security: verify token and username before storing

2025-03-23 17:17:32 +08:00
parent fe52e2bf8f
commit a55ee0cf90
1 changed files with 54 additions and 40 deletions
--- a/src/main.ts
+++ b/src/main.ts
@@ -17,6 +17,8 @@ export class DevStarExtension {
    const handler = vscode.window.registerUriHandler({
      handleUri: async (uri: vscode.Uri) => {
        const devstarAPIHandler = new DevstarAPIHandler()
        if (uri.path === '/openProject') {
          const params = new URLSearchParams(uri.query);
          const host = params.get('host');
@@ -35,6 +37,11 @@ export class DevStarExtension {
            if (access_token && devstar_username) {
              if (!this.user.isLogged()) {
                // 如果没有用户登录，则直接登录;
                await devstarAPIHandler.verifyToken(access_token, devstar_username)
                  .then(async (res) => {
                    if (res === 'ok') {
                      // token与用户名验证通过
                      // 插件登录：存储token与用户名
                      this.user.setUserTokenToLocal(access_token)
                      this.user.setUsernameToLocal(devstar_username)
@@ -43,7 +50,6 @@ export class DevStarExtension {
                        await this.user.createUserSSHKey()
                          .then(async () => {
                            // 上传公钥
                      const devstarAPIHandler = new DevstarAPIHandler()
                            await devstarAPIHandler.uploadUserPublicKey(this.user)
                              .then(async (res) => {
                                if (res === "ok") {
@@ -53,9 +59,11 @@ export class DevStarExtension {
                              })
                          })
                      } else {
-                  // 直接打开项目
+                        // 公钥已上传，直接打开项目
                        await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path)
                      }
                    }
                  })
              } else if (devstar_username === this.user.getUsernameFromLocal()) {
                // 如果同用户已经登录，则忽略；
                // 直接打开项目
@@ -65,15 +73,19 @@ export class DevStarExtension {
                const selection = await vscode.window.showWarningMessage(`已登录用户：${this.user.getUsernameFromLocal()}，是否切换用户？`,
                  'Yes', 'No',);
                if (selection === 'Yes') {
-                  this.user.setUserTokenToLocal(access_token);
+                  await devstarAPIHandler.verifyToken(access_token, devstar_username)
-                  this.user.setUsernameToLocal(devstar_username);
+                  .then(async (res) => {
                    if (res === 'ok') {
                      // token与用户名验证通过
                      // 插件登录：存储token与用户名
                      this.user.setUserTokenToLocal(access_token)
                      this.user.setUsernameToLocal(devstar_username)
                      // 检查本地是否有用户所属公钥，没有则创建
                      if (!this.user.existUserPublicKey()) {
                        await this.user.createUserSSHKey()
                          .then(async () => {
                            // 上传公钥
                        const devstarAPIHandler = new DevstarAPIHandler()
                            await devstarAPIHandler.uploadUserPublicKey(this.user)
                              .then(async (res) => {
                                if (res === "ok") {
@@ -83,9 +95,11 @@ export class DevStarExtension {
                              })
                          })
                      } else {
-                    // 直接打开项目
+                        // 公钥已上传，直接打开项目
                        await this.remoteContainer.firstOpenProject(container_host, container_port, container_username, project_path)
                      }
                    }
                  })
                } else if (selection === 'No') {
                  await openProjectWithoutLogging(container_host, container_port, container_username, project_path);
                }