MsgWrongPk = &goi18n.Message{
+	MsgWrongPk = &i18n.Message{
 		ID:    "MsgWrongPk",
 		One:   "Bad Request: Invalid SSH public key",
 		Other: "Bad Request: Invalid SSH public key",
 	}
-	MsgWrongMac = &goi18n.Message{
+	MsgWrongMac = &i18n.Message{
 		ID:    "MsgWrongMac",
 		One:   "Bad Request: Invalid Mac address",
 		Other: "Bad Request: Invalid Mac address",
 	}
-	MsgInvalidSessionId = &goi18n.Message{
+	MsgInvalidSessionId = &i18n.Message{
 		ID:    "MsgInvalidSessionId",
 		One:   "Bad Request: Invalid session id {{.sessionId}}",
 		Other: "Bad Request: Invalid session id {{.sessionId}}",
 	}
-	MsgSessionEnd = &goi18n.Message{
+	MsgSessionEnd = &i18n.Message{
 		ID:    "MsgSessionEnd",
 		One:   "\n----------Session {{.sessionId}} has been ended----------\n",
 		Other: "\n----------Session {{.sessionId}} has been ended----------\n",
 	}
-	MsgLoginError = &goi18n.Message{
+	MsgLoginError = &i18n.Message{
 		ID:    "MsgLoginError",
 		One:   "Bad Request: Invalid account",
 		Other: "Bad Request: Invalid account",
 	}
-	MsgAccessTime = &goi18n.Message{
+	MsgAccessTime = &i18n.Message{
 		ID:    "MsgAccessTime",
 		One:   "Bad Request: current time is not allowed to access",
 		Other: "Bad Request: current time is not allowed to access",
 	}
-	MsgIdleTimeout = &goi18n.Message{
+	MsgIdleTimeout = &i18n.Message{
 		ID:    "MsgIdleTimeout",
 		One:   "Bad Request: idle timeout more than {{.second}} seconds",
 		Other: "Bad Request: idle timeout more than {{.second}} seconds",
 	}
 	//
-	MsgInternalError = &goi18n.Message{
+	MsgInternalError = &i18n.Message{
 		ID:    "MsgInternalError",
 		One:   "Server Error: {{.err}}",
 		Other: "Server Error: {{.err}}",
 	}
-	MsgRemoteServer = &goi18n.Message{
+	MsgRemoteServer = &i18n.Message{
 		ID:    "MsgRemoteServer",
 		One:   "Server Error: {{.message}}",
 		Other: "Server Error: {{.message}}",
 	}
-	MsgLoadSession = &goi18n.Message{
+	MsgLoadSession = &i18n.Message{
 		ID:    "MsgLoadSession",
 		One:   "Load Session Faild",
 		Other: "Load Session Faild",
 	}
-	MsgConnectServer = &goi18n.Message{
+	MsgConnectServer = &i18n.Message{
 		ID:    "MsgConnectServer",
 		One:   "Connect Server Error",
 		Other: "Connect Server Error",
 	}
-	MsgAdminClose = &goi18n.Message{
+	MsgAdminClose = &i18n.Message{
 		ID:    "MsgAdminClose",
 		One:   "Sessoin has been closed by admin {{.admin}}",
 		Other: "Sessoin has been closed by admin {{.admin}}",
 	}
 
 	// others
-	MsgTypeMappingAccount = &goi18n.Message{
+	MsgTypeMappingAccount = &i18n.Message{
 		ID:    "MsgTypeMappingAccount",
 		One:   "Account",
 		Other: "Account",
 	}
-	MsgTypeMappingAsset = &goi18n.Message{
+	MsgTypeMappingAsset = &i18n.Message{
 		ID:    "MsgTypeMappingAsset",
 		One:   "Asset",
 		Other: "Asset",
 	}
-	MsgTypeMappingCommand = &goi18n.Message{
+	MsgTypeMappingCommand = &i18n.Message{
 		ID:    "MsgTypeMappingCommand",
 		One:   "Command",
 		Other: "Command",
 	}
-	MsgTypeMappingGateway = &goi18n.Message{
+	MsgTypeMappingGateway = &i18n.Message{
 		ID:    "MsgTypeMappingGateway",
 		One:   "Gateway",
 		Other: "Gateway",
 	}
-	MsgTypeMappingNode = &goi18n.Message{
+	MsgTypeMappingNode = &i18n.Message{
 		ID:    "MsgTypeMappingNode",
 		One:   "Node",
 		Other: "Node",
 	}
-	MsgTypeMappingPublicKey = &goi18n.Message{
+	MsgTypeMappingPublicKey = &i18n.Message{
 		ID:    "MsgTypeMappingPublicKey",
 		One:   "Public Key",
 		Other: "Public Key",
 	}
 
 	// SSH
-	MsgSshShowAssetResults = &goi18n.Message{
+	MsgSshShowAssetResults = &i18n.Message{
 		ID:    "MsgSshShowAssetResults",
 		One:   "Total host count is:\033[0;32m {{.Count}} \033[0m \r\n{{.Msg}}\r\n",
 		Other: "Total host count is:\033[0;32m {{.Count}} \033[0m \r\n{{.Msg}}\r\n",
 	}
-	MsgSshAccountLoginError = &goi18n.Message{
+	MsgSshAccountLoginError = &i18n.Message{
 		ID: "MsgSshAccountLoginError",
 		One: "\x1b[1;30;32m failed login \x1b[0m \x1b[1;30;3m {{.User}}\x1b[0m\n" +
 			"\x1b[0;33m you need to choose asset again \u001B[0m\n",
 		Other: "\x1b[1;30;32m failed login \x1b[0m \x1b[1;30;3m {{.User}}\x1b[0m\n" +
 			"\x1b[0;33m you need to choose asset again \u001B[0m\n",
 	}
-	MsgSshNoAssetPermission = &goi18n.Message{
+	MsgSshNoAssetPermission = &i18n.Message{
 		ID:    "MsgSshNoAssetPermission",
 		One:   "\r\n\u001B[0;33mNo permission for[0m:\033[0;31m {{.Host}} \033[0m\r\n",
 		Other: "\r\n\u001B[0;33mNo permission for[0m:\033[0;31m {{.Host}} \033[0m\r\n",
 	}
-	MsgSshNoMatchingAsset = &goi18n.Message{
+	MsgSshNoMatchingAsset = &i18n.Message{
 		ID:    "MsgSshNoMatchingAsset",
 		One:   "\x1b[0;33mNo matching asset for :\x1b[0m  \x1b[0;94m{{.Host}} \x1b[0m\r\n",
 		Other: "\x1b[0;33mNo matching asset for :\x1b[0m  \x1b[0;94m{{.Host}} \x1b[0m\r\n",
 	}
-	MsgSshNoSshAccessMethod = &goi18n.Message{
+	MsgSshNoSshAccessMethod = &i18n.Message{
 		ID:    "MsgSshNoSshAccessMethod",
 		One:   "No ssh access method for :\033[0;31m {{.Host}} \033[0m\r\n",
 		Other: "No ssh access method for :\033[0;31m {{.Host}} \033[0m\r\n",
 	}
-	MsgSshNoSshAccountForAsset = &goi18n.Message{
+	MsgSshNoSshAccountForAsset = &i18n.Message{
 		ID:    "MsgSshNoSshAccountForAsset",
 		One:   "No ssh account for :\033[0;31m {{.Host}} \033[0m\r\n",
 		Other: "No ssh account for :\033[0;31m {{.Host}} \033[0m\r\n",
 	}
-	MsgSshMultiSshAccountForAsset = &goi18n.Message{
+	MsgSshMultiSshAccountForAsset = &i18n.Message{
 		ID:    "MsgSshMultiSshAccountForAsset",
 		One:   "choose account: \n\033[0;31m {{.Accounts}} \033[0m\n",
 		Other: "choose account: \n\033[0;31m {{.Accounts}} \033[0m\n",
 	}
-	MsgSshWelcome = &goi18n.Message{
+	MsgSshWelcome = &i18n.Message{
 		ID: "MsgSshWelcomeMsg",
 		One: "\x1b[0;47m Welcome: {{.User}} \x1b[0m\r\n" +
 			" \x1b[1;30;32m /s \x1b[0m to switch language between english and 中文\r\n" +
@@ -188,24 +207,24 @@ var (
 			"\x1b[1;30;32m /q \x1b[0m to exit\r\n" +
 			"\x1b[1;30;32m /? \x1b[0m for help\r\n",
 	}
-	MsgSshCommandRefused = &goi18n.Message{
+	MsgSshCommandRefused = &i18n.Message{
 		ID:    "MsgSshCommandRefused",
 		One:   "\x1b[0;31m you have no permission to execute command: \x1b[0m  \x1b[0;33m{{.Command}} \x1b[0m\r\n",
 		Other: "\x1b[0;31m you have no permission to execute command: \x1b[0m  \x1b[0;33m{{.Command}} \x1b[0m\r\n",
 	}
-	MsgSShHostIdleTimeout = &goi18n.Message{
+	MsgSShHostIdleTimeout = &i18n.Message{
 		ID:    "MsgSShHostIdleTimeout",
 		One:   "\r\n\x1b[0;31m disconnect since idle more than\x1b[0m \x1b[0;33m {{.Idle}} \x1b[0m\r\n",
 		Other: "\r\n\x1b[0;31m disconnect since idle more than\x1b[0m \x1b[0;33m {{.Idle}} \x1b[0m\r\n",
 	}
 
-	MsgSshAccessRefusedInTimespan = &goi18n.Message{
+	MsgSshAccessRefusedInTimespan = &i18n.Message{
 		ID:    "MsgSshAccessRefusedInTimespan",
 		One:   "\r\n\x1b[0;31m disconnect since current time is not allowed \x1b[0m\r\n",
 		Other: "\r\n\x1b[0;31m disconnect since current time is not allowed \x1b[0m\r\n",
 	}
 
-	MsgSShWelcomeForHelp = &goi18n.Message{
+	MsgSShWelcomeForHelp = &i18n.Message{
 		ID:    "MsgSShWelcomeForHelp",
 		One:   "\x1b[31;47m Welcome: {{.User}}",
 		Other: "\x1b[31;47m Welcome: {{.User}}",

backend/logger/logger.go

@@ -0,0 +1,53 @@
+package logger
+
+import (
+	"os"
+
+	"go.uber.org/zap"
+	"go.uber.org/zap/zapcore"
+	"gopkg.in/natefinch/lumberjack.v2"
+
+	"github.com/veops/oneterm/conf"
+)
+
+func init() {
+	level := zapcore.DebugLevel
+	switch conf.Cfg.Log.Level {
+	case "error":
+		level = zapcore.ErrorLevel
+	case "warn":
+		level = zapcore.WarnLevel
+	case "info":
+		level = zapcore.InfoLevel
+	case "debug":
+		level = zapcore.DebugLevel
+	}
+	fw := &lumberjack.Logger{
+		Filename:   "logs/oneterm.log",
+		MaxSize:    0,
+		MaxBackups: 0,
+		MaxAge:     15,
+		LocalTime:  false,
+		Compress:   false,
+	}
+	cfg := zap.NewProductionEncoderConfig()
+	cfg.EncodeTime = zapcore.TimeEncoderOfLayout("2006-01-02 15:04:05.000")
+	encoder := zapcore.NewConsoleEncoder(cfg)
+	cores := []zapcore.Core{zapcore.NewCore(
+		encoder,
+		zapcore.AddSync(fw),
+		level,
+	)}
+	if conf.Cfg.Log.ConsoleEnable {
+		cores = append(cores, zapcore.NewCore(
+			encoder,
+			zapcore.AddSync(zapcore.Lock(os.Stderr)),
+			level,
+		))
+	}
+	zap.ReplaceGlobals(zap.New(zapcore.NewTee(cores...)))
+}
+
+func L() *zap.Logger {
+	return zap.L()
+}

backend/main.go

@@ -0,0 +1,8 @@
+package main
+
+import "github.com/spf13/pflag"
+
+func main() {
+	path := pflag.StringP("config", "c", "config.yaml", "config path")
+	
+}

backend/pkg/logger/logger.go

@@ -1,93 +0,0 @@
-package logger
-
-import (
-	"context"
-	"fmt"
-	"os"
-	"strings"
-
-	"go.uber.org/zap"
-	"go.uber.org/zap/zapcore"
-	"gopkg.in/natefinch/lumberjack.v2"
-
-	"github.com/veops/oneterm/pkg/conf"
-)
-
-var (
-	L           *zap.Logger
-	AtomicLevel = zap.NewAtomicLevel()
-)
-
-func Init(ctx context.Context, cfg *conf.LogConfig) (err error) {
-	err = initLogger(cfg)
-	if err != nil {
-		return
-	}
-
-	L = zap.L()
-
-	go func() {
-		<-ctx.Done()
-		err = L.Sync()
-		if err != nil {
-			fmt.Println(err)
-		}
-	}()
-
-	return nil
-}
-
-func getEncoder(format string) zapcore.Encoder {
-
-	encodeConfig := zap.NewProductionEncoderConfig()
-	encodeConfig.EncodeTime = zapcore.ISO8601TimeEncoder
-	encodeConfig.TimeKey = "time"
-	encodeConfig.EncodeLevel = zapcore.CapitalLevelEncoder
-	encodeConfig.EncodeCaller = zapcore.ShortCallerEncoder
-
-	if strings.ToUpper(format) == "JSON" {
-		return zapcore.NewJSONEncoder(encodeConfig)
-	} else {
-		encodeConfig.EncodeLevel = zapcore.CapitalColorLevelEncoder
-		return zapcore.NewConsoleEncoder(encodeConfig)
-	}
-}
-
-func getLogWriter(cfg *conf.LogConfig) zapcore.Core {
-	var cores []zapcore.Core
-
-	if cfg.Path != "" {
-		logRotate := &lumberjack.Logger{
-			Filename:   cfg.Path,
-			MaxSize:    cfg.MaxSize,
-			MaxBackups: cfg.MaxBackups,
-			MaxAge:     cfg.MaxAge,
-			Compress:   cfg.Compress,
-		}
-		fileEncoder := getEncoder(cfg.Format)
-		cores = append(cores, zapcore.NewCore(fileEncoder, zapcore.AddSync(logRotate), AtomicLevel))
-	}
-
-	if cfg.ConsoleEnable {
-		consoleEncoder := getEncoder("console")
-		cores = append(cores, zapcore.NewCore(consoleEncoder, zapcore.Lock(os.Stdout), AtomicLevel))
-	}
-
-	return zapcore.NewTee(cores...)
-}
-
-func initLogger(cfg *conf.LogConfig) (err error) {
-
-	level, err := zap.ParseAtomicLevel(cfg.Level)
-	if err != nil {
-		return err
-	}
-	AtomicLevel.SetLevel(level.Level())
-
-	core := getLogWriter(cfg)
-
-	logger := zap.New(core, zap.AddCaller())
-	zap.ReplaceGlobals(logger)
-
-	return
-}

backend/pkg/proto/ssh/api/api.go

@@ -1,20 +0,0 @@
-package api
-
-type Authentication interface {
-	Authenticate() (token string, err error)
-}
-
-type Asset interface {
-	Groups() (any, error)
-	Lists() (any, error)
-}
-
-type Audit interface {
-	NewSession(data any) error
-}
-
-type Core interface {
-	Authentication
-	Audit
-	Asset
-}

backend/pkg/proto/ssh/api/asset.go

@@ -1,196 +0,0 @@
-package api
-
-import (
-	"fmt"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-
-	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
-	"github.com/veops/oneterm/pkg/server/controller"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/util"
-)
-
-type AssetCore struct {
-	Api    string
-	XToken string
-}
-
-func NewAssetServer(Api, token string) *AssetCore {
-	return &AssetCore{
-		Api:    Api,
-		XToken: token,
-	}
-}
-
-func (a *AssetCore) Groups() (res any, err error) {
-	return res, err
-}
-
-func (a *AssetCore) Lists(cookie, search string, id int) (res *controller.ListData, err error) {
-	client := resty.New()
-
-	var (
-		data *controller.HttpResponse
-	)
-
-	params := map[string]string{
-		"page_index": "1",
-		"page_size":  "-1",
-		"info":       "true",
-	}
-	if strings.TrimSpace(search) != "" {
-		params["search"] = search
-	}
-	if id > 0 {
-		params["id"] = fmt.Sprintf("%d", id)
-	}
-	resp, err := client.R().
-		SetQueryParams(params).
-		SetHeader("Cookie", cookie).
-		SetHeader("X-Token", a.XToken).
-		SetResult(&data).
-		Get(strings.TrimSuffix(a.Api, "/") + assetUrl)
-	if err != nil {
-		return res, fmt.Errorf("api request error:%v", err.Error())
-	}
-	if resp.StatusCode() != 200 {
-		return res, fmt.Errorf("auth code: %d %v", resp.StatusCode(), string(resp.Body()))
-	}
-	if data.Code != 0 {
-		return res, fmt.Errorf(data.Message)
-	}
-	err = util.DecodeStruct(&res, data.Data)
-	return
-}
-
-func (a *AssetCore) AllAssets() (res []*model.Asset, err error) {
-	params := map[string]string{
-		"page_index": "1",
-		"page_size":  "-1",
-	}
-	resp, err := request(resty.MethodGet,
-		a.Api+assetTotalUrl,
-		map[string]string{"X-Token": a.XToken}, params, nil)
-	if resp != nil {
-		for _, v := range resp.List {
-			var v1 model.Asset
-			_ = util.DecodeStruct(&v1, v)
-			res = append(res, &v1)
-		}
-	}
-	return
-}
-
-func (a *AssetCore) HasPermission(data *model.AccessAuth) bool {
-	now := time.Now()
-	in := true
-	if (data.Start != nil && now.Before(*data.Start)) || (data.End != nil && now.After(*data.End)) {
-		in = false
-	}
-	if !in {
-		return false
-	}
-	in = false
-	has := false
-	week, hm := now.Weekday(), now.Format("15:04")
-	for _, r := range data.Ranges {
-		has = has || len(r.Times) > 0
-		if (r.Week+1)%7 == int(week) {
-			for _, str := range r.Times {
-				ss := strings.Split(str, "~")
-				in = in || (len(ss) >= 2 && hm >= ss[0] && hm <= ss[1])
-			}
-		}
-	}
-	return !has || in == data.Allow
-}
-
-func (a *AssetCore) Gateway(cookie string, id int) (res *model.Gateway, err error) {
-	params := map[string]string{
-		"page_index": "1",
-		"page_size":  "1",
-		"info":       "true",
-	}
-	if id > 0 {
-		params["id"] = fmt.Sprintf("%d", id)
-	}
-
-	data, err := request(resty.MethodGet,
-		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), gatewayUrl),
-		map[string]string{
-			"Cookie":  cookie,
-			"X-Token": cfg.SSHConfig.Token,
-		}, params, nil)
-	if err != nil {
-		return
-	}
-	var r1 controller.ListData
-	err = util.DecodeStruct(&r1, data)
-	if err != nil {
-		return
-	}
-	if len(r1.List) == 0 {
-		err = fmt.Errorf("not found gateway for %d", id)
-		return
-	}
-	err = util.DecodeStruct(&res, r1.List[0])
-	return
-}
-
-func (a *AssetCore) Commands(cookie string) (res []*model.Command, err error) {
-	params := map[string]string{
-		"page_index": "1",
-		"page_size":  "-1",
-		"info":       "true",
-	}
-
-	data, err := request(resty.MethodGet,
-		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), commandUrl),
-		map[string]string{
-			"Cookie":  cookie,
-			"X-Token": cfg.SSHConfig.Token,
-		}, params, nil)
-	if err != nil {
-		return
-	}
-	var r1 controller.ListData
-	err = util.DecodeStruct(&r1, data)
-	if err != nil {
-		return
-	}
-	err = util.DecodeStruct(&res, r1.List)
-	return
-}
-
-func (a *AssetCore) Config(cookie string) (res *model.Config, err error) {
-	params := map[string]string{
-		"info": "true",
-	}
-	data := &controller.HttpResponse{}
-	_, err = resty.New().R().
-		SetQueryParams(params).
-		SetHeaders(map[string]string{
-			"Cookie":  cookie,
-			"X-Token": cfg.SSHConfig.Token,
-		}).
-		SetResult(data).
-		Get(strings.TrimSuffix(a.Api, "/") + configUrl)
-	if err != nil {
-		return
-	}
-
-	err = util.DecodeStruct(&res, data.Data)
-	return
-}
-
-func (a *AssetCore) ChangeState(data map[int]map[string]any) error {
-	_, err := request(resty.MethodPut,
-		strings.TrimSuffix(a.Api, "/")+assetUpdateState,
-		map[string]string{
-			"X-Token": cfg.SSHConfig.Token,
-		}, nil, data)
-	return err
-}

backend/pkg/proto/ssh/api/audit.go

@@ -1,105 +0,0 @@
-package api
-
-import (
-	"fmt"
-	"regexp"
-	"strings"
-
-	"github.com/go-resty/resty/v2"
-	"go.uber.org/zap"
-
-	"github.com/veops/oneterm/pkg/logger"
-	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
-	"github.com/veops/oneterm/pkg/server/controller"
-	"github.com/veops/oneterm/pkg/util"
-)
-
-type AuditCore struct {
-	Api    string
-	XToken string
-}
-
-func NewAuditServer(Api, token string) *Auth {
-	return &Auth{
-		Api:    Api,
-		XToken: token,
-	}
-}
-
-type CommandLevel int
-
-const (
-	CommandLevelNormal = iota + 1
-	CommandLevelReject
-)
-
-func (a *AuditCore) NewSession(data any) error {
-	_, err := request(resty.MethodPost,
-		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), sessionUrl),
-		map[string]string{
-			"X-Token": cfg.SSHConfig.Token,
-		}, nil, data)
-
-	return err
-}
-
-func (a *AuditCore) AddCommand(data any) {
-	_, err := request(resty.MethodPost,
-		fmt.Sprintf("%s%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), sessionCmdUrl),
-		map[string]string{
-			"X-Token":      cfg.SSHConfig.Token,
-			"Content-Type": "application/json",
-		}, nil, data)
-	if err != nil {
-		logger.L.Error(err.Error())
-	}
-}
-
-func AddReplay(sessionId string, data any) error {
-	_, err := request(resty.MethodPost,
-		fmt.Sprintf("%s%s/%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), replayUrl, sessionId),
-		map[string]string{
-			"X-Token": cfg.SSHConfig.Token,
-		}, nil, data)
-
-	return err
-}
-
-func AddReplayFile(sessionId, filePath string) (err error) {
-	var response *controller.HttpResponse
-	r, er := resty.New().R().SetFile("replay.cast", filePath).
-		SetHeader("X-Token", cfg.SSHConfig.Token).
-		SetHeader("Content-Type", "application/json").
-		SetBody(map[string]any{
-			"session_id": sessionId,
-			"body":       "",
-		}).SetResult(&response).Post(fmt.Sprintf("%s%s/%s", strings.TrimSuffix(cfg.SSHConfig.Api, "/"), replayFileUrl, sessionId))
-	if er != nil {
-		err = er
-		return err
-	}
-	if r.StatusCode() != 200 {
-		err = fmt.Errorf("auth code: %d: %s", r.StatusCode(), r.String())
-		return
-	}
-	if response.Code != 0 {
-		err = fmt.Errorf(response.Message)
-		return
-	}
-	err = util.DecodeStruct(&response, response.Data)
-	return err
-}
-
-func GetCommandLevel(command string, commands []string) CommandLevel {
-	for _, v := range commands {
-		pattern, err := regexp.Compile(v)
-		if err != nil {
-			logger.L.Warn(err.Error(), zap.String("module", ""))
-			continue
-		}
-		if pattern.MatchString(command) {
-			return CommandLevelReject
-		}
-	}
-	return CommandLevelNormal
-}

backend/pkg/proto/ssh/api/auth.go

@@ -1,169 +0,0 @@
-package api
-
-import (
-	"encoding/json"
-	"fmt"
-	"strings"
-	"time"
-
-	"github.com/go-resty/resty/v2"
-
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/controller"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/util"
-)
-
-type Auth struct {
-	Username  string
-	Password  string
-	PublicKey string
-
-	Api       string
-	XToken    string
-	SecretKey string
-}
-
-func NewAuthServer(username, password, publicKey, Api, token, secretKey string) *Auth {
-	return &Auth{
-		Username:  username,
-		Password:  password,
-		PublicKey: publicKey,
-
-		Api:       Api,
-		XToken:    token,
-		SecretKey: secretKey,
-	}
-}
-
-func (a *Auth) Authenticate() (token string, err error) {
-	client := resty.New()
-	var (
-		method int8
-		data   *controller.HttpResponse
-	)
-	if a.Password != "" {
-		method = 1
-	} else if a.PublicKey != "" {
-		method = 2
-	} else {
-		return "", fmt.Errorf("no password or publicKey")
-	}
-
-	resp, err := client.R().
-		SetHeader("X-Token", a.XToken).
-		SetHeader("Content-Type", "application/json").
-		SetBody(map[string]interface{}{
-			"method":   method,
-			"password": a.Password,
-			"pk":       a.PublicKey,
-			"username": a.Username,
-		}).
-		SetResult(&data).
-		Post(strings.TrimSuffix(a.Api, "/") + authUrl)
-	if err != nil {
-		return "", fmt.Errorf("api request error:%v", err.Error())
-	}
-	if resp.StatusCode() != 200 {
-		return "", fmt.Errorf("%s", string(resp.Body()))
-	}
-	if data.Code != 0 {
-		return "", fmt.Errorf(data.Message)
-	}
-	return data.Data.(map[string]any)["cookie"].(string), nil
-}
-
-func (a *Auth) AccountInfo(token string, uid int, name string) (account *model.Account, err error) {
-	data := map[string]string{"info": "true"}
-	if uid > 0 {
-		data["id"] = fmt.Sprintf("%d", uid)
-	}
-	if name != "" {
-		data["name"] = name
-	}
-	res, err := request(resty.MethodGet,
-		fmt.Sprintf("%s%s", strings.TrimSuffix(a.Api, "/"), accountUrl),
-		map[string]string{
-			"Cookie":  token,
-			"X-Token": a.XToken,
-		}, data, nil)
-	if err != nil {
-		return
-	}
-	if res.Count == 0 {
-		err = fmt.Errorf("no account found for %v", uid)
-		return
-	}
-	err = util.DecodeStruct(&account, res.List[0])
-	return
-}
-
-func (a *Auth) Accounts(token string) (account []*model.Account, err error) {
-	res, err := request(resty.MethodGet,
-		fmt.Sprintf("%s%s", strings.TrimSuffix(a.Api, "/"), accountUrl),
-		map[string]string{
-			"Cookie":  token,
-			"X-Token": a.XToken,
-		}, map[string]string{"info": "true"}, nil)
-	if err != nil {
-		return
-	}
-	if res.Count == 0 {
-		err = fmt.Errorf("no account found")
-		return
-	}
-	err = util.DecodeStruct(&account, res.List)
-	return
-}
-
-func request(method, path string, headers map[string]string, param map[string]string,
-	body any) (res *controller.ListData, err error) {
-	client := resty.New().SetTimeout(time.Second * 15).R()
-	if param != nil {
-		client = client.SetQueryParams(param)
-	}
-	for k, v := range headers {
-		client = client.SetHeader(k, v)
-	}
-	if body != nil {
-		client = client.SetBody(body)
-	}
-	var response *controller.HttpResponse
-	client = client.SetResult(&response)
-	r, err := client.Execute(method, path)
-	if err != nil {
-		err = fmt.Errorf("api request error:%v", err.Error())
-		return
-	}
-
-	if r.StatusCode() != 200 {
-		err = fmt.Errorf("auth code: %d: %s", r.StatusCode(), r.String())
-		return
-	}
-	if response.Code != 0 {
-		err = fmt.Errorf(response.Message)
-		return
-	}
-	err = util.DecodeStruct(&res, response.Data)
-	return res, err
-}
-
-func (a *Auth) AclInfo(sess string) (aclInfo *acl.Acl, er error) {
-	session := acl.Session{}
-	for _, v := range strings.Split(sess, ";") {
-		if strings.HasPrefix(strings.TrimSpace(v), "session=") {
-			sess = strings.TrimPrefix(strings.TrimSpace(v), "session=")
-		}
-	}
-	s := acl.NewSignature(a.SecretKey, "cookie-session", "", "hmac", nil, nil)
-	content, err := s.Unsign(sess)
-	if err != nil {
-		er = err
-		return
-	}
-	err = json.Unmarshal(content, &session)
-	if err != nil {
-		return aclInfo, err
-	}
-	return &session.Acl, nil
-}

backend/pkg/proto/ssh/api/onterm.go

@@ -1,20 +0,0 @@
-package api
-
-import (
-	gossh "github.com/gliderlabs/ssh"
-)
-
-type CoreInstance struct {
-	Auth    *Auth
-	Asset   *AssetCore
-	Session *gossh.Session
-	Audit   *AuditCore
-}
-
-func NewCoreInstance(apiHost, token, secretKey string) *CoreInstance {
-	coreInstance := &CoreInstance{
-		Auth:  NewAuthServer("", "", "", apiHost, token, secretKey),
-		Asset: NewAssetServer(apiHost, token),
-	}
-	return coreInstance
-}

backend/pkg/proto/ssh/api/var.go

@@ -1,23 +0,0 @@
-package api
-
-const (
-	// auth
-	authUrl = "/public_key/auth"
-
-	// asset
-	assetUrl         = "/asset"
-	gatewayUrl       = "/gateway"
-	commandUrl       = "/command"
-	configUrl        = "/config"
-	assetTotalUrl    = "/asset/query_by_server"
-	assetUpdateState = "/asset/update_by_server"
-
-	// account
-	accountUrl = "/account"
-
-	// audit
-	sessionUrl    = "/session"
-	replayUrl     = "/session/replay"
-	replayFileUrl = "/session/replay"
-	sessionCmdUrl = "/session/cmd"
-)

backend/pkg/proto/ssh/client/parse.go

@@ -1,67 +0,0 @@
-package client
-
-import (
-	"bytes"
-	"sync"
-)
-
-type Parser struct {
-	lock         sync.Mutex
-	vimState     bool
-	commandState bool
-}
-
-var (
-	enterMarks = [][]byte{
-		[]byte("\x1b[?1049h"),
-		[]byte("\x1b[?1048h"),
-		[]byte("\x1b[?1047h"),
-		[]byte("\x1b[?47h"),
-	}
-
-	exitMarks = [][]byte{
-		[]byte("\x1b[?1049l"),
-		[]byte("\x1b[?1048l"),
-		[]byte("\x1b[?1047l"),
-		[]byte("\x1b[?47l"),
-	}
-	screenMarks = [][]byte{
-		{0x1b, 0x5b, 0x4b, 0x0d, 0x0a},
-		{0x1b, 0x5b, 0x34, 0x6c},
-	}
-)
-
-func (p *Parser) State(b []byte) bool {
-	if !p.vimState && IsEditEnterMode(b) {
-		if !isNewScreen(b) {
-			p.vimState = true
-			p.commandState = false
-		}
-	}
-	if p.vimState && IsEditExitMode(b) {
-		p.vimState = false
-		p.commandState = true
-	}
-	return p.vimState
-}
-
-func isNewScreen(p []byte) bool {
-	return matchMark(p, screenMarks)
-}
-
-func IsEditEnterMode(p []byte) bool {
-	return matchMark(p, enterMarks)
-}
-
-func IsEditExitMode(p []byte) bool {
-	return matchMark(p, exitMarks)
-}
-
-func matchMark(p []byte, marks [][]byte) bool {
-	for _, item := range marks {
-		if bytes.Contains(p, item) {
-			return true
-		}
-	}
-	return false
-}

backend/pkg/proto/ssh/client/ssh.go

@@ -1,343 +0,0 @@
-package client
-
-import (
-	"fmt"
-	"io"
-	"net"
-	"strings"
-	"sync"
-	"time"
-
-	gossh "github.com/gliderlabs/ssh"
-	"github.com/google/uuid"
-	gssh "golang.org/x/crypto/ssh"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/record"
-	"github.com/veops/oneterm/pkg/server/model"
-)
-
-type Connection struct {
-	Session *gssh.Session
-	Stdin   io.Writer
-	Stdout  io.Reader
-
-	SessionId string
-	Record    record.Record
-	Commands  []byte
-	AssetId   int
-	AccountId int
-	Gateway   *model.Gateway
-
-	Parser *Parser
-
-	GateWayCloseChan chan struct{}
-	Exit             chan struct{}
-}
-
-type GatewayClient struct {
-	client     *gssh.Client
-	targetAddr string
-}
-
-var (
-	GatewayListener    net.Listener
-	GatewayConnections sync.Map
-)
-
-func NewSSHClientConfig(user string, account *model.Account) (*gssh.ClientConfig, error) {
-	am, er := authMethod(account)
-	if er != nil {
-		return nil, er
-	}
-	sshConfig := &gssh.ClientConfig{
-		Timeout: time.Second * 5,
-		User:    user,
-		Auth: []gssh.AuthMethod{
-			am,
-		},
-		HostKeyCallback: gssh.InsecureIgnoreHostKey(), // 不验证服务器的HostKey
-	}
-	return sshConfig, nil
-}
-
-func authMethod(account *model.Account) (gssh.AuthMethod, error) {
-	switch account.AccountType {
-	case model.AUTHMETHOD_PASSWORD:
-		return gssh.Password(account.Password), nil
-	case model.AUTHMETHOD_PUBLICKEY:
-		if account.Phrase == "" {
-			pk, err := gssh.ParsePrivateKey([]byte(account.Pk))
-			if err != nil {
-				return nil, err
-			}
-			return gssh.PublicKeys(pk), nil
-		} else {
-			pk, err := gssh.ParsePrivateKeyWithPassphrase([]byte(account.Pk), []byte(account.Phrase))
-			if err != nil {
-				return nil, err
-			}
-			return gssh.PublicKeys(pk), nil
-		}
-	default:
-		return nil, fmt.Errorf("invalid authmethod %d", account.AccountType)
-	}
-}
-
-// publicKeyBytes
-// path: ~/.ssh/id_ed25519
-//func publicKeyBytes(path string) error {
-//	pbk, err := os.ReadFile(path)
-//	publicKey, err := gossh.ParsePublicKey(pbk)
-//	if err != nil {
-//		return err
-//	}
-//	gossh.PublicKeyAuth(func(ctx gossh.Context, key gossh.PublicKey) bool {
-//		return gossh.KeysEqual(key, publicKey)
-//	})
-//	return nil
-//}
-
-func NewSShSession(con *gssh.Client, pty gossh.Pty, gatewayCloseChan chan struct{}) (conn *Connection, err error) {
-	sess, er := con.NewSession()
-
-	if er != nil {
-		err = er
-		return
-	}
-	modes := gssh.TerminalModes{
-		gssh.ECHO:          1,
-		gssh.TTY_OP_ISPEED: 14400,
-		gssh.TTY_OP_OSPEED: 14400,
-	}
-	if err = sess.RequestPty("xterm", pty.Window.Height, pty.Window.Width, modes); err != nil {
-		return
-	}
-
-	stdin, err := sess.StdinPipe()
-	if err != nil {
-		return
-	}
-	stdout, err := sess.StdoutPipe()
-	if err != nil {
-		return
-	}
-	if err := sess.Shell(); err != nil {
-		_ = sess.Close()
-	}
-
-	conn = &Connection{
-		Stdin:            stdin,
-		Stdout:           stdout,
-		Session:          sess,
-		SessionId:        uuid.NewString(),
-		GateWayCloseChan: gatewayCloseChan,
-		Exit:             make(chan struct{}),
-	}
-
-	conn.Record, err = record.NewAsciinema(conn.SessionId, pty)
-	conn.Parser = &Parser{
-		vimState:     false,
-		commandState: true,
-		lock:         sync.Mutex{},
-	}
-	return
-}
-
-// NewSShClient1
-// =====================================================do not edit=============================================
-func NewSShClient(addr string, account *model.Account, gateway *model.Gateway) (cli *gssh.Client, gatewayCloseChan chan struct{}, err error) {
-	sshConf, err := NewSSHClientConfig(account.Account, account)
-	if err != nil {
-		return
-	}
-
-	tmp := strings.Split(strings.TrimSpace(addr), ":")
-	if len(tmp) != 2 {
-		tmp = append(tmp, "22")
-	}
-	addr = strings.Join(tmp, ":")
-
-	if gateway != nil {
-		gatewayCloseChan = make(chan struct{})
-		gatewayConf, er := NewSSHClientConfig(gateway.Account,
-			&model.Account{AccountType: gateway.AccountType, Account: gateway.Account,
-				Password: gateway.Password, Pk: gateway.Pk, Phrase: gateway.Phrase})
-		if er != nil {
-			err = fmt.Errorf("gateway is not available %w", er)
-			return
-		}
-		gatewayCli, er := gssh.Dial("tcp", fmt.Sprintf("%s:%d", gateway.Host, gateway.Port), gatewayConf)
-		if er != nil {
-			err = fmt.Errorf("gateway is not available %w", er)
-			return
-		}
-
-		//hostname, er := os.Hostname()
-		//if er != nil {
-		//	err = fmt.Errorf("gateway is not available %w", er)
-		//	return
-		//}
-		targetAddr := addr
-		//addr = fmt.Sprintf("%s:%d", hostname, port)
-		port, er := GetAvailablePort()
-		addr = fmt.Sprintf("127.0.0.1:%d", port)
-		listener, er := net.Listen("tcp", addr)
-		if er != nil {
-			err = fmt.Errorf("gateway is not available %w", er)
-			return
-		}
-
-		var accept bool
-		go func() {
-			for {
-				select {
-				case <-gatewayCloseChan:
-					return
-				default:
-					if accept {
-						continue
-					}
-					lc, err := listener.Accept()
-					if err != nil {
-						return
-					}
-					gatewayConn, err := gatewayCli.Dial("tcp", targetAddr)
-					if err != nil {
-						return
-					}
-
-					go func() {
-						_, _ = io.Copy(lc, gatewayConn)
-					}()
-					go func() {
-						_, _ = io.Copy(gatewayConn, lc)
-					}()
-					accept = true
-				}
-			}
-		}()
-	}
-	cli, err = gssh.Dial("tcp", addr, sshConf)
-	return
-}
-
-func ResizeSshClient(sess *gssh.Session, h, w int) {
-	err := sess.WindowChange(h, w)
-	if err != nil {
-		logger.L.Warn(err.Error())
-		return
-	}
-}
-func GetAvailablePort() (int, error) {
-	addr, err := net.ResolveTCPAddr("tcp", "localhost:0")
-	if err != nil {
-		return 0, err
-	}
-
-	l, err := net.ListenTCP("tcp", addr)
-	if err != nil {
-		return 0, err
-	}
-
-	defer func(l *net.TCPListener) {
-		_ = l.Close()
-	}(l)
-	return l.Addr().(*net.TCPAddr).Port, nil
-}
-
-func AcquireGatewayListener() (string, error) {
-	if GatewayListener == nil {
-		port, err := GetAvailablePort()
-		if err != nil {
-			return "", fmt.Errorf("get available port failed:%s", err.Error())
-		}
-		addr := fmt.Sprintf("127.0.0.1:%d", port)
-		listener, er := net.Listen("tcp", addr)
-		if er != nil {
-			return "", fmt.Errorf("listen tcp %s failed: %s", addr, er.Error())
-		}
-		GatewayListener = listener
-		ListenGateway()
-	}
-	return GatewayListener.Addr().String(), nil
-}
-
-// func NewSShClient1(addr string, account *model.Account, gateway *model.Gateway) (cli *gssh.Client, gatewayCloseChan chan struct{}, err error) {
-// 	password, pubkey := account.Password, ""
-// 	if account.AccountType == model.AUTHMETHOD_PUBLICKEY {
-// 		password, pubkey = pubkey, password
-// 	}
-// 	sshConf, err := NewSSHClientConfig(account.Account, password, pubkey)
-// 	if err != nil {
-// 		return
-// 	}
-
-// 	tmp := strings.Split(strings.TrimSpace(addr), ":")
-// 	if len(tmp) != 2 {
-// 		tmp = append(tmp, "22")
-// 	}
-// 	addr = strings.Join(tmp, ":")
-
-// 	if gateway != nil {
-// 		gatewayCloseChan = make(chan struct{})
-// 		gatewayConf, er := NewSSHClientConfig(gateway.Account, gateway.Password, "")
-// 		if er != nil {
-// 			err = fmt.Errorf("gateway is not available %w", er)
-// 			return
-// 		}
-
-// 		gatewayCli, er := gssh.Dial("tcp", fmt.Sprintf("%s:%d", gateway.Host, gateway.Port), gatewayConf)
-// 		if er != nil {
-// 			err = fmt.Errorf("gateway is not available %w", er)
-// 			return
-// 		}
-
-// 		if gatewayAddr, er := AcquireGatewayListener(); er != nil {
-// 			err = er
-// 			return
-// 		} else {
-// 			fmt.Println("dial.........", gatewayAddr, sshConf)
-// 			//c, er := net.DialTimeout("tcp", gatewayAddr, time.Second*5)
-// 			//fmt.Println(c, er)
-// 			cli, err = gssh.Dial("tcp", gatewayAddr, sshConf)
-// 			if err != nil {
-// 				return
-// 			}
-// 			fmt.Println("store.......")
-// 			GatewayConnections.Store(cli.LocalAddr().String(), GatewayClient{client: gatewayCli, targetAddr: addr})
-// 			fmt.Println("endd dial...", err)
-// 		}
-
-// 	} else {
-// 		cli, err = gssh.Dial("tcp", addr, sshConf)
-// 	}
-// 	return
-// }
-
-func ListenGateway() {
-
-	go func() {
-		for {
-			conn, err := GatewayListener.Accept()
-			if err != nil {
-				logger.L.Warn(err.Error())
-				return
-			}
-			if v, ok := GatewayConnections.Load(conn.RemoteAddr().String()); ok {
-				cli := v.(GatewayClient)
-				gatewayConn, err := cli.client.Dial("tcp", cli.targetAddr)
-				if err != nil {
-					logger.L.Warn(err.Error())
-					break
-				}
-				go func() {
-					_, _ = io.Copy(conn, gatewayConn)
-				}()
-				go func() {
-					_, _ = io.Copy(gatewayConn, conn)
-				}()
-			}
-		}
-	}()
-}

backend/pkg/proto/ssh/config/config.go

@@ -1,28 +0,0 @@
-package config
-
-import (
-	"sync"
-)
-
-type Config struct {
-	Api   string `yaml:"api"`
-	Token string `yaml:"token"`
-
-	Ip   string `yaml:"ip"`
-	Port int    `yaml:"port"`
-
-	WebUser  string `yaml:"webUser"`
-	WebToken string `yaml:"webToken"`
-
-	RecordFilePath string `yaml:"recordFilePath"`
-	PrivateKeyPath string `yaml:"privateKeyPath"`
-
-	PlainMode bool `yaml:"plainMode"`
-}
-
-var (
-	SSHConfig        Config
-	TotalMonitors    = sync.Map{}
-	TotalHostSession = sync.Map{}
-	Assets           = sync.Map{}
-)

backend/pkg/proto/ssh/handler/handlers.go

@@ -1,125 +0,0 @@
-package handler
-
-import (
-	"io"
-	"os"
-	"strings"
-	"time"
-
-	gossh "github.com/gliderlabs/ssh"
-	gssh "golang.org/x/crypto/ssh"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/api"
-	cfg "github.com/veops/oneterm/pkg/proto/ssh/config"
-	"github.com/veops/oneterm/pkg/server/model"
-)
-
-type sshdServer struct {
-	Core *api.CoreInstance
-}
-
-func Init(address, apiHost, token, privateKeyPath, secretKey string) (*gossh.Server, error) {
-	sshd := NewSshdServer(apiHost, token, secretKey)
-	s := &gossh.Server{
-		Addr:             address,
-		Handler:          sshd.HomeHandler,
-		PasswordHandler:  sshd.PasswordHandler,
-		PublicKeyHandler: sshd.PublicKeyHandler,
-		IdleTimeout:      time.Hour*2 + time.Minute,
-	}
-
-	for _, v := range hostPrivateKeys(privateKeyPath) {
-		singer, er := gssh.ParsePrivateKey(v)
-		if er != nil {
-			continue
-		}
-		s.AddHostKey(singer)
-	}
-	return s, nil
-}
-
-func hostPrivateKeys(privateKeyPath string) [][]byte {
-	var res [][]byte
-
-	if privateKeyPath == "" {
-		homeDir, er := os.UserHomeDir()
-		if er != nil {
-			logger.L.Error(er.Error())
-		}
-		privateKeyPath = homeDir + "/.ssh/id_ed25519"
-	}
-	privateKey, err := os.ReadFile(privateKeyPath)
-	if err != nil {
-		logger.L.Error(err.Error())
-		return res
-	}
-	return [][]byte{privateKey}
-}
-
-func NewSshdServer(apiHost, token, secretKey string) *sshdServer {
-	s := &sshdServer{
-		Core: api.NewCoreInstance(apiHost, token, secretKey),
-	}
-	return s
-}
-
-func (s *sshdServer) PasswordHandler(ctx gossh.Context, password string) bool {
-	if password == "" {
-		return false
-	}
-
-	if ctx.User() == cfg.SSHConfig.WebUser && password == cfg.SSHConfig.WebToken {
-		ctx.SetValue("sshType", model.SESSIONTYPE_WEB)
-		return true
-	}
-	ctx.SetValue("sshType", model.SESSIONTYPE_CLIENT)
-	s.Core.Auth.Username = ctx.User()
-	s.Core.Auth.Password = password
-	s.Core.Auth.PublicKey = ""
-	return s.Auth(ctx)
-}
-
-func (s *sshdServer) PublicKeyHandler(ctx gossh.Context, key gossh.PublicKey) bool {
-	authorizedKey := gssh.MarshalAuthorizedKey(key)
-	s.Core.Auth.PublicKey = strings.TrimSpace(string(authorizedKey))
-	if s.Core.Auth.PublicKey == "" {
-		return false
-	}
-	s.Core.Auth.Username = ctx.User()
-	s.Core.Auth.Password = ""
-	if ctx.Value("sshType") == nil {
-		ctx.SetValue("sshType", model.SESSIONTYPE_CLIENT)
-	}
-	return s.Auth(ctx)
-}
-
-func (s *sshdServer) Auth(ctx gossh.Context) bool {
-	cookie, err := s.Core.Auth.Authenticate()
-	if err != nil || cookie == "" {
-		return false
-	}
-
-	ctx.SetValue("cookie", cookie)
-	return true
-}
-
-func (s *sshdServer) HomeHandler(gs gossh.Session) {
-	if py, winChan, isPty := gs.Pty(); isPty {
-		if py.Window.Height == 0 {
-			py.Window.Height = 24
-		}
-		interactiveSrv := NewInteractiveHandler(gs, s, py)
-		go interactiveSrv.WatchWinSize(winChan)
-		interactiveSrv.Schedule(&py)
-	} else {
-		if _, err := io.WriteString(gs, "不是PTY请求.\n"); err != nil {
-			logger.L.Error(err.Error())
-		}
-		err := gs.Exit(1)
-		if err != nil {
-			logger.L.Error(err.Error())
-		}
-		return
-	}
-}

backend/pkg/proto/ssh/handler/interactive.go

@@ -1,801 +0,0 @@
-// Package handler
-/**
-Copyright (c) The Authors.
-* @Author: feng.xiang
-* @Date: 2023/12/13 09:50
-* @Desc:
-*/
-package handler
-
-import (
-	"bytes"
-	"encoding/json"
-	"fmt"
-	"io"
-	"net"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/BurntSushi/toml"
-	"github.com/c-bata/go-prompt"
-	"github.com/chzyer/readline"
-	gossh "github.com/gliderlabs/ssh"
-	"github.com/mattn/go-runewidth"
-	"github.com/nicksnyder/go-i18n/v2/i18n"
-	"github.com/olekukonko/tablewriter"
-	"github.com/patrickmn/go-cache"
-	"github.com/spf13/cast"
-	"github.com/veops/go-ansiterm"
-	"go.uber.org/zap"
-	"golang.org/x/crypto/ssh"
-	"golang.org/x/text/language"
-
-	myi18n "github.com/veops/oneterm/pkg/i18n"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/client"
-	"github.com/veops/oneterm/pkg/proto/ssh/config"
-	gsession "github.com/veops/oneterm/pkg/server/global/session"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/util"
-)
-
-type InteractiveHandler struct {
-	Locker *sync.RWMutex
-
-	Session gossh.Session
-	//Term      *term.Terminal
-	Term      *readline.Instance
-	Prompt    *prompt.Prompt
-	Localizer *i18n.Localizer
-	SshType   int
-	pty       *gossh.Pty
-
-	Sshd     *sshdServer
-	Pty      gossh.Pty
-	Language int
-
-	Assets       []*model.Asset
-	Accounts     map[int]*model.Account
-	Commands     map[int]*model.Command
-	HistoryInput []string
-
-	SshClient        *ssh.Client
-	SshSession       map[string]*client.Connection
-	GatewayCloseChan chan struct{}
-
-	SelectedAsset *model.Asset
-	SessionReq    *gsession.SshReq
-
-	AccountInfo *model.Account
-	NeedAccount bool
-
-	Parser *Parser
-
-	GatewayListener   net.Listener
-	MessageChan       chan string
-	AccountsForSelect []*model.Account
-	Cache             *cache.Cache
-}
-
-type Parser struct {
-	Input      *ansiterm.ByteStream
-	Output     *ansiterm.ByteStream
-	InputData  []byte
-	OutputData []byte
-	Ps1        string
-	Ps2        string
-}
-
-var (
-	Bundle       = i18n.NewBundle(language.Chinese)
-	TotalSession = map[string]*client.Connection{}
-)
-
-func I18nInit(path string) {
-	Bundle.RegisterUnmarshalFunc("toml", toml.Unmarshal)
-	files, err := util.ListFiles(path)
-	if err != nil {
-		logger.L.Error(err.Error(), zap.String("module", "i18n"))
-	}
-	for _, f := range files {
-		_, err = Bundle.LoadMessageFile(f)
-		if err != nil {
-			logger.L.Warn(err.Error(), zap.String("module", "i18n"))
-		}
-	}
-}
-
-func NewInteractiveHandler(s gossh.Session, ss *sshdServer, pty gossh.Pty) *InteractiveHandler {
-	//t := term.NewTerminal(s, "> ")
-
-	t, err := readline.NewEx(&readline.Config{
-		Stdin:  s,
-		Stdout: s,
-		Prompt: ">",
-	})
-	if err != nil {
-		logger.L.Error(err.Error())
-	}
-
-	ih := &InteractiveHandler{
-		Locker:  new(sync.RWMutex),
-		Term:    t,
-		Session: s,
-		Sshd:    ss,
-
-		SessionReq:  &gsession.SshReq{},
-		SshSession:  map[string]*client.Connection{},
-		Pty:         pty,
-		MessageChan: make(chan string, 128),
-		Cache:       cache.New(time.Minute, time.Minute*5),
-	}
-	ih.Language = 1
-	ih.Localizer = i18n.NewLocalizer(Bundle)
-	width := 120
-	height := 40
-	if pty.Window.Width != 0 {
-		width = pty.Window.Width
-	}
-	if pty.Window.Height != 0 {
-		height = pty.Window.Height
-	}
-	ih.Parser = &Parser{
-		Input:  NewParser(width, height),
-		Output: NewParser(width, height),
-	}
-
-	return ih
-}
-
-func completer(d prompt.Document) []prompt.Suggest {
-	// 这里可以根据用户的实时输入来动态生成建议
-	suggestions := []prompt.Suggest{
-		{Text: "users", Description: "Store the username"},
-		{Text: "articles", Description: "Store the article text posted by user"},
-	}
-
-	// 只有当用户输入为空，或者以 'u' 开始时，才显示建议
-	if d.TextBeforeCursor() == "" || d.GetWordBeforeCursorWithSpace() == "u" {
-		return prompt.FilterHasPrefix(suggestions, d.GetWordBeforeCursor(), true)
-	}
-
-	// 其他情况不显示任何建议
-	return []prompt.Suggest{}
-}
-
-func NewParser(width, height int) *ansiterm.ByteStream {
-	screen := ansiterm.NewScreen(width, height)
-	stream := ansiterm.InitByteStream(screen, false)
-	stream.Attach(screen)
-	return stream
-}
-
-func (i *InteractiveHandler) WatchWinSize(winChan <-chan gossh.Window) {
-	for {
-		select {
-		case <-i.Session.Context().Done():
-			return
-		case win, ok := <-winChan:
-			if !ok {
-				return
-			}
-			for _, v := range i.SshSession {
-				client.ResizeSshClient(v.Session, win.Height, win.Width)
-				_ = v.Record.Resize(win.Height, win.Width)
-			}
-		}
-	}
-}
-
-func (i *InteractiveHandler) SwitchLanguage(lang string) {
-	languages := []string{"zh", "en"}
-
-	switch len(lang) {
-	case 0:
-		length := len(languages)
-		if length <= 1 {
-			return
-		}
-		if i.Language >= length {
-			i.Language = 1
-		} else {
-			i.Language += 1
-		}
-	default:
-		for index, v := range languages {
-			if v == lang {
-				i.Language = index + 1
-			}
-		}
-	}
-	i.Localizer = i18n.NewLocalizer(Bundle, languages[i.Language-1])
-
-}
-
-func (i *InteractiveHandler) SwitchLang(lang string) {
-	languages := []string{"zh", "en"}
-
-	switch len(lang) {
-	case 0:
-		length := len(languages)
-		if length <= 1 {
-			return
-		}
-		if i.Language >= length {
-			i.Language = 1
-		} else {
-			i.Language += 1
-		}
-	default:
-		for index, v := range languages {
-			if v == lang {
-				i.Language = index + 1
-			}
-		}
-	}
-	i.Localizer = i18n.NewLocalizer(Bundle, languages[i.Language-1])
-	i.PrintMessage(myi18n.MsgSshWelcome, map[string]any{"User": i.Session.User()})
-}
-
-func (i *InteractiveHandler) output(msg string) {
-	_, _ = io.WriteString(i.Session, msg)
-}
-
-func (i *InteractiveHandler) HostInfo(id int) (asset *model.Asset, err error) {
-	if id < 0 {
-		return
-	}
-
-	cookie, ok := i.Session.Context().Value("cookie").(string)
-	if !ok {
-		err = fmt.Errorf("no cookie")
-		return
-	}
-	res, er := i.Sshd.Core.Asset.Lists(cookie, "", id)
-	if er != nil {
-		err = er
-		return
-	}
-	if res.Count != 1 {
-		er = fmt.Errorf("found %d hosts: not unique", res.Count)
-		return
-	}
-	bs, er := json.Marshal(res.List[0])
-	if er != nil {
-		err = er
-		return
-	}
-	err = json.Unmarshal(bs, &asset)
-	if err != nil {
-		return
-	}
-	return asset, nil
-}
-
-func (i *InteractiveHandler) Check(id int, host *model.Asset) (asset *model.Asset, state bool, err error) {
-	assets, er := i.AcquireAssets("", id)
-	if er != nil {
-		err = er
-		return
-	}
-	if len(assets) == 0 {
-		return
-	}
-	asset = assets[0]
-	state = i.Sshd.Core.Asset.HasPermission(asset.AccessAuth)
-	return
-}
-
-func (i *InteractiveHandler) generateSessionRecord(conn *client.Connection, status int) (res *model.Session, err error) {
-	res = &model.Session{
-		SessionType: cast.ToInt(i.Session.Context().Value("sshType")),
-	}
-	if i.SessionReq != nil && i.SessionReq.Uid != 0 {
-		err = util.DecodeStruct(&res, i.SessionReq)
-		if err != nil {
-			return
-		}
-		res.Uid = i.SessionReq.Uid
-	} else {
-		res.ClientIp = i.Session.RemoteAddr().String()
-	}
-
-	res.UserName = i.Session.Context().User()
-	res.AccountInfo = fmt.Sprintf("%s(%s)", i.AccountInfo.Name, i.AccountInfo.Account)
-
-	s, er := i.Sshd.Core.Auth.AclInfo(i.Session.Context().Value("cookie").(string))
-	if er != nil {
-		logger.L.Warn(er.Error(), zap.String("session", "add"))
-	} else if s != nil {
-		res.Uid = s.Uid
-		res.UserName = s.UserName
-	}
-	res.Status = status
-	res.AssetInfo = fmt.Sprintf("%s(%s)", i.SelectedAsset.Name, i.SelectedAsset.Ip)
-	res.SessionId = conn.SessionId
-	res.GatewayId = i.SelectedAsset.GatewayId
-	if conn.Gateway != nil {
-		res.GatewayInfo = fmt.Sprintf("%s:%d", conn.Gateway.Host, conn.Gateway.Port)
-	}
-	res.AssetId = i.SelectedAsset.Id
-	res.AccountId = i.AccountInfo.Id
-	if status == model.SESSIONSTATUS_OFFLINE {
-		t := time.Now()
-		res.ClosedAt = &t
-	}
-	return
-}
-func readLine(s gossh.Session) string {
-	buf := make([]byte, 1)
-	var in []byte
-	for {
-		_, _ = s.Read(buf)
-		switch buf[0] {
-		case []byte("\r")[0], []byte("\r\n")[0]:
-			return string(in)
-		default:
-			in = append(in, buf[0])
-		}
-	}
-}
-
-func (i *InteractiveHandler) Schedule(pty *gossh.Pty) {
-	i.pty = pty
-	var err error
-	var line string
-	if st, ok := i.Session.Context().Value("sshType").(int); ok && st == model.SESSIONTYPE_WEB {
-		//line, err = i.Term.ReadLine()
-		line = readLine(i.Session)
-		if err != nil {
-			logger.L.Debug("connection closed", zap.String("msg", err.Error()))
-			return
-		}
-		var r *gsession.SshReq
-		err = json.Unmarshal([]byte(line), &r)
-		if err != nil {
-			logger.L.Warn(err.Error())
-			return
-		}
-		// "Accept-Language")
-		//i.Localizer = i18n.NewLocalizer(conf.Bundle, lang, accept)
-		i.Session.Context().SetValue("cookie", r.Cookie)
-		i.SessionReq = r
-
-		// monitor
-		{
-			if i.SessionReq.SessionId != "" {
-				switch i.SessionReq.Action {
-				case model.SESSIONACTION_MONITOR:
-					i.wrapJsonResponse(i.SessionReq.SessionId, 0, "success")
-					RegisterMonitorSession(i.SessionReq.SessionId, i.Session)
-					return
-				case model.SESSIONACTION_CLOSE:
-					if v, ok := config.TotalHostSession.Load(i.SessionReq.SessionId); ok {
-						err = v.(*client.Connection).Session.Close()
-						if err != nil {
-							logger.L.Warn(err.Error())
-							i.wrapJsonResponse(i.SessionReq.SessionId, 1, "failed")
-							return
-						}
-						close(v.(*client.Connection).Exit)
-					}
-					i.wrapJsonResponse(i.SessionReq.SessionId, 0, "success")
-					return
-				}
-			}
-		}
-
-		host, ok, err := i.Check(r.AssetId, nil)
-		if err != nil {
-			logger.L.Warn(err.Error())
-			i.wrapJsonResponse("", 1, err.Error())
-			return
-		}
-
-		if !ok {
-			i.wrapJsonResponse("", 1, fmt.Sprintf("invalid status for %v", r.AssetId))
-			return
-		}
-		i.SelectedAsset = host
-
-		commands, er := i.AcquireCommands()
-		if er != nil {
-			return
-		}
-		i.Commands = commands
-		_, err = i.Proxy(host.Ip, r.AccountId)
-		if err != nil {
-			logger.L.Error(err.Error(), zap.String("module", "proxy"))
-			i.wrapJsonResponse("", 1, err.Error())
-		}
-		return
-	} else {
-		if config.SSHConfig.PlainMode {
-			i.SwitchLang("zh")
-			for {
-				//line, err = i.Term.ReadLine()
-				line, err = i.Term.Readline()
-
-				if err != nil {
-					logger.L.Debug("connection closed", zap.String("msg", err.Error()))
-					break
-				}
-				if strings.TrimSpace(line) == "" {
-					continue
-				}
-				if i.HandleInput(strings.TrimSpace(line)) {
-					break
-				}
-			}
-		} else {
-			tm := InitAndRunTerm(i)
-			_, err := tm.Run()
-			if err != nil {
-				logger.L.Error(err.Error(), zap.String("module", "schedule"))
-			}
-		}
-	}
-}
-
-func (i *InteractiveHandler) HandleInput(line string) (exit bool) {
-
-	switch strings.TrimSpace(line) {
-	case "/*":
-		i.SelectedAsset = nil
-		assets, er := i.AcquireAssets("", 0)
-		if er != nil {
-			return
-		}
-		accounts, er := i.AcquireAccounts()
-		if er != nil {
-			return
-		}
-		commands, er := i.AcquireCommands()
-		if er != nil {
-			return
-		}
-		i.Locker.Lock()
-		i.Assets = assets
-		i.Accounts = accounts
-		i.Commands = commands
-		i.Locker.Unlock()
-
-		i.showResult(assets)
-		return
-	case "/?", "/？":
-		i.PrintMessage(myi18n.MsgSshWelcome, map[string]any{"User": i.Session.User()})
-		return
-	case "/s":
-		i.SwitchLang("")
-		return
-	case "/q":
-		i.Session.Close()
-		return
-	default:
-		switch {
-		case line == "exit":
-			logger.L.Info("exit", zap.String("user", i.Session.User()), zap.String("input", line))
-			i.Session.Close()
-			return
-		}
-	}
-	_, er := i.Proxy(line, -1)
-	if er != nil {
-		logger.L.Info(er.Error())
-	}
-	if st, ok := i.Session.Context().Value("sshType").(int); ok && st == model.SESSIONTYPE_WEB {
-		exit = true
-	}
-	return
-}
-
-func (i *InteractiveHandler) AcquireAndStoreAssets(search string, id int) (selectedHosts, likeHosts []*model.Asset, err error) {
-	i.Locker.RLock()
-	count := len(i.Assets)
-	i.Locker.RUnlock()
-	var find = func(assets []*model.Asset) (selectedHosts, likeHosts []*model.Asset) {
-		if search == "" {
-			return
-		}
-		for _, v := range assets {
-			if v.Ip == search || v.Name == search {
-				selectedHosts = append(selectedHosts, v)
-			} else if strings.Contains(v.Ip, search) || strings.Contains(v.Name, search) {
-				likeHosts = append(likeHosts, v)
-			}
-		}
-		return
-	}
-	if count == 0 {
-		res, er := i.AcquireAssets(search, id)
-		if er != nil {
-			err = er
-			return
-		}
-		selectedHosts, likeHosts = find(res)
-		i.Locker.Lock()
-		i.Assets = res
-		i.Locker.Unlock()
-		return
-	} else {
-		i.Locker.Lock()
-		selectedHosts, likeHosts = find(i.Assets)
-		i.Locker.Unlock()
-		return
-	}
-}
-
-func (i *InteractiveHandler) AcquireAssets(search string, id int) (assets []*model.Asset, err error) {
-	if search == "" && id <= 0 {
-		if v, ok := i.Cache.Get("assets"); ok {
-			return v.([]*model.Asset), nil
-		} else {
-			defer func() {
-				if err == nil {
-					i.Cache.Set("assets", assets, 0)
-				}
-			}()
-		}
-	}
-	if totalAssets, ok := i.Cache.Get("assets"); ok {
-		for _, v := range totalAssets.([]*model.Asset) {
-			if id > 0 {
-				if id == v.Id {
-					assets = append(assets, v)
-					return
-				} else {
-					continue
-				}
-			} else {
-				if strings.Contains(v.Name, search) {
-					assets = append(assets, v)
-				}
-			}
-		}
-	} else {
-		cookie, ok := i.Session.Context().Value("cookie").(string)
-		if ok {
-			res, er := i.Sshd.Core.Asset.Lists(cookie, search, id)
-			if er != nil {
-				err = er
-				return
-			}
-			if res != nil {
-				for _, v := range res.List {
-					var v1 model.Asset
-					_ = util.DecodeStruct(&v1, v)
-					bs, _ := json.Marshal(v.(map[string]interface{})["authorization"])
-					er = json.Unmarshal(bs, &v1.Authorization)
-					if er != nil {
-						logger.L.Warn(er.Error())
-					}
-					assets = append(assets, &v1)
-				}
-			}
-		} else {
-			err = fmt.Errorf("no cookies")
-		}
-	}
-	return
-}
-
-func (i *InteractiveHandler) AcquireAccounts() (accounts map[int]*model.Account, err error) {
-	accounts = map[int]*model.Account{}
-	cookie, ok := i.Session.Context().Value("cookie").(string)
-	if ok {
-		res, er := i.Sshd.Core.Auth.Accounts(cookie)
-		if er != nil {
-			err = er
-			return
-		}
-		for _, v := range res {
-			var v1 model.Account
-			_ = util.DecodeStruct(&v1, v)
-			accounts[v1.Id] = &v1
-		}
-	} else {
-		err = fmt.Errorf("no cookies")
-	}
-	return
-}
-
-func (i *InteractiveHandler) AcquireAccountInfo(id int, name string) (res *model.Account, err error) {
-	cookie, ok := i.Session.Context().Value("cookie").(string)
-	if ok {
-		return i.Sshd.Core.Auth.AccountInfo(cookie, id, name)
-	} else {
-		err = fmt.Errorf("no cookies")
-	}
-	return
-}
-
-func (i *InteractiveHandler) AcquireCommands() (commands map[int]*model.Command, err error) {
-	commands = map[int]*model.Command{}
-	cookie, ok := i.Session.Context().Value("cookie").(string)
-	if ok {
-		res, er := i.Sshd.Core.Asset.Commands(cookie)
-		if er != nil {
-			err = er
-			return
-		}
-		for _, v := range res {
-			var v1 model.Command
-			_ = util.DecodeStruct(&v1, v)
-			commands[v1.Id] = &v1
-		}
-	} else {
-		err = fmt.Errorf("no cookies")
-	}
-	return
-}
-
-func (i *InteractiveHandler) AcquireConfig() (config *model.Config, err error) {
-	config = &model.Config{}
-	cookie, ok := i.Session.Context().Value("cookie").(string)
-	if ok {
-		res, er := i.Sshd.Core.Asset.Config(cookie)
-		if er != nil {
-			err = er
-			return
-		}
-		config = res
-	} else {
-		err = fmt.Errorf("no cookies")
-	}
-	return
-}
-
-func (i *InteractiveHandler) showResult(data []*model.Asset) {
-	i.Term.SetPrompt("host> ")
-	var hosts []string
-	for _, d := range data {
-		hosts = append(hosts, d.Name)
-	}
-
-	var templateData = map[string]interface{}{
-		"Count": len(data),
-		"Msg":   "",
-	}
-
-	if data != nil {
-		templateData["Msg"] = i.tableData(hosts)
-	}
-	i.PrintMessage(myi18n.MsgSshShowAssetResults, templateData)
-}
-
-func (i *InteractiveHandler) tableData(data []string) string {
-	chunkData := i.chunkData(data)
-	buf := &bytes.Buffer{}
-	tw := tablewriter.NewWriter(buf)
-	tw.SetAutoWrapText(false)
-	tw.SetColumnSeparator(" ")
-	tw.SetNoWhiteSpace(false)
-	tw.SetBorder(false)
-	tw.SetAlignment(tablewriter.ALIGN_LEFT)
-	tw.AppendBulk(chunkData)
-	tw.Render()
-	return buf.String()
-}
-
-func (i *InteractiveHandler) chunkData(data []string) (res [][]string) {
-	width := 80
-	if i.pty != nil {
-		width = i.pty.Window.Width
-	}
-	n := len(data)
-	chunk := n
-	for ; chunk >= 1; chunk -= 1 {
-		ok := true
-		for i := 0; i < n && ok; i += chunk {
-			w := chunk*3 + 4
-			r := i + chunk
-			if r > n {
-				r = n
-			}
-			for _, s := range data[i:r] {
-				w += runewidth.StringWidth(s)
-			}
-			ok = ok && w <= width
-		}
-		if ok {
-			t := i.getChunk(data, chunk)
-			maxLen := make(map[int]int)
-			for _, c := range t {
-				for i, v := range c {
-					l := runewidth.StringWidth(v)
-					if l > maxLen[i] {
-						maxLen[i] = l
-					}
-				}
-			}
-			for _, row := range t {
-				w := chunk*3 + 4
-				for i := range row {
-					w += maxLen[i]
-				}
-				ok = ok && w <= width
-			}
-
-		}
-		if ok {
-			break
-		}
-	}
-	if chunk < 1 {
-		chunk = 1
-	}
-	res = i.getChunk(data, chunk)
-
-	return
-}
-
-func (i *InteractiveHandler) getChunk(data []string, chunk int) (res [][]string) {
-	n := len(data)
-	for i := 0; i < n; i += chunk {
-		r := i + chunk
-		if r > n {
-			r = n
-		}
-		res = append(res, data[i:r])
-	}
-	return
-}
-
-func (i *InteractiveHandler) wrapJsonResponse(sessionId string, code int, message string) {
-	if st, ok := i.Session.Context().Value("sshType").(int); ok && st != model.SESSIONTYPE_WEB {
-		return
-	}
-	res, er := json.Marshal(gsession.ServerResp{
-		Code:      code,
-		Message:   message,
-		SessionId: sessionId,
-		Uid:       i.SessionReq.Uid,
-		UserName:  i.SessionReq.UserName,
-	})
-
-	if er != nil {
-		logger.L.Error(er.Error())
-	}
-	i.output(string(append(res, []byte("\r")...)))
-}
-
-func (i *InteractiveHandler) NewSession(account *model.Account, gateway *model.Gateway) (conn *client.Connection, err error) {
-	i.Locker.Lock()
-	defer i.Locker.Unlock()
-	if i.SshClient == nil {
-		protocol := i.SessionReq.Protocol
-		if strings.HasPrefix(i.SessionReq.Protocol, "ssh:") {
-			protocol = "ssh:" + getSshPort(i.SessionReq.Protocol)
-		}
-		con, ch, er := client.NewSShClient(strings.ReplaceAll(protocol, "ssh", i.SelectedAsset.Ip), account, gateway)
-		if er != nil {
-			err = er
-			return
-		}
-		i.SshClient = con
-		i.GatewayCloseChan = ch
-	}
-	i.AccountInfo = account
-
-	conn, err = client.NewSShSession(i.SshClient, i.Pty, i.GatewayCloseChan)
-
-	if err != nil {
-		return
-	}
-	conn.AssetId = i.SelectedAsset.Id
-	conn.AccountId = account.Id
-	conn.Gateway = gateway
-	i.SshSession[conn.SessionId] = conn
-
-	return
-}
-
-func (i *InteractiveHandler) UpsertSession(conn *client.Connection, status int) error {
-	resp, err := i.generateSessionRecord(conn, status)
-	if err != nil {
-		return err
-	}
-
-	return i.Sshd.Core.Audit.NewSession(resp)
-}

backend/pkg/proto/ssh/handler/message.go

@@ -1,34 +0,0 @@
-package handler
-
-import (
-	"github.com/nicksnyder/go-i18n/v2/i18n"
-	"go.uber.org/zap"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/config"
-)
-
-func (i *InteractiveHandler) PrintMessage(msg *i18n.Message, data any) {
-	if config.SSHConfig.PlainMode {
-		i.output("\r\n" + i.Message(msg, data))
-	} else {
-		i.MessageChan <- i.Message(msg, data)
-	}
-}
-
-func (i *InteractiveHandler) PrintMessageV1(msg *i18n.Message, data any) {
-	i.output(i.Message(msg, data))
-}
-
-func (i *InteractiveHandler) Message(msg *i18n.Message, data any) string {
-	str, er := i.Localizer.Localize(&i18n.LocalizeConfig{
-		DefaultMessage: msg,
-		TemplateData:   data,
-		PluralCount:    1,
-	})
-	if er != nil {
-		logger.L.Warn(er.Error(), zap.String("module", "i18n"))
-		return ""
-	}
-	return str
-}

backend/pkg/proto/ssh/handler/proxy.go

@@ -1,554 +0,0 @@
-// Package handler
-/**
-Copyright (c) The Authors.
-* @Author: feng.xiang
-* @Date: 2024/1/18 17:05
-* @Desc:
-*/
-package handler
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"regexp"
-	"sort"
-	"strings"
-	"sync/atomic"
-	"time"
-	"unicode/utf8"
-
-	gossh "github.com/gliderlabs/ssh"
-	"github.com/nicksnyder/go-i18n/v2/i18n"
-
-	myi18n "github.com/veops/oneterm/pkg/i18n"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/client"
-	"github.com/veops/oneterm/pkg/proto/ssh/config"
-	"github.com/veops/oneterm/pkg/server/model"
-)
-
-var (
-	IdleTimeout = time.Minute * 5
-	ReturnKey   = []byte{0x0d}
-)
-
-func (i *InteractiveHandler) Proxy(line string, accountId int) (step int, err error) {
-	step = 1
-	if accountId > 0 {
-		var accountName string
-		defer func() {
-			if err != nil {
-				i.PrintMessage(myi18n.MsgSshAccountLoginError, map[string]any{"User": accountName})
-			}
-		}()
-		if i.SelectedAsset != nil && accountId < 0 {
-			accountName = line
-		}
-		host, ok, er := i.Check(i.SelectedAsset.Id, nil)
-		if er != nil {
-			err = er
-			return
-		}
-		if !ok {
-			err = fmt.Errorf("current time is not allowed to access")
-			return
-		}
-		i.SelectedAsset = host
-		if _, ok := i.SelectedAsset.Authorization[accountId]; !ok {
-			err = fmt.Errorf("you donnot have permission")
-			return
-		}
-		account, er := i.Sshd.Core.Auth.AccountInfo(i.Session.Context().Value("cookie").(string), accountId, accountName)
-		if er != nil {
-			err = er
-			return
-		}
-		accountName = account.Name
-		var gateway *model.Gateway
-		if i.SelectedAsset.GatewayId != 0 {
-			gateway, err = i.Sshd.Core.Asset.Gateway(i.Session.Context().Value("cookie").(string), i.SelectedAsset.GatewayId)
-			if err != nil {
-				return
-			}
-		}
-		conn, er := i.NewSession(account, gateway)
-		if er != nil {
-			err = er
-			return
-		}
-		er = i.UpsertSession(conn, model.SESSIONSTATUS_ONLINE)
-		if er != nil {
-			logger.L.Warn(er.Error())
-		}
-		config.TotalHostSession.Store(conn.SessionId, conn)
-
-		if err := i.bind(i.Session, conn); err != nil {
-			logger.L.Error(err.Error())
-		}
-		step = 1
-	} else {
-		if i.NeedAccount && i.SelectedAsset != nil {
-			i.NeedAccount = false
-			var account *model.Account
-			accountIds := make([]int, 0)
-			for aId := range i.SelectedAsset.Authorization {
-				accountIds = append(accountIds, aId)
-			}
-			sort.Ints(accountIds)
-			for _, aId := range accountIds {
-				account := i.Accounts[aId]
-				if config.SSHConfig.PlainMode {
-					if account == nil || !strings.Contains(account.Name, line) {
-						continue
-					}
-				} else {
-					if account == nil || line != account.Name {
-						continue
-					}
-				}
-				return i.Proxy(line, account.Id)
-			}
-			if account == nil {
-				i.PrintMessage(myi18n.MsgSshAccountLoginError, map[string]any{"User": line})
-			}
-			return
-		} else if strings.TrimSpace(line) == "" {
-			return
-		}
-		var (
-			host *model.Asset
-		)
-		selectHosts, likeHosts, er := i.AcquireAndStoreAssets(line, 0)
-		if er != nil {
-			logger.L.Error(err.Error())
-		}
-		if len(selectHosts) == 0 && len(likeHosts) == 0 {
-			i.PrintMessage(myi18n.MsgSshNoMatchingAsset, map[string]any{"Host": line})
-			return
-		}
-
-		switch len(selectHosts) {
-		case 0:
-			switch len(likeHosts) {
-			case 0:
-				return
-			case 1:
-				host = likeHosts[0]
-			default:
-				i.showResult(likeHosts)
-				return
-			}
-		case 1:
-			host = selectHosts[0]
-		default:
-			i.showResult(selectHosts)
-			return
-		}
-		i.SelectedAsset = host
-
-		var sshPort string
-		for _, v := range host.Protocols {
-			if strings.HasPrefix(v, "ssh") {
-				sshPort = getSshPort(v)
-				break
-			}
-		}
-		if sshPort == "" {
-			i.PrintMessage(myi18n.MsgSshNoSshAccessMethod, map[string]any{"Host": line})
-			return
-		}
-		i.SessionReq.Protocol = "ssh:" + sshPort
-
-		var hostAccountIds []int
-		if len(i.Accounts) == 0 {
-			accounts, er := i.AcquireAccounts()
-			if er != nil {
-				logger.L.Info(er.Error())
-			} else {
-				i.Accounts = accounts
-			}
-		}
-		for k := range host.Authorization {
-			if v, ok := i.Accounts[k]; ok {
-				hostAccountIds = append(hostAccountIds, v.Id)
-			}
-		}
-		sort.Ints(hostAccountIds)
-		switch len(hostAccountIds) {
-		case 0:
-			i.PrintMessage(myi18n.MsgSshNoSshAccountForAsset, map[string]any{"Host": line})
-			return
-		case 1:
-			return i.Proxy(line, hostAccountIds[0])
-		default:
-			var accounts []string
-			for _, aId := range hostAccountIds {
-				if account, ok := i.Accounts[aId]; ok {
-					i.AccountsForSelect = append(i.AccountsForSelect, account)
-					accounts = append(accounts, account.Name)
-				}
-			}
-			i.NeedAccount = true
-			if config.SSHConfig.PlainMode {
-				i.PrintMessage(myi18n.MsgSshMultiSshAccountForAsset, map[string]any{"Accounts": i.tableData(accounts)})
-			}
-			step = 2
-		}
-	}
-	return
-}
-
-func getSshPort(protocol string) (sshPort string) {
-	tmp := strings.Split(protocol, ":")
-	if len(tmp) == 2 && tmp[0] == "ssh" {
-		sshPort = tmp[1]
-	}
-	if strings.TrimSpace(sshPort) == "" {
-		sshPort = "22"
-	}
-	return sshPort
-}
-
-func (i *InteractiveHandler) handleUserInput(userConn gossh.Session, targetInChan chan<- []byte,
-	done chan struct{}) {
-	buffer := bytes.NewBuffer(make([]byte, 0, 1024*2))
-	maxLen := 1024
-	for {
-		buf := make([]byte, maxLen)
-		nr, err := userConn.Read(buf)
-
-		if nr > 0 {
-			validBytes := buf[:nr]
-			bufferLen := buffer.Len()
-			if bufferLen > 0 || nr == maxLen {
-				buffer.Write(buf[:nr])
-				validBytes = validBytes[:0]
-			}
-			remainBytes := buffer.Bytes()
-			for len(remainBytes) > 0 {
-				r, size := utf8.DecodeRune(remainBytes)
-				if r == utf8.RuneError {
-					if len(remainBytes) <= 3 {
-						break
-					}
-				}
-				validBytes = append(validBytes, remainBytes[:size]...)
-				remainBytes = remainBytes[size:]
-			}
-			buffer.Reset()
-			if len(remainBytes) > 0 {
-				buffer.Write(remainBytes)
-			}
-			select {
-			case targetInChan <- validBytes:
-			case <-done:
-				break
-			}
-		}
-		if err != nil {
-			break
-		}
-	}
-	close(targetInChan)
-}
-
-func (i *InteractiveHandler) handleHostOutput(hostConn *client.Connection, userConn gossh.Session,
-	done chan struct{}, ticker *time.Ticker) {
-
-	for {
-		buf := make([]byte, 1024)
-		n, err := hostConn.Stdout.Read(buf)
-		if err != nil {
-			logger.L.Warn(err.Error())
-		}
-
-		ticker.Reset(IdleTimeout)
-		i.handleOutput(buf[:n], hostConn, userConn)
-		if err == io.EOF {
-			close(done)
-			break
-		}
-	}
-}
-
-func (i *InteractiveHandler) bind(userConn gossh.Session, hostConn *client.Connection) error {
-	maxIdleTimeout := time.Hour * 2
-	mConfig, _ := i.AcquireConfig()
-	if mConfig != nil && mConfig.Timeout > 0 {
-		IdleTimeout = time.Second * time.Duration(mConfig.Timeout)
-	}
-	if IdleTimeout > maxIdleTimeout {
-		IdleTimeout = maxIdleTimeout
-	}
-
-	targetInChan := make(chan []byte, 1)
-	done := make(chan struct{})
-	var (
-		exit             bool
-		accessUpdateStep = time.Minute
-		waitRead         atomic.Bool
-	)
-	waitRead.Store(true)
-	i.wrapJsonResponse(hostConn.SessionId, 0, "success")
-	tk, tkAccess, readReset := time.NewTicker(IdleTimeout), time.NewTicker(accessUpdateStep), time.NewTicker(time.Second)
-	go i.handleUserInput(userConn, targetInChan, done)
-	go i.handleHostOutput(hostConn, userConn, done, tk)
-	for {
-		select {
-		case p, ok := <-targetInChan:
-			if !ok {
-				return nil
-			}
-			tk.Reset(IdleTimeout)
-			//readL.WriteStdin(p)
-			err, _ := i.HandleData(p, hostConn, userConn)
-			if err != nil {
-				logger.L.Error(err.Error())
-			}
-			readReset.Reset(time.Second)
-		case <-done:
-			exit = true
-		case <-tk.C:
-			_, err := userConn.Write([]byte(i.Message(myi18n.MsgSShHostIdleTimeout, map[string]any{"Idle": IdleTimeout})))
-
-			if err != nil {
-				logger.L.Warn(err.Error())
-			}
-			exit = true
-		case <-readReset.C:
-			waitRead.Store(true)
-		case <-hostConn.Exit:
-			exit = true
-		case <-i.Session.Context().Done():
-			exit = true
-		case <-tkAccess.C:
-			commands, er := i.AcquireCommands()
-			if er == nil {
-				i.Commands = commands
-			}
-			asset, er := i.AcquireAssets("", hostConn.AssetId)
-			if er != nil || len(asset) <= 0 || !i.Sshd.Core.Asset.HasPermission(asset[0].AccessAuth) {
-				_, err := userConn.Write([]byte(i.Message(myi18n.MsgSshAccessRefusedInTimespan, nil)))
-				if err != nil {
-					logger.L.Error(err.Error())
-				}
-				exit = true
-				break
-			}
-			i.SelectedAsset = asset[0]
-			if _, ok := asset[0].Authorization[hostConn.AccountId]; !ok {
-				_, err := userConn.Write([]byte(i.Message(myi18n.MsgSshNoAssetPermission, map[string]any{"Host": i.SelectedAsset.Name})))
-				if err != nil {
-					logger.L.Warn(err.Error())
-				}
-				exit = true
-				break
-			}
-			account, er := i.AcquireAccountInfo(hostConn.AccountId, "")
-			if er != nil || account == nil {
-				_, err := userConn.Write([]byte(i.Message(myi18n.MsgSshNoAssetPermission, map[string]any{"Host": i.SelectedAsset.Name})))
-				if err != nil {
-					logger.L.Warn(err.Error())
-				}
-				exit = true
-				break
-			}
-		}
-		if exit {
-			i.Exits(hostConn)
-			return nil
-		}
-	}
-}
-
-func (i *InteractiveHandler) handleOutput(data []byte, hostConn *client.Connection, userConn gossh.Session) {
-	_, err := userConn.Write(data)
-	if err != nil {
-		logger.L.Info(err.Error())
-	}
-	if !hostConn.Parser.State(data) {
-		i.Parser.OutputData = append(i.Parser.OutputData, data...)
-	}
-	err = hostConn.Record.Write(data)
-	if err != nil {
-		logger.L.Error(err.Error())
-	}
-	Monitor(hostConn.SessionId, data)
-}
-
-func (i *InteractiveHandler) CommandLevel(cmd string) int {
-	// TODO
-	return 0
-}
-
-func parseOutput(data []string) (output []string) {
-	for _, line := range data {
-		if strings.TrimSpace(line) != "" {
-			output = append(output, line)
-		}
-	}
-	return output
-}
-
-func (i *InteractiveHandler) Output() string {
-	i.Parser.Output.Feed(i.Parser.OutputData)
-
-	res := parseOutput(i.Parser.Output.Listener.Display())
-	if len(res) == 0 {
-		return ""
-	}
-	return res[len(res)-1]
-}
-func (i *InteractiveHandler) Command() string {
-	s := i.Output()
-	return strings.TrimPrefix(s, i.Parser.Ps1)
-}
-
-func (i *InteractiveHandler) HandleData(data []byte, hostConn *client.Connection, userConn gossh.Session) (err error, exit bool) {
-	if hostConn.Parser.State(data) {
-		_, err = hostConn.Stdin.Write(data)
-		if err != nil {
-			logger.L.Error(err.Error())
-		}
-		return
-	}
-	var write bool
-
-	if bytes.LastIndex(data, []byte{0x0d}) == -1 {
-		_, err = hostConn.Stdin.Write(data)
-		if err != nil {
-			logger.L.Error(err.Error())
-		}
-
-		write = true
-	} else {
-		if len(data) > 1 {
-			var tmp []byte
-			for _, d := range data {
-				if d != 0x0d {
-					tmp = append(tmp, d)
-					continue
-				}
-				if len(tmp) > 0 {
-					err1, stop := i.HandleData(tmp, hostConn, userConn)
-					if err1 != nil {
-						return err1, stop
-					}
-					if stop {
-						break
-					}
-
-				}
-				err1, stop := i.HandleData(ReturnKey, hostConn, userConn)
-				if err != nil {
-					return err1, stop
-				}
-				if stop {
-					break
-				}
-			}
-			return
-		}
-	}
-	if bytes.LastIndex(data, ReturnKey) == 0 {
-		time.Sleep(time.Millisecond * 100)
-	}
-
-	if len(i.Parser.InputData) == 0 && i.Parser.Ps2 == "" {
-		i.Parser.Ps1 = i.Output()
-	}
-	i.Parser.InputData = append(i.Parser.InputData, data...)
-	if bytes.LastIndex(data, ReturnKey) == 0 {
-		command := i.Command()
-		i.Parser.Output.Listener.Reset()
-		i.Parser.OutputData = nil
-		i.Parser.InputData = nil
-		i.Parser.Ps2 = ""
-
-		if _, valid := i.CommandCheck(command); valid {
-			if strings.TrimSpace(command) != "" {
-				go i.Sshd.Core.Audit.AddCommand(model.SessionCmd{Cmd: command, Level: i.CommandLevel(command), SessionId: hostConn.SessionId})
-			}
-			if !write {
-				_, err = hostConn.Stdin.Write(data)
-				if err != nil {
-					logger.L.Warn(err.Error())
-				}
-			}
-		} else {
-			tips, _ := i.Localizer.Localize(&i18n.LocalizeConfig{
-				DefaultMessage: myi18n.MsgSshCommandRefused,
-				TemplateData:   map[string]string{"Command": command},
-				PluralCount:    1,
-			})
-			_, err = hostConn.Stdin.Write([]byte{0x15})
-			if err != nil {
-				logger.L.Warn(err.Error())
-			}
-
-			i.Parser.Ps2 = i.Parser.Ps1 + command
-			i.handleOutput([]byte("\r\n"+tips+i.Parser.Ps2), hostConn, userConn)
-			_, err = hostConn.Stdin.Write([]byte{0x15})
-			return err, true
-		}
-	}
-	return
-}
-
-func (i *InteractiveHandler) Exits(conn *client.Connection) {
-	if conn.GateWayCloseChan != nil {
-		conn.GateWayCloseChan <- struct{}{}
-	}
-	_ = conn.Session.Close()
-	conn.Record.Close()
-
-	config.TotalHostSession.Delete(conn.SessionId)
-	config.TotalMonitors.Delete(conn.SessionId)
-
-	i.Locker.Lock()
-	delete(i.SshSession, conn.SessionId)
-	if len(i.SshSession) == 0 {
-		_ = i.SshClient.Close()
-		i.SshClient = nil
-	}
-	i.Locker.Unlock()
-	err := i.UpsertSession(conn, model.SESSIONSTATUS_OFFLINE)
-	if err != nil {
-		logger.L.Error(err.Error())
-	}
-}
-
-func (i *InteractiveHandler) CommandCheck(command string) (string, bool) {
-	for _, id := range i.SelectedAsset.CmdIds {
-		cmd, ok := i.Commands[id]
-		if !ok || !cmd.Enable {
-			continue
-		}
-		for _, c := range cmd.Cmds {
-			p, err := regexp.Compile(c)
-			if err == nil {
-				if p.Match([]byte(command)) {
-					return c, false
-				}
-			} else {
-				if c == command {
-					return c, false
-				}
-			}
-		}
-	}
-	return "", true
-}
-
-//func (v *VirtualTermIn) Read(p []byte) (n int, err error) {
-//	return v.InChan.Read(p)
-//}
-//
-//func (v *VirtualTermIn) Close() error {
-//	return nil
-//}
-//
-//func (v *VirtualTermOut) Write(p []byte) (n int, err error) {
-//	return v.OutChan.Write(p)
-//}

backend/pkg/proto/ssh/handler/sider.go

@@ -1,47 +0,0 @@
-package handler
-
-import (
-	"fmt"
-
-	gossh "github.com/gliderlabs/ssh"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/config"
-)
-
-func RegisterMonitorSession(sessionId string, sess gossh.Session) {
-	_, ok := config.TotalHostSession.Load(sessionId)
-	if !ok {
-		return
-	}
-
-	config.TotalMonitors.LoadOrStore(sessionId, sess)
-
-	if _, ok := config.TotalMonitors.Load(sessionId); !ok {
-		config.TotalMonitors.Store(sessionId, sess)
-	}
-
-	<-sess.Context().Done()
-	DeleteMonitorSession(sessionId)
-}
-
-func DeleteMonitorSession(sessionId string) {
-	config.TotalMonitors.Delete(sessionId)
-}
-
-func getMonitorSession(sessionId string) gossh.Session {
-	if v, ok := config.TotalMonitors.Load(sessionId); ok {
-		return v.(gossh.Session)
-	}
-	return nil
-}
-
-func Monitor(sessionId string, p []byte) {
-	if s := getMonitorSession(sessionId); s != nil {
-		_, err := s.Write(p)
-		if err != nil {
-			logger.L.Error(fmt.Sprintf("moninor session %s failed: %s", sessionId, err.Error()))
-			return
-		}
-	}
-}

backend/pkg/proto/ssh/handler/term.go

@@ -1,380 +0,0 @@
-// Package handler
-/**
-Copyright (c) The Authors.
-* @Author: feng.xiang
-* @Date: 2024/1/24 15:20
-* @Desc:
-*/
-package handler
-
-import (
-	"fmt"
-	"io"
-	"strconv"
-	"strings"
-	"sync"
-	"sync/atomic"
-	"time"
-
-	"github.com/charmbracelet/bubbles/table"
-	tea "github.com/charmbracelet/bubbletea"
-	"github.com/charmbracelet/lipgloss"
-	"go.uber.org/zap"
-
-	myi18n "github.com/veops/oneterm/pkg/i18n"
-	"github.com/veops/oneterm/pkg/logger"
-)
-
-type TermModel struct {
-	table           table.Model
-	query           string
-	cookie          string
-	Object          *InteractiveHandler
-	SearchTime      time.Time
-	Rows            []table.Row
-	Step            int
-	PreView         int
-	lang            string
-	lastOutputLines int
-	in              *ProxyReader
-	out             *ProxyWriter
-	hostExit        bool
-	hasMsg          chan struct{}
-}
-
-const (
-	Tip int = iota
-	ChooseHost
-	ChooseAccount
-	HostInteractive
-)
-
-var baseStyle = lipgloss.NewStyle().
-	BorderStyle(lipgloss.NormalBorder()).
-	BorderForeground(lipgloss.Color("240"))
-
-func (m *TermModel) Init() tea.Cmd { return nil }
-
-func (m *TermModel) addStep(v int) {
-	switch m.Step {
-	case Tip, ChooseHost:
-		m.Step += v
-	case ChooseAccount:
-		m.Step -= v
-	default:
-		m.Step = Tip
-	}
-}
-
-func (m *TermModel) printfToSSH(out string) tea.Cmd {
-	return func() tea.Msg {
-		_, err := m.Object.Session.Write([]byte(out + "\n"))
-		if err != nil {
-			return err
-		}
-		return nil
-	}
-}
-
-func (m *TermModel) CurrentState() int {
-	return Tip
-}
-
-func (m *TermModel) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
-	var (
-		cmd tea.Cmd
-		err error
-	)
-	switch msg := msg.(type) {
-	case tea.KeyMsg:
-		switch msg.String() {
-		case "esc":
-			if m.table.Focused() {
-				m.table.Blur()
-			} else {
-				m.table.Focus()
-			}
-		case "ctrl+c":
-			return m, tea.Quit
-		case "enter":
-			sr := m.table.SelectedRow()
-			if len(sr) == 0 {
-				break
-			}
-			s := m.query
-			m.query = ""
-			switch s {
-			case "/?":
-				m.Step = Tip
-				return m, nil
-			default:
-				switch len(sr) {
-				case 0:
-					return m, nil
-				default:
-					m.ClearDataSource()
-					m.Step, err = m.Object.Proxy(sr[1], 0)
-					if err != nil {
-						logger.L.Warn(err.Error())
-					}
-					m.ResetSource()
-
-					m.convertRows()
-					m.updateTable()
-
-					if len(m.Object.MessageChan) > 0 {
-						out := <-m.Object.MessageChan
-						return m, tea.Batch(tea.ClearScreen, tea.Printf(out))
-					}
-
-					if len(m.Object.AccountsForSelect) > 0 {
-						m.Object.AccountsForSelect = nil
-					}
-
-					return m, tea.ClearScreen
-				}
-			}
-		case "backspace":
-			if len(m.query) > 0 {
-				m.query = m.query[:len(m.query)-1]
-			}
-			m.updateTable()
-		default:
-			if msg.Type == tea.KeyRunes && len(msg.String()) >= 1 {
-				m.query += msg.String()
-			}
-			switch m.query {
-			case "/?":
-				m.Step = Tip
-				m.query = ""
-				return m, nil
-			case "/s":
-				m.Step = Tip
-				m.query = ""
-				m.Object.SwitchLanguage("")
-				return m, nil
-			case "/q":
-				return m, tea.Quit
-			case "/*":
-				m.Step = Tip
-				m.query = ""
-			}
-			if m.Step == Tip {
-				m.Step = ChooseHost
-			}
-			m.updateTable()
-		}
-
-	}
-	m.table, cmd = m.table.Update(msg)
-	return m, cmd
-}
-
-//func (m *TermModel) Welcome() []table.Row {
-//	rows := []table.Row{
-//		{"/?", "help"},
-//		{"/s", "swith"},
-//	}
-//}
-
-func (m *TermModel) View() string {
-	defer func() {
-		m.in.hasMsg.Store(false)
-	}()
-
-	var s string
-	switch m.Step {
-	case Tip:
-		//m.table.SetColumns([]table.Column{
-		//{Title: "Tip", Width: 80},
-		//})
-		m.PreView = Tip
-		s += m.Object.Message(myi18n.MsgSshWelcome, map[string]any{"User": m.Object.Session.User()})
-		s = "\x1b[2K\x1b[G" + s + "\n: " + m.query
-	case ChooseHost:
-		m.table.SetColumns([]table.Column{
-			{Title: "No.", Width: 5},
-			{Title: "Name", Width: 20},
-			{Title: "Ip", Width: 18},
-		})
-
-		if m.PreView == Tip {
-			s = "\x1b[2K\x1b[G"
-		}
-		s += baseStyle.Render(m.table.View() + "\n: " + m.query)
-	case ChooseAccount:
-		m.table.SetColumns([]table.Column{
-			{Title: "No.", Width: 5},
-			{Title: "Name", Width: 20},
-			{Title: "Account", Width: 18},
-		})
-		s += baseStyle.Render(m.table.View() + "\n: " + m.query)
-	}
-	return s
-	//m.lastOutputLines = strings.Count(s, "\n") + 1
-	//moveToBottomRight := "\033[999;999H"
-	//moveToBottomRight = ""
-	//return moveToBottomRight + s
-}
-
-func (m *TermModel) clearLastOutput() string {
-	return fmt.Sprintf("\033[%dA\033[J", m.lastOutputLines)
-}
-
-func (m *TermModel) updateTable() {
-	if m.query == "" {
-		m.table.SetRows(m.Rows)
-		return
-	}
-
-	var filteredRows []table.Row
-	for _, row := range m.Rows {
-		if rowContainsQuery(row, m.query) {
-			filteredRows = append(filteredRows, row)
-		}
-	}
-	m.table.SetRows(filteredRows)
-}
-
-func rowContainsQuery(row table.Row, query string) bool {
-	for _, cell := range row {
-		if strings.Contains(strings.ToLower(cell), strings.ToLower(query)) {
-			return true
-		}
-	}
-	return false
-}
-
-func InitAndRunTerm(obj *InteractiveHandler) *tea.Program {
-	columns := []table.Column{
-		{Title: "No.", Width: 5},
-		{Title: "Name", Width: 20},
-		{Title: "Ip", Width: 18},
-	}
-
-	t := table.New(
-		table.WithColumns(columns),
-		table.WithFocused(true),
-		table.WithHeight(7),
-	)
-
-	s := table.DefaultStyles()
-	s.Header = s.Header.
-		BorderStyle(lipgloss.NormalBorder()).
-		BorderForeground(lipgloss.Color("240")).
-		BorderBottom(true).
-		Bold(false)
-	s.Selected = s.Selected.
-		Foreground(lipgloss.Color("229")).
-		Background(lipgloss.Color("57")).
-		Bold(false)
-	t.SetStyles(s)
-
-	tm := &TermModel{
-		table:  t,
-		Object: obj,
-		in:     &ProxyReader{r: obj.Session},
-		out:    &ProxyWriter{w: obj.Session},
-		hasMsg: make(chan struct{}),
-	}
-
-	tm.updateRows()
-	return tea.NewProgram(tm, tea.WithInput(tm.in), tea.WithOutput(tm.out))
-}
-
-func (m *TermModel) updateRows() {
-	assets, err := m.Object.AcquireAssets("", 0)
-	if err != nil {
-		logger.L.Warn(err.Error(), zap.String("module", "term"))
-		return
-	}
-	var rows []table.Row
-	for index, v1 := range assets {
-		rows = append(rows, []string{strconv.Itoa(index), v1.Name, v1.Ip})
-	}
-
-	m.Object.Locker.Lock()
-	m.Object.Assets = assets
-	m.Object.Locker.Unlock()
-	m.SearchTime = time.Now()
-	m.Rows = rows
-}
-
-func (m *TermModel) convertRows() {
-	switch m.Step {
-	case ChooseAccount:
-		var rows []table.Row
-		for index, v := range m.Object.AccountsForSelect {
-			rows = append(rows, table.Row{strconv.Itoa(index), v.Name, v.Account})
-		}
-		m.Rows = rows
-	default:
-		if time.Since(m.SearchTime) < time.Minute {
-			var rows []table.Row
-			for index, v1 := range m.Object.Assets {
-				rows = append(rows, []string{strconv.Itoa(index), v1.Name, v1.Ip})
-			}
-			m.Rows = rows
-			return
-		}
-		m.updateRows()
-	}
-}
-
-type nilWriter struct{}
-
-func (nw nilWriter) Write(p []byte) (int, error) {
-	return len(p), nil
-}
-
-func (m *TermModel) ClearDataSource() {
-	m.in.SetReader(nil)
-	m.out.SetWriter(nil)
-}
-
-func (m *TermModel) ResetSource() {
-	m.in.SetReader(m.Object.Session)
-	m.out.SetWriter(m.Object.Session)
-}
-
-type ProxyWriter struct {
-	lock sync.RWMutex
-	w    io.Writer
-}
-
-func (pw *ProxyWriter) Write(p []byte) (n int, err error) {
-	pw.lock.RLock()
-	defer pw.lock.RUnlock()
-	for pw.w == nil {
-		time.Sleep(time.Millisecond * 50)
-	}
-	return pw.w.Write(p)
-}
-
-func (pw *ProxyWriter) SetWriter(w io.Writer) {
-	pw.lock.Lock()
-	defer pw.lock.Unlock()
-	pw.w = w
-}
-
-type ProxyReader struct {
-	lock   sync.RWMutex
-	r      io.Reader
-	hasMsg atomic.Bool
-}
-
-func (pr *ProxyReader) Read(p []byte) (n int, err error) {
-	pr.lock.RLock()
-	defer pr.lock.RUnlock()
-	for pr.r == nil || pr.hasMsg.Load() {
-		time.Sleep(time.Millisecond * 100)
-	}
-
-	n, err = pr.r.Read(p)
-	pr.hasMsg.Store(true)
-	return
-}
-
-func (pr *ProxyReader) SetReader(r io.Reader) {
-	pr.r = r
-}

backend/pkg/proto/ssh/record/asciinema.go

@@ -1,154 +0,0 @@
-package record
-
-import (
-	"encoding/json"
-	"fmt"
-	"os"
-	"path/filepath"
-	"strings"
-	"time"
-
-	gossh "github.com/gliderlabs/ssh"
-	"go.uber.org/zap"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/api"
-	"github.com/veops/oneterm/pkg/proto/ssh/config"
-)
-
-type Asciinema struct {
-	Timestamp time.Time
-	FilePath  string
-
-	SessionId string
-	Writer    *os.File
-	InChan    chan string
-	buf       []string
-	HasWidth  bool
-}
-
-func NewAsciinema(sessionId string, pty gossh.Pty) (asc *Asciinema, err error) {
-	asc = &Asciinema{
-		Timestamp: time.Now(),
-		InChan:    make(chan string, 20480),
-		SessionId: sessionId,
-	}
-	if config.SSHConfig.RecordFilePath == "" {
-		asc.FilePath, _ = os.Getwd()
-	}
-	asc.FilePath = filepath.Join(asc.FilePath, sessionId+".cast")
-
-	castFile, err := os.Create(asc.FilePath)
-	if err != nil {
-		return
-	}
-	asc.Writer = castFile
-
-	head := map[string]any{
-		"version":   2,
-		"width":     pty.Window.Width,
-		"height":    pty.Window.Height,
-		"timestamp": asc.Timestamp.Unix(),
-		"env": map[string]any{
-			"SHELL": "/bin/bash",
-			"TERM":  "xterm-256color",
-		},
-	}
-	s, _ := json.Marshal(head)
-	if pty.Window.Width == 0 {
-		asc.buf = append(asc.buf, string(s))
-	} else {
-		asc.HasWidth = true
-		_, err = castFile.Write(s)
-		if err != nil {
-			return asc, err
-		}
-		_, err = castFile.WriteString("\r\n")
-		if err != nil {
-			return asc, err
-		}
-	}
-	return asc, err
-}
-
-func (a *Asciinema) Write(data []byte) error {
-	s := make([]any, 3)
-	s[0] = (float64(time.Now().UnixMicro() - a.Timestamp.UnixMicro())) / 1000 / 1000
-	s[1] = "o"
-	s[2] = string(data)
-	res, err := json.Marshal(s)
-	if err != nil {
-		return err
-	}
-	if !a.HasWidth {
-		a.buf = append(a.buf, string(res))
-	} else {
-		_, err = a.Writer.Write(append(res, []byte("\r\n")...))
-	}
-	return err
-}
-
-func (a *Asciinema) RemoteWrite(rec string) {
-	a.InChan <- rec
-	for v := range a.InChan {
-		err := api.AddReplay(a.SessionId, map[string]string{
-			"session_id": a.SessionId,
-			"body":       v,
-		})
-		if err != nil {
-			logger.L.Error(err.Error())
-			break
-		}
-	}
-}
-
-func (a *Asciinema) Close() {
-	a.Writer.Close()
-	err := api.AddReplayFile(a.SessionId, a.FilePath)
-	if err != nil {
-		logger.L.Error(err.Error())
-	}
-	err = os.Remove(a.FilePath)
-	if err != nil {
-		logger.L.Warn(err.Error(), zap.String("module", "asciinema"))
-	}
-}
-
-func (a *Asciinema) Resize(height, width int) error {
-	if !a.HasWidth {
-		a.ReWriteZeroWidth(height, width)
-	}
-	s := make([]any, 3)
-	s[0] = (float64(time.Now().UnixMicro() - a.Timestamp.UnixMicro())) / 1000 / 1000
-	s[1] = "r"
-	s[2] = fmt.Sprintf("%dx%d", width, height)
-
-	res, err := json.Marshal(s)
-	if err != nil {
-		return err
-	}
-	_, err = a.Writer.Write(append(res, []byte("\r\n")...))
-	return err
-}
-
-func (a *Asciinema) ReWriteZeroWidth(height, width int) {
-	defer func() {
-		a.HasWidth = true
-	}()
-	if len(a.buf) > 0 {
-		head := map[string]any{}
-		er := json.Unmarshal([]byte(a.buf[0]), &head)
-		if er == nil {
-			head["width"] = width
-			head["height"] = height
-			s, er := json.Marshal(head)
-			if er == nil {
-				a.buf[0] = string(s)
-			}
-		}
-	}
-
-	_, _ = a.Writer.WriteString(strings.Join(a.buf, "\r\n"))
-	_, _ = a.Writer.WriteString("\r\n")
-	return
-}

backend/pkg/proto/ssh/record/record.go

@@ -1,7 +0,0 @@
-package record
-
-type Record interface {
-	Write(record []byte) error
-	Close()
-	Resize(height, width int) error
-}

backend/pkg/proto/ssh/ssh.go

@@ -1,40 +0,0 @@
-package ssh
-
-import (
-	"net"
-	"time"
-
-	"github.com/pires/go-proxyproto"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/proto/ssh/handler"
-)
-
-func Run(Addr, apiHost, token, privateKeyPath, secretKey string) error {
-	s, er := handler.Init(Addr, apiHost, token, privateKeyPath, secretKey)
-
-	if er != nil {
-		return er
-	}
-	go func() {
-		ln, err := net.Listen("tcp", s.Addr)
-		if err != nil {
-			logger.L.Fatal(err.Error())
-		}
-
-		proxyListener := &proxyproto.Listener{
-			Listener:          ln,
-			ReadHeaderTimeout: 10 * time.Second,
-		}
-		defer proxyListener.Close()
-
-		err = s.Serve(proxyListener)
-		if err != nil {
-			logger.L.Fatal(err.Error())
-			return
-		}
-
-	}()
-
-	return nil
-}

backend/pkg/server/router/middleware/auth.go

@@ -1,98 +0,0 @@
-// Package middleware
-package middleware
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"sync"
-
-	"github.com/gin-gonic/gin"
-	"go.uber.org/zap"
-
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-)
-
-var (
-	basicAuthDb = sync.Map{}
-)
-
-func init() {
-	basicAuthDb.Store("admin", "admin")
-}
-
-func Auth() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		var err error
-		var ok bool
-
-		if conf.Cfg.Auth.Acl != nil && conf.Cfg.Auth.Acl.Url != "" {
-			err, ok = authAcl(c)
-		} else {
-			// TODO: add your auth here
-			ok = true
-		}
-		if !ok {
-			logger.L.Warn(err.Error())
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-				"message": "authorized refused",
-			})
-			return
-		}
-
-		c.Next()
-	}
-}
-
-func AuthToken() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		if c.GetHeader("X-Token") != conf.Cfg.SshServer.Xtoken {
-			logger.L.Warn("invalid token", zap.String("X-Token", c.GetHeader("X-Token")))
-			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-				"message": "authorized refused",
-			})
-			return
-		}
-
-		c.Next()
-	}
-}
-
-func authAcl(ctx *gin.Context) (error, bool) {
-	session := &acl.Session{}
-
-	sess, err := ctx.Cookie("session")
-	if err == nil && sess != "" {
-		s := acl.NewSignature(conf.Cfg.SecretKey, "cookie-session", "", "hmac", nil, nil)
-		content, err := s.Unsign(sess)
-		if err != nil {
-			return err, false
-		}
-
-		err = json.Unmarshal(content, &session)
-		if err != nil {
-			return err, false
-		}
-
-		ctx.Set("session", session)
-		return nil, true
-	}
-	return fmt.Errorf("no session"), false
-}
-
-//func authBasic(ctx *gin.Context) (error, bool) {
-//	if user, password, ok := ctx.Request.BasicAuth(); ok {
-//		if p, ok := basicAuthDb.Load(user); ok && p.(string) == password {
-//			return nil, true
-//		} else {
-//			return fmt.Errorf("invalid user or password"), false
-//		}
-//	}
-//	return fmt.Errorf("invalid user or password"), false
-//}
-
-//func authWithWhiteList(ip string) bool {
-//	return lo.Contains(viper.GetStringSlice("gateway.whiteList"), ip)
-//}

backend/pkg/server/router/middleware/cache.go

@@ -1,151 +0,0 @@
-package middleware
-
-import (
-	"bytes"
-	"context"
-	"encoding/gob"
-	"fmt"
-	"net/http"
-	"time"
-
-	"github.com/gin-gonic/gin"
-	"golang.org/x/sync/singleflight"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
-)
-
-var (
-	cachePrefix = "App::HttpCache"
-)
-
-type responseCache struct {
-	Status int
-	Header http.Header
-	Data   []byte
-}
-
-func (c *responseCache) fillWithCacheWriter(cacheWriter *responseCacheWriter) {
-	c.Status = cacheWriter.Status()
-	c.Data = cacheWriter.body.Bytes()
-	c.Header = cacheWriter.Header().Clone()
-}
-
-// responseCacheWriter
-type responseCacheWriter struct {
-	gin.ResponseWriter
-	body bytes.Buffer
-}
-
-func (w *responseCacheWriter) Write(b []byte) (int, error) {
-	w.body.Write(b)
-	return w.ResponseWriter.Write(b)
-}
-
-func replyWithCache(c *gin.Context, respCache *responseCache) {
-	c.Writer.WriteHeader(respCache.Status)
-
-	for key, values := range respCache.Header {
-		for _, val := range values {
-			c.Writer.Header().Set(key, val)
-		}
-	}
-
-	if _, err := c.Writer.Write(respCache.Data); err != nil {
-		logger.L.Error(err.Error())
-	}
-	c.Abort()
-}
-
-func RCache(ctx context.Context, defaultExpire time.Duration) gin.HandlerFunc {
-	sfGroup := singleflight.Group{}
-	return func(c *gin.Context) {
-
-		cacheKey := fmt.Sprintf("%s::%s", cachePrefix, c.Request.RequestURI)
-		cacheDuration := defaultExpire
-
-		// read cache first
-		{
-			respCache := &responseCache{}
-			err := RGet(ctx, cacheKey, &respCache)
-			if err == nil {
-				replyWithCache(c, respCache)
-				return
-			}
-		}
-
-		cacheWriter := &responseCacheWriter{ResponseWriter: c.Writer}
-		c.Writer = cacheWriter
-
-		inFlight := false
-		rawRespCache, _, _ := sfGroup.Do(cacheKey, func() (any, error) {
-			forgetTimer := time.AfterFunc(time.Second*15, func() {
-				sfGroup.Forget(cacheKey)
-			})
-			defer forgetTimer.Stop()
-
-			c.Next()
-
-			inFlight = true
-			respCache := &responseCache{}
-			respCache.fillWithCacheWriter(cacheWriter)
-			// only cache 2xx response
-			if !c.IsAborted() && cacheWriter.Status() < 300 && cacheWriter.Status() >= 200 {
-				if err := RSet(ctx, cacheKey, respCache, cacheDuration); err != nil {
-					logger.L.Error(err.Error())
-				}
-			}
-			return respCache, nil
-		})
-
-		if !inFlight {
-			replyWithCache(c, rawRespCache.(*responseCache))
-			return
-		}
-	}
-}
-
-// redis
-
-func RSet(ctx context.Context, key string, value any, expire time.Duration) error {
-	payload, err := Serialize(value)
-	if err != nil {
-		return err
-	}
-
-	_, err = redis.RC.SetEx(ctx, key, payload, expire).Result()
-	return err
-}
-
-func RDelete(ctx context.Context, key string) error {
-	_, err := redis.RC.Del(ctx, key).Result()
-	return err
-}
-
-func RGet(ctx context.Context, key string, value any) error {
-	r, err := redis.RC.Get(ctx, key).Bytes()
-	if err != nil {
-		return err
-	}
-	return Deserialize(r, value)
-}
-
-// codec
-
-func Serialize(value any) ([]byte, error) {
-	var b bytes.Buffer
-	encoder := gob.NewEncoder(&b)
-	if err := encoder.Encode(value); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
-
-func Deserialize(byt []byte, ptr any) (err error) {
-	b := bytes.NewBuffer(byt)
-	decoder := gob.NewDecoder(b)
-	if err = decoder.Decode(ptr); err != nil {
-		return err
-	}
-	return nil
-}

backend/pkg/server/router/middleware/error.go

@@ -1,63 +0,0 @@
-package middleware
-
-import (
-	"bytes"
-	"encoding/json"
-	"strings"
-
-	"github.com/gin-gonic/gin"
-	"github.com/nicksnyder/go-i18n/v2/i18n"
-
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/server/controller"
-)
-
-type bodyWriter struct {
-	gin.ResponseWriter
-	body *bytes.Buffer
-}
-
-func (w bodyWriter) Write(b []byte) (int, error) {
-	return w.body.Write(b)
-}
-
-func Error2Resp() gin.HandlerFunc {
-	return func(ctx *gin.Context) {
-		if strings.Contains(ctx.Request.URL.String(), "session/replay") {
-			ctx.Next()
-			return
-		}
-
-		wb := &bodyWriter{
-			body:           &bytes.Buffer{},
-			ResponseWriter: ctx.Writer,
-		}
-		ctx.Writer = wb
-
-		ctx.Next()
-
-		obj := make(map[string]any)
-		json.Unmarshal(wb.body.Bytes(), &obj)
-		if len(ctx.Errors) > 0 {
-			if v, ok := obj["code"]; !ok || v == 0 {
-				obj["code"] = ctx.Writer.Status()
-			}
-
-			if v, ok := obj["message"]; !ok || v == "" {
-				e := ctx.Errors.Last().Err
-				obj["message"] = e.Error()
-
-				ae, ok := e.(*controller.ApiError)
-				if ok {
-					lang := ctx.PostForm("lang")
-					accept := ctx.GetHeader("Accept-Language")
-					localizer := i18n.NewLocalizer(conf.Bundle, lang, accept)
-					obj["message"] = ae.Message(localizer)
-
-				}
-			}
-		}
-		bs, _ := json.Marshal(obj)
-		wb.ResponseWriter.Write(bs)
-	}
-}

backend/pkg/server/router/middleware/log.go

@@ -1,137 +0,0 @@
-// Package middleware
-package middleware
-
-import (
-	"bytes"
-	"encoding/json"
-	"io"
-	"net"
-	"net/http"
-	"net/http/httputil"
-	"os"
-	"runtime/debug"
-	"strings"
-	"time"
-
-	"github.com/gin-gonic/gin"
-	"github.com/samber/lo"
-	"go.uber.org/zap"
-
-	"github.com/veops/oneterm/pkg/logger"
-	handler "github.com/veops/oneterm/pkg/server/controller"
-)
-
-var (
-	NotLogUrls = []string{"/favicon.ico"}
-)
-
-func GinLogger(logger *zap.Logger) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		start := time.Now()
-		path := c.Request.URL.Path
-		query := c.Request.URL.RawQuery
-
-		c.Next()
-
-		if !lo.Contains(NotLogUrls, path) {
-			cost := time.Since(start)
-			logger.Info(path,
-				zap.Int("status", c.Writer.Status()),
-				zap.String("method", c.Request.Method),
-				zap.String("path", path),
-				zap.String("query", query),
-				zap.String("ip", c.ClientIP()),
-				zap.String("user-agent", c.Request.UserAgent()),
-				zap.String("errors", c.Errors.ByType(gin.ErrorTypePrivate).String()),
-				zap.Duration("cost", cost),
-			)
-		}
-
-	}
-}
-
-func GinRecovery(logger *zap.Logger, stack bool) gin.HandlerFunc {
-	return func(c *gin.Context) {
-		defer func() {
-			if err := recover(); err != nil {
-				var brokenPipe bool
-				if ne, ok := err.(*net.OpError); ok {
-					if se, ok := ne.Err.(*os.SyscallError); ok {
-						if strings.Contains(strings.ToLower(se.Error()), "broken pipe") ||
-							strings.Contains(strings.ToLower(se.Error()), "connection reset by peer") {
-							brokenPipe = true
-						}
-					}
-				}
-
-				httpRequest, _ := httputil.DumpRequest(c.Request, false)
-				if brokenPipe {
-					logger.Error(c.Request.URL.Path,
-						zap.Any("error", err),
-						zap.String("request", string(httpRequest)),
-					)
-					err := c.Error(err.(error))
-					if err != nil {
-						logger.Error(err.Error())
-					}
-					c.Abort()
-					return
-				}
-
-				if stack {
-					logger.Error("[Recovery from panic]",
-						zap.Any("error", err),
-						zap.String("request", string(httpRequest)),
-						zap.String("stack", string(debug.Stack())),
-					)
-				} else {
-					logger.Error("[Recovery from panic]",
-						zap.Any("error", err),
-						zap.String("request", string(httpRequest)),
-					)
-				}
-				c.AbortWithStatus(http.StatusInternalServerError)
-			}
-		}()
-		c.Next()
-	}
-}
-
-// LogRequest LogUpdate Record the specified HTTP request (including the URL and data) in a log or another location.
-func LogRequest() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		if !lo.Contains([]string{"GET", "HEAD"}, c.Request.Method) {
-
-			data := map[string]any{}
-			bodyBytes, _ := io.ReadAll(c.Request.Body)
-			_ = c.Request.Body.Close()
-			c.Request.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
-
-			if err := json.Unmarshal(bodyBytes, &data); err != nil {
-				if valid, err := permissionCheck(c, data); err != nil {
-					c.AbortWithStatusJSON(http.StatusBadRequest,
-						handler.HttpResponse{Code: http.StatusBadRequest, Message: err.Error()})
-					return
-				} else if !valid {
-					c.AbortWithStatusJSON(http.StatusBadRequest,
-						handler.HttpResponse{Code: http.StatusForbidden, Message: "no permission"})
-					return
-				}
-			}
-
-			excludeUrls := map[string]struct{}{}
-			if _, ok := excludeUrls[c.Request.RequestURI]; !ok {
-				if c.Request.Method != "POST" {
-					w := &responseWriter{ResponseWriter: c.Writer, body: []byte{}}
-					c.Writer = w
-					logger.L.Info("request record", zap.String("body", string(w.body)))
-				}
-			}
-		}
-		c.Next()
-	}
-}
-
-func permissionCheck(ctx *gin.Context, data map[string]any) (bool, error) {
-	return true, nil
-}

backend/pkg/server/router/middleware/middleware.go

@@ -1,62 +0,0 @@
-package middleware
-
-import (
-	"net/http"
-	"runtime"
-
-	"github.com/gin-gonic/gin"
-
-	"github.com/veops/oneterm/pkg/logger"
-)
-
-func Cors() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		method := c.Request.Method
-		origin := c.Request.Header.Get("Origin")
-		if origin != "" {
-			c.Writer.Header().Set("Access-Control-Allow-Origin", origin)
-			c.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
-			c.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token, session")
-			c.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers")
-			c.Header("Access-Control-Max-Age", "172800")
-			c.Header("Access-Control-Allow-Credentials", "true")
-		}
-
-		if method == "OPTIONS" {
-			c.AbortWithStatus(http.StatusNoContent)
-			return
-		}
-
-		defer func() {
-			if err := recover(); err != nil {
-				logger.L.Sugar().Errorf("Panic info is: %v", err)
-			}
-		}()
-
-		c.Next()
-	}
-}
-
-func RecoveryWithWriter() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		defer func() {
-			if err := recover(); err != nil {
-				var buf [4096]byte
-				n := runtime.Stack(buf[:], false)
-				logger.L.Error(string(buf[:n]))
-			}
-		}()
-
-		c.Next()
-	}
-}
-
-type responseWriter struct {
-	gin.ResponseWriter
-	body []byte
-}
-
-func (w *responseWriter) Write(data []byte) (int, error) {
-	w.body = append(w.body, data...)
-	return w.ResponseWriter.Write(data)
-}

backend/pkg/server/router/router.go

@@ -1,121 +0,0 @@
-package router
-
-import (
-	"context"
-	"encoding/gob"
-	"fmt"
-	"net/http"
-	"os"
-	"time"
-
-	"github.com/gin-contrib/sessions"
-	"github.com/gin-contrib/sessions/cookie"
-	"github.com/gin-gonic/gin"
-	"github.com/prometheus/client_golang/prometheus/promhttp"
-	"github.com/spf13/viper"
-	swaggerFiles "github.com/swaggo/files"
-	ginSwagger "github.com/swaggo/gin-swagger"
-
-	"github.com/veops/oneterm/docs"
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/router/middleware"
-	"github.com/veops/oneterm/pkg/util"
-)
-
-var routeGroup []*GroupRoute
-
-func Server(cfg *conf.ConfigYaml) *http.Server {
-	routeConfig()
-
-	srv := &http.Server{
-		Addr:    fmt.Sprintf("%s:%d", cfg.Http.Host, cfg.Http.Port),
-		Handler: setupRouter(),
-	}
-
-	go func() {
-		if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
-			logger.L.Error(err.Error())
-			os.Exit(1)
-		}
-	}()
-
-	logger.L.Info(fmt.Sprintf("start on server:%s", srv.Addr))
-	return srv
-}
-
-func GracefulExit(srv *http.Server, ch chan struct{}) {
-	<-ch
-
-	ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
-	defer cancel()
-	if err := srv.Shutdown(ctx); err != nil {
-		logger.L.Error(err.Error())
-	}
-	logger.L.Info("Shutdown server ...")
-}
-
-func routeConfig() {
-	var commonRoute []Route
-	commonRoute = append(commonRoute, routes...)
-	routeGroup = []*GroupRoute{
-		{
-			Prefix: "/api/oneterm/v1",
-			GroupMiddleware: gin.HandlersChain{
-				middleware.Error2Resp(),
-				middleware.RecoveryWithWriter(),
-			},
-			SubRoutes: commonRoute,
-		},
-		{
-			Prefix:    "",
-			SubRoutes: baseRoutes,
-		},
-	}
-}
-
-func setupRouter() *gin.Engine {
-	r := gin.New()
-	r.SetTrustedProxies([]string{"0.0.0.0/0", "::/0"})
-	r.MaxMultipartMemory = 128 << 20
-	r.Use(
-		middleware.GinLogger(logger.L),
-		middleware.LogRequest(),
-		middleware.Cors(),
-		middleware.GinRecovery(logger.L, true))
-	// sso
-	gob.Register(map[string]any{}) // important!
-	store := cookie.NewStore([]byte(viper.GetString("gateway.secretKey")))
-	r.Use(sessions.Sessions("session", store))
-
-	routeGroupsMap := make(map[string]*gin.RouterGroup)
-	for _, gRoute := range routeGroup {
-		if _, ok := routeGroupsMap[gRoute.Prefix]; !ok {
-			routeGroupsMap[gRoute.Prefix] = r.Group(gRoute.Prefix)
-		}
-		for _, gMiddleware := range gRoute.GroupMiddleware {
-			routeGroupsMap[gRoute.Prefix].Use(gMiddleware)
-		}
-
-		for _, subRoute := range gRoute.SubRoutes {
-			length := len(subRoute.Middleware) + 2
-			routes := make([]any, length)
-			routes[0] = subRoute.Pattern
-			for i, v := range subRoute.Middleware {
-				routes[i+1] = v
-			}
-			routes[length-1] = subRoute.HandlerFunc
-
-			util.CallReflect(
-				routeGroupsMap[gRoute.Prefix],
-				subRoute.Method,
-				routes...)
-		}
-	}
-	r.Handle("GET", "/metrics", gin.WrapH(promhttp.Handler()))
-	// swagger
-	docs.SwaggerInfo.Title = "ONETERM API"
-	docs.SwaggerInfo.BasePath = "/api/oneterm/v1"
-	r.GET("/swagger/*any", ginSwagger.WrapHandler(swaggerFiles.Handler))
-	return r
-}

backend/pkg/server/router/routers.go

@@ -1,447 +0,0 @@
-package router
-
-import (
-	"net/http"
-
-	"github.com/gin-gonic/gin"
-
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/controller"
-	"github.com/veops/oneterm/pkg/server/router/middleware"
-)
-
-var (
-	c = controller.NewController()
-
-	baseRoutes = []Route{
-		{
-			Name:    "a health check, just for monitoring",
-			Method:  "GET",
-			Pattern: "/-/health",
-			HandlerFunc: func(ctx *gin.Context) {
-				ctx.String(http.StatusOK, "OK")
-			},
-		},
-		{
-			Name:    "favicon.ico",
-			Method:  "GET",
-			Pattern: "/favicon.ico",
-			HandlerFunc: func(ctx *gin.Context) {
-			},
-		},
-		{
-			Name:    "change the log level",
-			Method:  "PUT",
-			Pattern: "/-/log/level",
-			HandlerFunc: func(ctx *gin.Context) {
-				logger.AtomicLevel.ServeHTTP(ctx.Writer, ctx.Request)
-			},
-		},
-	}
-
-	routes = []Route{
-		// account
-		{
-			Name:        "create a account",
-			Method:      "POST",
-			Pattern:     "account",
-			HandlerFunc: c.CreateAccount,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "delete a account",
-			Method:      "DELETE",
-			Pattern:     "account/:id",
-			HandlerFunc: c.DeleteAccount,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update a account",
-			Method:      "PUT",
-			Pattern:     "account/:id",
-			HandlerFunc: c.UpdateAccount,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query accounts",
-			Method:      "GET",
-			Pattern:     "account",
-			HandlerFunc: c.GetAccounts,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		// asset
-		{
-			Name:        "create a asset",
-			Method:      "POST",
-			Pattern:     "asset",
-			HandlerFunc: c.CreateAsset,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "delete a asset",
-			Method:      "DELETE",
-			Pattern:     "asset/:id",
-			HandlerFunc: c.DeleteAsset,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update a asset",
-			Method:      "PUT",
-			Pattern:     "asset/:id",
-			HandlerFunc: c.UpdateAsset,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query assets",
-			Method:      "GET",
-			Pattern:     "asset",
-			HandlerFunc: c.GetAssets,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update asset by server",
-			Method:      "PUT",
-			Pattern:     "asset/update_by_server",
-			HandlerFunc: c.UpdateByServer,
-			Middleware:  gin.HandlersChain{middleware.AuthToken()},
-		},
-		{
-			Name:        "query asset by server",
-			Method:      "GET",
-			Pattern:     "asset/query_by_server",
-			HandlerFunc: c.QueryByServer,
-			Middleware:  gin.HandlersChain{middleware.AuthToken()},
-		},
-		// command
-		{
-			Name:        "create a command",
-			Method:      "POST",
-			Pattern:     "command",
-			HandlerFunc: c.CreateCommand,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "delete a command",
-			Method:      "DELETE",
-			Pattern:     "command/:id",
-			HandlerFunc: c.DeleteCommand,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update a command",
-			Method:      "PUT",
-			Pattern:     "command/:id",
-			HandlerFunc: c.UpdateCommand,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query commands",
-			Method:      "GET",
-			Pattern:     "command",
-			HandlerFunc: c.GetCommands,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "modify config",
-			Method:      "POST",
-			Pattern:     "config",
-			HandlerFunc: c.PostConfig,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query config",
-			Method:      "GET",
-			Pattern:     "config",
-			HandlerFunc: c.GetConfig,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		// gateway
-		{
-			Name:        "create a gateway",
-			Method:      "POST",
-			Pattern:     "gateway",
-			HandlerFunc: c.CreateGateway,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "delete a gateway",
-			Method:      "DELETE",
-			Pattern:     "gateway/:id",
-			HandlerFunc: c.DeleteGateway,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update a gateway",
-			Method:      "PUT",
-			Pattern:     "gateway/:id",
-			HandlerFunc: c.UpdateGateway,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query gateways",
-			Method:      "GET",
-			Pattern:     "gateway",
-			HandlerFunc: c.GetGateways,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		// node
-		{
-			Name:        "create a node",
-			Method:      "POST",
-			Pattern:     "node",
-			HandlerFunc: c.CreateNode,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "delete a node",
-			Method:      "DELETE",
-			Pattern:     "node/:id",
-			HandlerFunc: c.DeleteNode,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update a node",
-			Method:      "PUT",
-			Pattern:     "node/:id",
-			HandlerFunc: c.UpdateNode,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query nodes",
-			Method:      "GET",
-			Pattern:     "node",
-			HandlerFunc: c.GetNodes,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		// publicKey
-		{
-			Name:        "create a publicKey",
-			Method:      "POST",
-			Pattern:     "public_key",
-			HandlerFunc: c.CreatePublicKey,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "delete a publicKey",
-			Method:      "DELETE",
-			Pattern:     "public_key/:id",
-			HandlerFunc: c.DeletePublicKey,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "update a publicKey",
-			Method:      "PUT",
-			Pattern:     "public_key/:id",
-			HandlerFunc: c.UpdatePublicKey,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query publicKeys",
-			Method:      "GET",
-			Pattern:     "public_key",
-			HandlerFunc: c.GetPublicKeys,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "auth by publicKey or password",
-			Method:      "POST",
-			Pattern:     "public_key/auth",
-			HandlerFunc: c.Auth,
-			Middleware:  gin.HandlersChain{middleware.AuthToken()},
-		},
-		//stat
-		{
-			Name:        "query stat asset type",
-			Method:      "GET",
-			Pattern:     "stat/assettype",
-			HandlerFunc: c.StatAssetType,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query stat count",
-			Method:      "GET",
-			Pattern:     "stat/count",
-			HandlerFunc: c.StatCount,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query stat count of user",
-			Method:      "GET",
-			Pattern:     "stat/count/ofuser",
-			HandlerFunc: c.StatCountOfUser,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query stat account",
-			Method:      "GET",
-			Pattern:     "stat/account",
-			HandlerFunc: c.StatAccount,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query stat asset",
-			Method:      "GET",
-			Pattern:     "stat/asset",
-			HandlerFunc: c.StatAsset,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query stat rank of user",
-			Method:      "GET",
-			Pattern:     "stat/rank/ofuser",
-			HandlerFunc: c.StatRankOfUser,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		//session
-		{
-			Name:        "query session",
-			Method:      "GET",
-			Pattern:     "session",
-			HandlerFunc: c.GetSessions,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query session cmds",
-			Method:      "GET",
-			Pattern:     "session/:session_id/cmd",
-			HandlerFunc: c.GetSessionCmds,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query session option asset",
-			Method:      "GET",
-			Pattern:     "session/option/asset",
-			HandlerFunc: c.GetSessionOptionAsset,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query session option client ip",
-			Method:      "GET",
-			Pattern:     "session/option/clientip",
-			HandlerFunc: c.GetSessionOptionClientIp,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query session replay",
-			Method:      "GET",
-			Pattern:     "session/replay/:session_id",
-			HandlerFunc: c.GetSessionReplay,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "create sesssin replay",
-			Method:      "POST",
-			Pattern:     "session/replay/:session_id",
-			HandlerFunc: c.CreateSessionReplay,
-			Middleware:  gin.HandlersChain{middleware.AuthToken()},
-		},
-		{
-			Name:        "upsert session",
-			Method:      "POST",
-			Pattern:     "session",
-			HandlerFunc: c.UpsertSession,
-			Middleware:  gin.HandlersChain{middleware.AuthToken()},
-		},
-		{
-			Name:        "create sesssin cmd",
-			Method:      "POST",
-			Pattern:     "session/cmd",
-			HandlerFunc: c.CreateSessionCmd,
-			Middleware:  gin.HandlersChain{middleware.AuthToken()},
-		},
-		//history
-		{
-			Name:        "query history",
-			Method:      "GET",
-			Pattern:     "history",
-			HandlerFunc: c.GetHistories,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "query history type mapping",
-			Method:      "GET",
-			Pattern:     "history/type/mapping",
-			HandlerFunc: c.GetHistoryTypeMapping,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		//connect
-		{
-			Name:        "connect",
-			Method:      "POST",
-			Pattern:     "connect/:asset_id/:account_id/:protocol",
-			HandlerFunc: c.Connect,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "connecting",
-			Method:      "GET",
-			Pattern:     "connect/:session_id",
-			HandlerFunc: c.Connecting,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "connect monitor",
-			Method:      "GET",
-			Pattern:     "connect/monitor/:session_id",
-			HandlerFunc: c.ConnectMonitor,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "connect close",
-			Method:      "POST",
-			Pattern:     "connect/close/:session_id",
-			HandlerFunc: c.ConnectClose,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		//file
-		{
-			Name:        "query file history",
-			Method:      "GET",
-			Pattern:     "file/history",
-			HandlerFunc: c.GetFileHistory,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "file action ls",
-			Method:      "GET",
-			Pattern:     "file/ls/:asset_id/:account_id",
-			HandlerFunc: c.FileLS,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "file action mkdir",
-			Method:      "POST",
-			Pattern:     "file/mkdir/:asset_id/:account_id",
-			HandlerFunc: c.FileMkdir,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "file action upload",
-			Method:      "POST",
-			Pattern:     "file/upload/:asset_id/:account_id",
-			HandlerFunc: c.FileUpload,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-		{
-			Name:        "file action download",
-			Method:      "GET",
-			Pattern:     "file/download/:asset_id/:account_id",
-			HandlerFunc: c.FileDownload,
-			Middleware:  gin.HandlersChain{middleware.Auth()},
-		},
-	}
-)
-
-type Route struct {
-	Name        string
-	Method      string
-	Pattern     string
-	HandlerFunc func(ctx *gin.Context)
-	Middleware  []gin.HandlerFunc
-}
-
-type GroupRoute struct {
-	Prefix          string
-	GroupMiddleware gin.HandlersChain
-	SubRoutes       []Route
-}

backend/pkg/server/schedule/cmdb/cmdb.go

@@ -1,174 +0,0 @@
-package cmdb
-
-import (
-	"context"
-	"crypto/sha1"
-	"encoding/hex"
-	"errors"
-	"fmt"
-	"net/url"
-	"sort"
-	"strings"
-	"time"
-
-	"github.com/samber/lo"
-	"github.com/spf13/cast"
-	"go.uber.org/zap"
-	"gorm.io/gorm"
-
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/auth/acl"
-	"github.com/veops/oneterm/pkg/server/controller"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/remote"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-)
-
-var (
-	ctx, cancel = context.WithCancel(context.Background())
-)
-
-func Run() (err error) {
-	currentUser := &acl.Session{
-		Uid: conf.Cfg.Worker.Uid,
-		Acl: acl.Acl{
-			Rid: conf.Cfg.Worker.Rid,
-		},
-	}
-	tk := time.NewTicker(time.Minute)
-	last := make(map[int]time.Time)
-	for {
-		select {
-		case <-tk.C:
-			nodes, err := getNodes()
-			if err != nil {
-				logger.L.Error("get nodes faild", zap.Error(err))
-				continue
-			}
-			now := time.Now()
-			for _, n := range nodes {
-				d, _ := time.ParseDuration(fmt.Sprintf("%fh", n.Sync.Frequency))
-				if last[n.Id].Add(d).After(now) {
-					continue
-				}
-				if n.Sync.TypeId <= 0 {
-					continue
-				}
-				cis, err := getCis(n.Sync.TypeId, n.Sync.Filters)
-				if err != nil {
-					logger.L.Error("get cmdb failed", zap.Error(err))
-					continue
-				}
-				for _, ci := range cis {
-					a := &model.Asset{
-						Ciid:          cast.ToInt(ci["_id"]),
-						ParentId:      n.Id,
-						UpdaterId:     conf.Cfg.Worker.Uid,
-						Ip:            cast.ToString(ci[n.Sync.Mapping["ip"]]),
-						Name:          fmt.Sprintf("%s@%v", cast.ToString(ci[n.Sync.Mapping["name"]]), time.Now().Format(time.RFC3339)),
-						Protocols:     n.Protocols,
-						Authorization: n.Authorization,
-						AccessAuth:    n.AccessAuth,
-					}
-					resourceIds := make([]int, 0)
-					if err := mysql.DB.Model(a).Select("resource_id").Where("ci_id = ?", a.Ciid).Find(&resourceIds).Error; err != nil {
-						logger.L.Error("insert ci failed", zap.Error(err))
-						continue
-					}
-					if !errors.Is(mysql.DB.Model(a).Where("ci_id = ?", a.Ciid).Where("parent_id = ?", a.ParentId).First(map[string]any{}).Error, gorm.ErrRecordNotFound) {
-						continue
-					}
-					a.CreatorId = conf.Cfg.Worker.Uid
-
-					a.ResourceId, err = acl.CreateAcl(ctx, currentUser, acl.GetResourceTypeName(conf.RESOURCE_ASSET), a.Name)
-					if err != nil {
-						continue
-					}
-					if err = mysql.DB.Transaction(func(tx *gorm.DB) (err error) {
-						if err = tx.Create(a).Error; err != nil {
-							return
-						}
-						err = controller.HandleAuthorization(currentUser, tx, model.ACTION_CREATE, nil, a)
-						return
-					}); err != nil {
-						continue
-					}
-				}
-			}
-		case <-ctx.Done():
-			return
-		}
-	}
-}
-
-func Stop(err error) {
-	defer cancel()
-}
-
-func getNodes() (res map[int]*model.Node, err error) {
-	data := make([]*model.Node, 0)
-	err = mysql.DB.
-		Model(&model.Node{}).
-		Where("enable = ?", 1).
-		Find(&data).
-		Error
-	if err != nil {
-		return
-	}
-
-	res = lo.SliceToMap(data, func(d *model.Node) (int, *model.Node) { return d.Id, d })
-
-	return
-}
-
-func getCis(typeId int, filters string) (res []map[string]any, err error) {
-	url := fmt.Sprintf("%s/ci/s", conf.Cfg.Cmdb.Url)
-	params := map[string]any{
-		"q":     fmt.Sprintf("_type:(%d),%s", typeId, filters),
-		"count": 100000,
-	}
-	params["_secret"] = buildAPIKey(url, params)
-	params["_key"] = conf.Cfg.Worker.Key
-	ps := make(map[string]string)
-	for k, v := range params {
-		ps[k] = cast.ToString(v)
-	}
-
-	data := &GetCIResult{}
-	resp, err := remote.RC.R().
-		SetQueryParams(ps).
-		SetResult(data).
-		Get(url)
-
-	if err = remote.HandleErr(err, resp, func(dt map[string]any) bool { return true }); err != nil {
-		return
-	}
-
-	res = data.Result
-
-	return
-}
-
-type GetCIResult struct {
-	Counter  map[string]int   `json:"counter"`
-	Facet    map[string]any   `json:"facet"`
-	Numfound int              `json:"numfound"`
-	Page     int              `json:"page"`
-	Result   []map[string]any `json:"result"`
-	Total    int              `json:"total"`
-}
-
-func buildAPIKey(u string, params map[string]any) string {
-	pu, _ := url.Parse(u)
-	keys := lo.Keys(params)
-	sort.Slice(keys, func(i, j int) bool { return keys[i] < keys[j] })
-	vals := strings.Join(
-		lo.Map(keys, func(k string, _ int) string {
-			return lo.Ternary(strings.HasPrefix(k, "_"), "", cast.ToString(params[k]))
-		}),
-		"")
-	sha := sha1.New()
-	sha.Write([]byte(strings.Join([]string{pu.Path, conf.Cfg.Worker.Secret, vals}, "")))
-	return hex.EncodeToString(sha.Sum(nil))
-}

backend/pkg/server/storage/cache/local/localcache.go

@@ -1,21 +0,0 @@
-package local
-
-import (
-	"context"
-	"time"
-
-	"github.com/allegro/bigcache/v3"
-)
-
-var (
-	// LC local cache client
-	LC *bigcache.BigCache
-)
-
-func Init() error {
-	var err error
-	if LC, err = bigcache.New(context.Background(), bigcache.DefaultConfig(time.Minute*10)); err != nil {
-		return err
-	}
-	return nil
-}

backend/pkg/server/storage/db/mysql/mysql.go

@@ -1,27 +0,0 @@
-package mysql
-
-import (
-	"fmt"
-
-	"gorm.io/driver/mysql"
-	"gorm.io/gorm"
-
-	"github.com/veops/oneterm/pkg/conf"
-)
-
-var (
-	DB *gorm.DB
-)
-
-func Init(cfg *conf.MysqlConfig) (err error) {
-	if cfg == nil {
-		return
-	}
-
-	dsn := fmt.Sprintf("%s:%s@tcp(%s:%s)/oneterm?charset=utf8mb4&parseTime=True&loc=Local", cfg.User, cfg.Password, cfg.Ip, cfg.Port)
-	if DB, err = gorm.Open(mysql.Open(dsn), &gorm.Config{}); err != nil {
-		return
-	}
-
-	return
-}

backend/pkg/util/requests.go

@@ -1,52 +0,0 @@
-package util
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-func ClientRequest(client *http.Client, method, url string, headers map[string]string, data []byte) (int, []byte, error) {
-	var res []byte
-	var code = 0
-	req, err := http.NewRequest(strings.ToUpper(method), url, bytes.NewBuffer(data))
-	if err != nil {
-		return code, res, err
-	}
-
-	for k, v := range headers {
-		req.Header.Set(k, v)
-	}
-	//req.AddCookie(&http.Cookie{Name: "session", Value: ""})
-	response, err := client.Do(req)
-	if err != nil && response == nil {
-		return code, res, fmt.Errorf("error: %+v", err)
-	} else {
-		if response != nil {
-			defer response.Body.Close()
-			r, err := io.ReadAll(response.Body)
-			return response.StatusCode, r, err
-		}
-		return code, res, nil
-	}
-}
-
-func PostForm(reqUrl string, content map[string]string) (int, []byte, error) {
-	data := url.Values{}
-	for k, v := range content {
-		data.Add(k, v)
-	}
-
-	resp, err := http.PostForm(reqUrl, data)
-	if resp != nil {
-		defer resp.Body.Close()
-	}
-	if err != nil {
-		return 0, nil, err
-	}
-	r, err := io.ReadAll(resp.Body)
-	return resp.StatusCode, r, err
-}

backend/pkg/util/util.go

@@ -1,164 +0,0 @@
-package util
-
-import (
-	"errors"
-	"fmt"
-	"net"
-	"os"
-	"path/filepath"
-	"reflect"
-	"strconv"
-	"time"
-	"unsafe"
-
-	"github.com/mitchellh/mapstructure"
-)
-
-func GetLocalIP() (string, error) {
-	interfaces, err := net.Interfaces()
-	if err != nil {
-		return "", err
-	}
-
-	for _, iface := range interfaces {
-		addrs, err := iface.Addrs()
-		if err != nil {
-			return "", err
-		}
-
-		for _, addr := range addrs {
-			ipNet, ok := addr.(*net.IPNet)
-			if ok && !ipNet.IP.IsLoopback() && ipNet.IP.To4() != nil {
-				return ipNet.IP.String(), nil
-			}
-		}
-	}
-
-	return "", errors.New("cannot find the client IP address")
-}
-
-func GetMacAddrs() (macAddrs []string) {
-	netInterfaces, err := net.Interfaces()
-	if err != nil {
-		return macAddrs
-	}
-
-	for _, netInterface := range netInterfaces {
-		macAddr := netInterface.HardwareAddr.String()
-		if len(macAddr) == 0 {
-			continue
-		}
-		macAddrs = append(macAddrs, macAddr)
-	}
-	return macAddrs
-}
-
-func CallReflect(any any, name string, args ...any) []reflect.Value {
-	inputs := make([]reflect.Value, len(args))
-	for i := range args {
-		inputs[i] = reflect.ValueOf(args[i])
-	}
-
-	if v := reflect.ValueOf(any).MethodByName(name); v.String() == "<invalid Value>" {
-		return nil
-	} else {
-		return v.Call(inputs)
-	}
-}
-
-func SetUnExportedStructField(ptr any, field string, newValue any) error {
-	v := reflect.ValueOf(ptr).Elem().FieldByName(field)
-	v = reflect.NewAt(v.Type(), unsafe.Pointer(v.UnsafeAddr())).Elem()
-	nv := reflect.ValueOf(newValue)
-	if v.Kind() != nv.Kind() {
-		return fmt.Errorf("expected kind :%s, get kind: %s", v.Kind(), nv.Kind())
-	}
-	v.Set(nv)
-	return nil
-}
-
-//func CopyStruct(source interface{}, dest interface{}) {
-//	val := reflect.ValueOf(source)
-//	destVal := reflect.ValueOf(dest).Elem()
-//
-//	for i := 0; i < val.NumField(); i++ {
-//		field := val.Type().Field(i).Name
-//		destField := destVal.FieldByName(field)
-//		if destField.IsValid() && destField.CanSet() {
-//			destField.Set(val.Field(i))
-//		}
-//	}
-//}
-
-func CopyStruct(src, dst interface{}) error {
-	srcVal := reflect.ValueOf(src)
-	dstVal := reflect.ValueOf(dst).Elem()
-
-	for i := 0; i < srcVal.NumField(); i++ {
-		srcField := srcVal.Type().Field(i)
-		dstField, found := dstVal.Type().FieldByName(srcField.Name)
-
-		if found {
-			if dstField.Type.AssignableTo(srcField.Type) {
-				dstVal.FieldByName(srcField.Name).Set(srcVal.Field(i))
-			} else {
-				return fmt.Errorf("Cannot assign %s field", srcField.Name)
-			}
-		}
-	}
-
-	return nil
-}
-
-func ToTimeHookFunc() mapstructure.DecodeHookFunc {
-	return func(
-		f reflect.Type,
-		t reflect.Type,
-		data interface{}) (interface{}, error) {
-		if t != reflect.TypeOf(time.Time{}) {
-			return data, nil
-		}
-
-		switch f.Kind() {
-		case reflect.String:
-			return time.Parse(time.RFC3339, data.(string))
-		case reflect.Float64:
-			return time.Unix(0, int64(data.(float64))*int64(time.Millisecond)), nil
-		case reflect.Int64:
-			return time.Unix(0, data.(int64)*int64(time.Millisecond)), nil
-		default:
-			return data, nil
-		}
-		// Convert it by parsing
-	}
-}
-
-func decodeHook(f reflect.Type, t reflect.Type, data interface{}) (interface{}, error) {
-	if f.Kind() == reflect.Int && t.Kind() == reflect.String {
-		return strconv.Itoa(data.(int)), nil
-	}
-	return data, nil
-}
-
-func DecodeStruct(dst, src any) error {
-	decoder, _ := mapstructure.NewDecoder(&mapstructure.DecoderConfig{
-		TagName: "json",
-		Result:  &dst,
-		DecodeHook: mapstructure.ComposeDecodeHookFunc(
-			ToTimeHookFunc()),
-	})
-	return decoder.Decode(src)
-}
-
-func ListFiles(path string) (res []string, err error) {
-	err = filepath.Walk(path, func(path string, info os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-		if !info.IsDir() && filepath.Ext(path) == ".toml" {
-			res = append(res, path)
-		}
-		return nil
-	})
-	return
-}

backend/remote/http.go

@@ -14,9 +14,9 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
 
-	"github.com/veops/oneterm/pkg/conf"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/storage/cache/redis"
+	redis "github.com/veops/oneterm/cache"
+	"github.com/veops/oneterm/conf"
+	"github.com/veops/oneterm/logger"
 )
 
 var (
@@ -54,7 +54,7 @@ func HandleErr(e error, resp *resty.Response, isOk func(dt map[string]any) bool)
 	defer func() {
 		if err != nil {
 			bs, _ := json.Marshal(resp.Request.Body)
-			logger.L.Error(fmt.Sprintf("%s failed", runtime.FuncForPC(pc).Name()), zap.String("url", resp.Request.URL), zap.String("req", string(bs)), zap.String("resp", resp.String()))
+			logger.L().Error(fmt.Sprintf("%s failed", runtime.FuncForPC(pc).Name()), zap.String("url", resp.Request.URL), zap.String("req", string(bs)), zap.String("resp", resp.String()))
 		}
 	}()
 

backend/schedule/connectable.go

@@ -1,4 +1,4 @@
-package connectable
+package schedule
 
 import (
 	"context"
@@ -12,11 +12,11 @@ import (
 	"github.com/spf13/cast"
 	"go.uber.org/zap"
 
-	"github.com/veops/oneterm/pkg/logger"
-	ggateway "github.com/veops/oneterm/pkg/server/global/gateway"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
-	"github.com/veops/oneterm/pkg/util"
+	mysql "github.com/veops/oneterm/db"
+	ggateway "github.com/veops/oneterm/gateway"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
+	"github.com/veops/oneterm/util"
 )
 
 var (
@@ -24,7 +24,7 @@ var (
 	d           = time.Hour * 2
 )
 
-func Run() (err error) {
+func RunConnectable() (err error) {
 	tk := time.NewTicker(d)
 	for {
 		select {
@@ -36,14 +36,14 @@ func Run() (err error) {
 	}
 }
 
-func Stop(err error) {
+func StopConnectable(err error) {
 	defer cancel()
 }
 
 func CheckUpdate(ids ...int) (err error) {
 	defer func() {
 		if err != nil {
-			logger.L.Warn("check connectable failed", zap.Error(err))
+			logger.L().Warn("check connectable failed", zap.Error(err))
 		}
 	}()
 	assets := make([]*model.Asset, 0)
@@ -56,7 +56,7 @@ func CheckUpdate(ids ...int) (err error) {
 	}
 	if err = db.
 		Find(&assets).Error; err != nil {
-		logger.L.Debug("get assets to test connectable failed", zap.Error(err))
+		logger.L().Debug("get assets to test connectable failed", zap.Error(err))
 		return
 	}
 	gids := lo.Without(lo.Uniq(lo.Map(assets, func(a *model.Asset, _ int) int { return a.GatewayId })), 0)
@@ -66,7 +66,7 @@ func CheckUpdate(ids ...int) (err error) {
 			Model(gateways).
 			Where("id IN ?", gids).
 			Find(&gateways).Error; err != nil {
-			logger.L.Debug("get gatewats to test connectable failed", zap.Error(err))
+			logger.L().Debug("get gatewats to test connectable failed", zap.Error(err))
 			return
 		}
 	}
@@ -89,12 +89,12 @@ func CheckUpdate(ids ...int) (err error) {
 	ggateway.GetGatewayManager().Close(sids...)
 	if len(oks) > 0 {
 		if err := mysql.DB.Model(assets).Where("id IN ?", oks).Update("connectable", true).Error; err != nil {
-			logger.L.Debug("update connectable to ok failed", zap.Error(err))
+			logger.L().Debug("update connectable to ok failed", zap.Error(err))
 		}
 	}
 	if len(oks) < len(all) {
 		if err := mysql.DB.Model(assets).Where("id IN ?", lo.Without(all, oks...)).Update("connectable", false).Error; err != nil {
-			logger.L.Debug("update connectable to fail failed", zap.Error(err))
+			logger.L().Debug("update connectable to fail failed", zap.Error(err))
 		}
 	}
 	return
@@ -111,7 +111,7 @@ func checkOne(asset *model.Asset, gateway *model.Gateway) (sid string, ok bool)
 		if asset.GatewayId != 0 {
 			gt, err = ggateway.GetGatewayManager().Open(sid, ip, port, gateway)
 			if err != nil {
-				logger.L.Debug("open gateway failed", zap.Error(err))
+				logger.L().Debug("open gateway failed", zap.Error(err))
 				continue
 			}
 			ip, port = gt.LocalIp, gt.LocalPort
@@ -119,7 +119,7 @@ func checkOne(asset *model.Asset, gateway *model.Gateway) (sid string, ok bool)
 		addr := fmt.Sprintf("%s:%d", ip, port)
 		net, err := net.DialTimeout("tcp", addr, time.Second*3)
 		if err != nil {
-			logger.L.Debug("dail failed", zap.String("addr", addr), zap.Error(err))
+			logger.L().Debug("dail failed", zap.String("addr", addr), zap.Error(err))
 			continue
 		}
 		defer net.Close()

backend/session/session.go

@@ -9,12 +9,13 @@ import (
 	"time"
 
 	"github.com/gin-gonic/gin"
-	"github.com/veops/oneterm/pkg/logger"
-	"github.com/veops/oneterm/pkg/server/guacd"
-	"github.com/veops/oneterm/pkg/server/model"
-	"github.com/veops/oneterm/pkg/server/storage/db/mysql"
 	"go.uber.org/zap"
 	"gorm.io/gorm/clause"
+
+	"github.com/veops/oneterm/api/guacd"
+	mysql "github.com/veops/oneterm/db"
+	"github.com/veops/oneterm/logger"
+	"github.com/veops/oneterm/model"
 )
 
 var (
@@ -85,7 +86,7 @@ func Init() (err error) {
 		Where("status = ?", model.SESSIONSTATUS_ONLINE).
 		Find(&sessions).
 		Error; err != nil {
-		logger.L.Warn("get sessions failed", zap.Error(err))
+		logger.L().Warn("get sessions failed", zap.Error(err))
 		return
 	}
 	ctx := &gin.Context{}

docker-compose.yaml

@@ -138,17 +138,6 @@ services:
         aliases:
           - acl-api
 
-volumes:
-  db-data:
-    driver: local
-    name: oneterm_db-data
-  file-data:
-    driver: local
-    name: oneterm_file-data
-  ssh-data:
-    driver: local
-    name: oneterm_ssh
-
 networks:
   new:
     driver: bridge