From a55ee0cf901d764995f203b70d32badf20c6e96e Mon Sep 17 00:00:00 2001 From: Levi Yan Date: Sun, 23 Mar 2025 17:17:32 +0800 Subject: [PATCH] security: verify token and username before storing --- src/main.ts | 94 ++++++++++++++++++++++++++++++----------------------- 1 file changed, 54 insertions(+), 40 deletions(-) diff --git a/src/main.ts b/src/main.ts index bbec9b1..4046d4a 100644 --- a/src/main.ts +++ b/src/main.ts @@ -17,6 +17,8 @@ export class DevStarExtension { const handler = vscode.window.registerUriHandler({ handleUri: async (uri: vscode.Uri) => { + const devstarAPIHandler = new DevstarAPIHandler() + if (uri.path === '/openProject') { const params = new URLSearchParams(uri.query); const host = params.get('host'); @@ -35,27 +37,33 @@ export class DevStarExtension { if (access_token && devstar_username) { if (!this.user.isLogged()) { // 如果没有用户登录,则直接登录; - this.user.setUserTokenToLocal(access_token) - this.user.setUsernameToLocal(devstar_username) + await devstarAPIHandler.verifyToken(access_token, devstar_username) + .then(async (res) => { + if (res === 'ok') { + // token与用户名验证通过 + // 插件登录:存储token与用户名 + this.user.setUserTokenToLocal(access_token) + this.user.setUsernameToLocal(devstar_username) - // 检查本地是否有用户所属公钥,没有则创建 - if (!this.user.existUserPublicKey()) { - await this.user.createUserSSHKey() - .then(async () => { - // 上传公钥 - const devstarAPIHandler = new DevstarAPIHandler() - await devstarAPIHandler.uploadUserPublicKey(this.user) - .then(async (res) => { - if (res === "ok") { - // 打开项目 - await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) - } - }) - }) - } else { - // 直接打开项目 - await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) - } + // 检查本地是否有用户所属公钥,没有则创建 + if (!this.user.existUserPublicKey()) { + await this.user.createUserSSHKey() + .then(async () => { + // 上传公钥 + await devstarAPIHandler.uploadUserPublicKey(this.user) + .then(async (res) => { + if (res === "ok") { + // 打开项目 + await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) + } + }) + }) + } else { + // 公钥已上传,直接打开项目 + await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) + } + } + }) } else if (devstar_username === this.user.getUsernameFromLocal()) { // 如果同用户已经登录,则忽略; // 直接打开项目 @@ -65,27 +73,33 @@ export class DevStarExtension { const selection = await vscode.window.showWarningMessage(`已登录用户:${this.user.getUsernameFromLocal()},是否切换用户?`, 'Yes', 'No',); if (selection === 'Yes') { - this.user.setUserTokenToLocal(access_token); - this.user.setUsernameToLocal(devstar_username); + await devstarAPIHandler.verifyToken(access_token, devstar_username) + .then(async (res) => { + if (res === 'ok') { + // token与用户名验证通过 + // 插件登录:存储token与用户名 + this.user.setUserTokenToLocal(access_token) + this.user.setUsernameToLocal(devstar_username) - // 检查本地是否有用户所属公钥,没有则创建 - if (!this.user.existUserPublicKey()) { - await this.user.createUserSSHKey() - .then(async () => { - // 上传公钥 - const devstarAPIHandler = new DevstarAPIHandler() - await devstarAPIHandler.uploadUserPublicKey(this.user) - .then(async (res) => { - if (res === "ok") { - // 打开项目 - await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) - } - }) - }) - } else { - // 直接打开项目 - await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) - } + // 检查本地是否有用户所属公钥,没有则创建 + if (!this.user.existUserPublicKey()) { + await this.user.createUserSSHKey() + .then(async () => { + // 上传公钥 + await devstarAPIHandler.uploadUserPublicKey(this.user) + .then(async (res) => { + if (res === "ok") { + // 打开项目 + await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) + } + }) + }) + } else { + // 公钥已上传,直接打开项目 + await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path) + } + } + }) } else if (selection === 'No') { await openProjectWithoutLogging(container_host, container_port, container_username, project_path); }