experimental/clashapi: include user in connection metadata#4138
Open
yagjzx wants to merge 93 commits into
Open
experimental/clashapi: include user in connection metadata#4138yagjzx wants to merge 93 commits into
yagjzx wants to merge 93 commits into
Conversation
`SecTrustEvaluateWithError` is serial
This reverts commit 62cb06c.
Signed-off-by: macronut <4027187+macronut@users.noreply.github.com>
The InboundContext.User field is populated by vless / hysteria2 / anytls inbounds with the matched users[].name, but it is not currently included in the JSON output of /connections in clashapi. Without it, downstream consumers (Clash Meta-compatible dashboards, custom traffic accounting) cannot attribute traffic to a configured user. This adds a single field to the marshalled metadata. For inbounds where no user has been matched (e.g. mixed, socks), the field serializes to the empty string, which is non-breaking for any consumer that ignores unknown fields.
nekohasekai
force-pushed
the
testing
branch
3 times, most recently
from
057f540 to
6b07a22
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The
InboundContext.Userfield is populated by vless / hysteria2 / anytls inbounds with the matchedusers[].name, but it is not currently included in the JSON output of/connectionsin clashapi. Without it, downstream consumers (Clash Meta-compatible dashboards, custom traffic accounting) cannot attribute traffic to a configured user.This adds a single field to the marshalled metadata.
Behaviour
users[].name(e.g."user": "alice").mixed,socks,http, etc.), the field serializes to the empty string. This is non-breaking for any consumer that ignores unknown fields.Verification
Built locally with the project's standard tags. Spun up a vless inbound with two named users (
alice,bob); a client connecting with the alice UUID correctly produced"metadata": { ..., "user": "alice" }in the/connectionsresponse. Connections through a non-user-bearingmixedinbound on the same instance correctly produced"user": "".Why this is useful
Per-user traffic accounting is a common need for any multi-tenant proxy deployment. Today the only way to recover user attribution from clashapi is to give every user their own
inbound.tag(which works viametadata.type) — but that explodes the listening-port footprint and requires per-tenant TLS material. Exposing the existingUserfield is a one-line, zero-cost alternative.