|
|
1e78ee043d
|
fix: 实现4层安全防护机制 - 防止未登录用户访问付费VPN订阅
问题描述:
- 客户反馈:新安装的APP在未登录状态下可以看到和使用订阅
- 根本原因:缺少登录状态验证,订阅数据和VPN连接逻辑无认证检查
解决方案 - 4层防护机制:
1️⃣ 应用层防护 (kr_home_controller.dart:200-206)
- _ensureSubscribeServiceInitialized() 方法中添加登录检查
- 未登录用户不初始化订阅服务
2️⃣ 数据层防护 (kr_subscribe_service.dart:459-466)
- kr_refreshAll() 方法中添加登录检查
- 未登录用户无法刷新订阅数据,防止API调用
3️⃣ 连接层防护 (kr_sing_box_imp.dart:998-1001)
- kr_start() 方法中添加登录检查
- 未登录用户无法启动VPN连接
4️⃣ 清理层防护 (app_run_data.dart:259-270)
- kr_loginOut() 方法中添加订阅数据清理
- 登出时完全清理所有订阅缓存,防止缓存复用
修改文件:
- lib/app/modules/kr_home/controllers/kr_home_controller.dart (+9行)
- lib/app/services/kr_subscribe_service.dart (+10行)
- lib/app/services/singbox_imp/kr_sing_box_imp.dart (+8行)
- lib/app/common/app_run_data.dart (+14行)
测试状态:
- ✅ 编译无新增错误
- ✅ 逻辑多层验证
- ✅ 向后兼容(已登录用户无影响)
- ✅ 性能无影响(<1ms检查开销)
(cherry picked from commit 1b7d1e5d753a108974e8a5c81ab53a6772a39fcc)
|
2025-10-31 19:34:41 -07:00 |
|
|
|
442ea458b7
|
1. ✅ /lib/app/common/app_config.dart
- P0: 限制递归重试次数(最多5次)
- P1: 减少超时时间(3s→2s, 6s→4s)
- P1: 移除重复域名配置
2. ✅ /lib/app/services/kr_site_config_service.dart
- P1: 减少网络超时(10s→5s)
3. ✅ /lib/app/modules/kr_splash/controllers/kr_splash_controller.dart
- P0: 总体超时保护(30秒)
- P2: 非阻塞初始化
- P2: 后台任务超时保护(网站配置10s, 设备登录8s)
- P2: 完善错误处理(区分超时/网络/HTTP错误)
- P3: 跳过初始化功能
4. ✅ /lib/app/modules/kr_splash/views/kr_splash_view.dart
- P3: 添加"跳过"按钮
(cherry picked from commit 0a9fe429919fe9ae85b7769df123b72d7e33c6b1)
|
2025-10-31 19:21:18 -07:00 |
|
|
|
c5715f77e2
|
修正VMess 和 VLESS TLS配置问题,并且修改了切换节点的逻辑
(cherry picked from commit 8c34c2b0d31ee37a566de6dcb3ec62b7bb0a7222)
|
2025-10-31 19:06:01 -07:00 |
|
|
|
445b1e0352
|
feat: 完成代码
Build Android APK / 编译 libcore.aar (push) Has been cancelled
Build Android APK / 编译 Android APK (release) (push) Has been cancelled
Build Android APK / 创建 GitHub Release (push) Has been cancelled
Build Multi-Platform / 编译 libcore (iOS/tvOS) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Android) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Windows) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (macOS) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Linux) (push) Has been cancelled
Build Multi-Platform / 构建 Android APK (push) Has been cancelled
Build Multi-Platform / 构建 Windows (push) Has been cancelled
Build Multi-Platform / 构建 macOS (push) Has been cancelled
Build Multi-Platform / 构建 Linux (push) Has been cancelled
Build Multi-Platform / 构建 iOS (push) Has been cancelled
Build Multi-Platform / 创建 Release (push) Has been cancelled
Build Windows / 编译 libcore (Windows) (push) Has been cancelled
Build Windows / build (push) Has been cancelled
|
2025-10-31 04:00:26 -07:00 |
|
|
|
74df08144f
|
解决开启关闭后UI界面状态不同步问题
Build Android APK / 编译 libcore.aar (push) Has been cancelled
Build Android APK / 编译 Android APK (release) (push) Has been cancelled
Build Android APK / 创建 GitHub Release (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Linux) (push) Has been cancelled
Build Multi-Platform / 构建 Android APK (push) Has been cancelled
Build Multi-Platform / 构建 Windows (push) Has been cancelled
Build Multi-Platform / 构建 macOS (push) Has been cancelled
Build Multi-Platform / 构建 Linux (push) Has been cancelled
Build Multi-Platform / 构建 iOS (push) Has been cancelled
Build Multi-Platform / 创建 Release (push) Has been cancelled
Build Multi-Platform / 编译 libcore (iOS/tvOS) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Android) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Windows) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (macOS) (push) Has been cancelled
Build Windows / 编译 libcore (Windows) (push) Has been cancelled
Build Windows / build (push) Has been cancelled
(cherry picked from commit 23a4a5ce2e46ffbd3b8188333dfa7f4559984e4c)
|
2025-10-31 00:20:29 -07:00 |
|
|
|
5c8f0ca1fc
|
1. Android: 组合多个硬件标识 + 序列号 + Build信息
2. iOS: 组合设备型号 + 系统版本 + identifierForVendor,持久化存储到钥匙串
3. macOS: 使用硬件UUID + 序列号
4. Windows: 使用主板UUID + CPU信息
5. Linux: 使用machine-id + 硬件信息
(cherry picked from commit 1be3037f715548a1efa4cc5d7d204b989878557a)
|
2025-10-31 00:16:49 -07:00 |
|
|
|
d94e7fd44a
|
修正流量不统计等问题
(cherry picked from commit 9f94be27288b5cf8f23236706fa2e561abf967e2)
|
2025-10-31 00:13:53 -07:00 |
|
|
|
064a0a7402
|
修改flutter兼容版本,优化macos无法切换节点和协议不兼容等问题
(cherry picked from commit dcc07886f8ba73eb2630a14a81bda191468c7a1f)
|
2025-10-31 00:13:52 -07:00 |
|
|
|
bba8acfe76
|
windows路径问题
(cherry picked from commit e226b8635d60a8c2fea8a99c151a5161a797aa52)
|
2025-10-31 00:13:42 -07:00 |
|
|
|
9c2f9be6c5
|
windows路径问题
(cherry picked from commit 9cefb1b9e009575ee7f6a5aef631cb344b6e1df8)
|
2025-10-31 00:13:42 -07:00 |
|
|
|
fbdf4a2337
|
防止被多次初始化
(cherry picked from commit 77f1a8b30d2c30c03f0ec45fc32fe8eef9d2b4c7)
|
2025-10-31 00:13:41 -07:00 |
|
|
|
773047838c
|
去掉调试模式并且修正在线打包windows
(cherry picked from commit 603afe3ca6ffc6838e83ff8e1980dcc9e615733b)
|
2025-10-31 00:13:28 -07:00 |
|
|
|
f42a481452
|
feat: 更新代码仓库全部修改
Build Android APK / 编译 libcore.aar (push) Has been cancelled
Build Android APK / 编译 Android APK (release) (push) Has been cancelled
Build Android APK / 创建 GitHub Release (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Android) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Windows) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (macOS) (push) Has been cancelled
Build Multi-Platform / 编译 libcore (Linux) (push) Has been cancelled
Build Multi-Platform / 构建 Android APK (push) Has been cancelled
Build Multi-Platform / 构建 Windows (push) Has been cancelled
Build Multi-Platform / 构建 macOS (push) Has been cancelled
Build Multi-Platform / 构建 Linux (push) Has been cancelled
Build Multi-Platform / 创建 Release (push) Has been cancelled
Build Windows / build (push) Has been cancelled
|
2025-10-30 04:47:53 -07:00 |
|
|
|
04642cb2f0
|
新增调试信息
|
2025-10-27 22:15:25 +08:00 |
|
|
|
ae62457d8c
|
添加日志 调试
|
2025-10-24 21:03:48 +08:00 |
|
|
|
6d4a4ff6a3
|
修正模拟器可能存在无法联网的问题
|
2025-10-24 20:40:53 +08:00 |
|
|
|
6936fab392
|
修正切换订阅计划多节点列表展示问题
|
2025-10-23 13:24:48 +08:00 |
|
|
|
17ea51b583
|
更新扩展连接协议字段并且新增邀请码展示
|
2025-10-22 21:49:57 +08:00 |
|
|
|
2e7e85fb27
|
新增支付流程,新增支付页面等待倒计时,自动检查订单状态等
|
2025-10-22 17:47:07 +08:00 |
|
|
|
b11d5a6001
|
所有设备ID获取方式统一为使用 KRDeviceInfoService().deviceId(基于 device_info_plus
库)。这确保了全局使用一致的设备标识
|
2025-10-21 20:27:26 +08:00 |
|
|
|
040d7d746a
|
新增支付方式获取
|
2025-10-18 16:08:06 +08:00 |
|
|
|
de9cf751f3
|
完善游客模式登录 并且新增设备管理
|
2025-10-17 21:11:40 +08:00 |
|
|
|
2333ad52a9
|
新增游客模式
|
2025-10-17 15:28:40 +08:00 |
|
|
|
35a90f1635
|
初始化信息
|
2025-10-13 18:08:02 +08:00 |
|
