From 5a3c09f4db1657889d01d66c72a36709b33ad447 Mon Sep 17 00:00:00 2001
From: Mmx233 <admin@mmxblog.com>
Date: Thu, 28 Dec 2023 14:53:29 +0800
Subject: [PATCH] =?UTF-8?q?improve:=20passkey=20session=20=E5=AD=98?=
 =?UTF-8?q?=E5=82=A8=E7=A9=BA=E9=97=B4=E9=9A=94=E7=A6=BB?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/api/controllers/public/login/passkey.go  |  8 ++++----
 internal/api/controllers/user/passkey/data.go     |  2 +-
 internal/api/controllers/user/passkey/register.go |  4 ++--
 internal/api/controllers/user/u2f.go              |  2 +-
 internal/db/redis/Passkey.go                      | 12 ++++++++++--
 5 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/internal/api/controllers/public/login/passkey.go b/internal/api/controllers/public/login/passkey.go
index 8677f74..a8aff15 100644
--- a/internal/api/controllers/public/login/passkey.go
+++ b/internal/api/controllers/public/login/passkey.go
@@ -32,11 +32,11 @@ func BeginPasskeyLogin(c *gin.Context) {
 		return
 	}
 
-	identity := tool.NewRand(rand.NewSource(time.Now().UnixNano())).
+	identity := "r" + tool.NewRand(rand.NewSource(time.Now().UnixNano())).
 		WithLetters("qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM").
-		String(passkeyKeyLength)
+		String(passkeyKeyLength-1)
 
-	err = redis.NewPasskey(c.ClientIP(), identity).
+	err = redis.NewPasskey(c.ClientIP(), redis.PasskeyLogin, identity).
 		StoreSession(context.Background(), sessionData, time.Minute*5)
 	if err != nil {
 		callback.Error(c, callback.ErrDBOperation, err)
@@ -69,7 +69,7 @@ func FinishPasskeyLogin(c *gin.Context) {
 	}
 
 	var sessionData webauthn.SessionData
-	err = redis.NewPasskey(c.ClientIP(), identity).
+	err = redis.NewPasskey(c.ClientIP(), redis.PasskeyLogin, identity).
 		ReadSession(context.Background(), &sessionData)
 	if err != nil {
 		if errors.Is(err, redis.Nil) {
diff --git a/internal/api/controllers/user/passkey/data.go b/internal/api/controllers/user/passkey/data.go
index 684c5db..d2fac0a 100644
--- a/internal/api/controllers/user/passkey/data.go
+++ b/internal/api/controllers/user/passkey/data.go
@@ -36,7 +36,7 @@ func PasskeyOptions(c *gin.Context) {
 		return
 	}
 
-	err = redis.NewPasskey(c.ClientIP(), fmt.Sprint(uid)).StoreSession(context.Background(), session, time.Minute*5)
+	err = redis.NewPasskey(c.ClientIP(), redis.PasskeyUser, fmt.Sprint(uid)).StoreSession(context.Background(), session, time.Minute*5)
 	if err != nil {
 		callback.Error(c, callback.ErrDBOperation, err)
 		return
diff --git a/internal/api/controllers/user/passkey/register.go b/internal/api/controllers/user/passkey/register.go
index 7c196ac..1043463 100644
--- a/internal/api/controllers/user/passkey/register.go
+++ b/internal/api/controllers/user/passkey/register.go
@@ -39,7 +39,7 @@ func BeginPasskeyRegistration(c *gin.Context) {
 		callback.Error(c, callback.ErrUnexpected, err)
 	}
 
-	err = redis.NewPasskey(c.ClientIP(), fmt.Sprint(uid)).
+	err = redis.NewPasskey(c.ClientIP(), redis.PasskeyUserRegister, fmt.Sprint(uid)).
 		StoreSession(context.Background(), session, time.Minute*10)
 	if err != nil {
 		callback.Error(c, callback.ErrDBOperation, err)
@@ -53,7 +53,7 @@ func FinishPasskeyRegistration(c *gin.Context) {
 	uid := tools.GetUserInfo(c).UID
 
 	var session webauthn.SessionData
-	err := redis.NewPasskey(c.ClientIP(), fmt.Sprint(uid)).
+	err := redis.NewPasskey(c.ClientIP(), redis.PasskeyUserRegister, fmt.Sprint(uid)).
 		ReadSession(context.Background(), &session)
 	if err != nil {
 		if errors.Is(err, redis.Nil) {
diff --git a/internal/api/controllers/user/u2f.go b/internal/api/controllers/user/u2f.go
index 0fd3f9f..409e99a 100644
--- a/internal/api/controllers/user/u2f.go
+++ b/internal/api/controllers/user/u2f.go
@@ -80,7 +80,7 @@ func BeginU2F(c *gin.Context) {
 		}
 	case "passkey":
 		var sessionData webauthn.SessionData
-		err := redis.NewPasskey(c.ClientIP(), fmt.Sprint(uid)).
+		err := redis.NewPasskey(c.ClientIP(), redis.PasskeyUser, fmt.Sprint(uid)).
 			ReadSession(context.Background(), &sessionData)
 		if err != nil {
 			if errors.Is(err, redis.Nil) {
diff --git a/internal/db/redis/Passkey.go b/internal/db/redis/Passkey.go
index 1de5b06..2794ea3 100644
--- a/internal/db/redis/Passkey.go
+++ b/internal/db/redis/Passkey.go
@@ -6,9 +6,17 @@ import (
 	"time"
 )
 
-func NewPasskey(ip, identity string) Passkey {
+type PasskeyNamespace string
+
+const (
+	PasskeyUser         PasskeyNamespace = "u"
+	PasskeyUserRegister PasskeyNamespace = "ur"
+	PasskeyLogin        PasskeyNamespace = "l"
+)
+
+func NewPasskey(ip string, namespace PasskeyNamespace, identity string) Passkey {
 	return Passkey{
-		key: keyPasskey.String() + "ip" + ip + "id" + identity,
+		key: keyPasskey.String() + "ip" + ip + string(namespace) + identity,
 	}
 }