修复文件管理器凭证认证问题:支持加密凭证和新密钥字段
主要修复: - 导入 EncryptedDBOperations 支持加密凭证解密 - 优先使用 privateKey 字段,向后兼容 key 字段 - 统一凭证解析逻辑与终端保持一致 - 修复日志信息格式 这解决了使用凭证的SSH主机在文件管理器中无法认证的核心问题。 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
ZacharyZcR
@@ -5,6 +5,7 @@ import { db } from "../database/db/index.js";
|
|||||||
import { sshCredentials } from "../database/db/schema.js";
|
import { sshCredentials } from "../database/db/schema.js";
|
||||||
import { eq, and } from "drizzle-orm";
|
import { eq, and } from "drizzle-orm";
|
||||||
import { fileLogger } from "../utils/logger.js";
|
import { fileLogger } from "../utils/logger.js";
|
||||||
|
import { EncryptedDBOperations } from "../utils/encrypted-db-operations.js";
|
||||||
|
|
||||||
// 可执行文件检测工具函数
|
// 可执行文件检测工具函数
|
||||||
function isExecutableFile(permissions: string, fileName: string): boolean {
|
function isExecutableFile(permissions: string, fileName: string): boolean {
|
||||||
@@ -104,56 +105,47 @@ app.post("/ssh/file_manager/ssh/connect", async (req, res) => {
|
|||||||
let resolvedCredentials = { password, sshKey, keyPassword, authType };
|
let resolvedCredentials = { password, sshKey, keyPassword, authType };
|
||||||
if (credentialId && hostId && userId) {
|
if (credentialId && hostId && userId) {
|
||||||
try {
|
try {
|
||||||
const credentials = await db
|
const credentials = await EncryptedDBOperations.select(
|
||||||
.select()
|
db.select().from(sshCredentials).where(
|
||||||
.from(sshCredentials)
|
|
||||||
.where(
|
|
||||||
and(
|
and(
|
||||||
eq(sshCredentials.id, credentialId),
|
eq(sshCredentials.id, credentialId),
|
||||||
eq(sshCredentials.userId, userId),
|
eq(sshCredentials.userId, userId),
|
||||||
),
|
),
|
||||||
|
),
|
||||||
|
'ssh_credentials'
|
||||||
);
|
);
|
||||||
|
|
||||||
if (credentials.length > 0) {
|
if (credentials.length > 0) {
|
||||||
const credential = credentials[0];
|
const credential = credentials[0];
|
||||||
resolvedCredentials = {
|
resolvedCredentials = {
|
||||||
password: credential.password,
|
password: credential.password,
|
||||||
sshKey: credential.key,
|
sshKey: credential.privateKey || credential.key, // prefer new privateKey field
|
||||||
keyPassword: credential.keyPassword,
|
keyPassword: credential.keyPassword,
|
||||||
authType: credential.authType,
|
authType: credential.authType,
|
||||||
};
|
};
|
||||||
} else {
|
} else {
|
||||||
fileLogger.warn("No credentials found in database for file manager", {
|
fileLogger.warn(`No credentials found for host ${hostId}`, {
|
||||||
operation: "file_connect",
|
operation: "ssh_credentials",
|
||||||
sessionId,
|
|
||||||
hostId,
|
hostId,
|
||||||
credentialId,
|
credentialId,
|
||||||
userId,
|
userId,
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
} catch (error) {
|
} catch (error) {
|
||||||
fileLogger.warn(
|
fileLogger.warn(`Failed to resolve credentials for host ${hostId}`, {
|
||||||
"Failed to resolve credentials from database for file manager",
|
operation: "ssh_credentials",
|
||||||
{
|
|
||||||
operation: "file_connect",
|
|
||||||
sessionId,
|
|
||||||
hostId,
|
hostId,
|
||||||
credentialId,
|
credentialId,
|
||||||
error: error instanceof Error ? error.message : "Unknown error",
|
error: error instanceof Error ? error.message : "Unknown error",
|
||||||
},
|
});
|
||||||
);
|
|
||||||
}
|
}
|
||||||
} else if (credentialId && hostId) {
|
} else if (credentialId && hostId) {
|
||||||
fileLogger.warn(
|
fileLogger.warn("Missing userId for credential resolution in file manager", {
|
||||||
"Missing userId for credential resolution in file manager",
|
operation: "ssh_credentials",
|
||||||
{
|
|
||||||
operation: "file_connect",
|
|
||||||
sessionId,
|
|
||||||
hostId,
|
hostId,
|
||||||
credentialId,
|
credentialId,
|
||||||
hasUserId: !!userId,
|
hasUserId: !!userId,
|
||||||
},
|
});
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
const config: any = {
|
const config: any = {
|
||||||
|
|||||||
Reference in New Issue
Block a user