Cloudreve/middleware/auth.go

package middleware

import (
	"github.com/HFO4/cloudreve/models"
	"github.com/HFO4/cloudreve/pkg/auth"
	"github.com/HFO4/cloudreve/pkg/serializer"
	"github.com/gin-contrib/sessions"
	"github.com/gin-gonic/gin"
	"net/http"
)

// SignRequired 验证请求签名
func SignRequired() gin.HandlerFunc {
	return func(c *gin.Context) {
		err := auth.CheckURI(c.Request.URL)
		if err != nil {
			c.JSON(200, serializer.Err(serializer.CodeCheckLogin, err.Error(), err))
			c.Abort()
		}
		c.Next()
	}
}

// CurrentUser 获取登录用户
func CurrentUser() gin.HandlerFunc {
	return func(c *gin.Context) {
		session := sessions.Default(c)
		uid := session.Get("user_id")
		if uid != nil {
			user, err := model.GetUserByID(uid)
			if err == nil {
				c.Set("user", &user)
			}
		}
		c.Next()
	}
}

// AuthRequired 需要登录
func AuthRequired() gin.HandlerFunc {
	return func(c *gin.Context) {
		if user, _ := c.Get("user"); user != nil {
			if _, ok := user.(*model.User); ok {
				c.Next()
				return
			}
		}

		c.JSON(200, serializer.CheckLogin())
		c.Abort()
	}
}

// WebDAVAuth 验证WebDAV登录及权限
func WebDAVAuth() gin.HandlerFunc {
	return func(c *gin.Context) {
		// OPTIONS 请求不需要鉴权，否则Windows10下无法保存文档
		if c.Request.Method == "OPTIONS" {
			c.Next()
			return
		}

		username, password, ok := c.Request.BasicAuth()
		if !ok {
			c.Writer.Header()["WWW-Authenticate"] = []string{`Basic realm="cloudreve"`}
			c.Status(http.StatusUnauthorized)
			c.Abort()
			return
		}

		expectedUser, err := model.GetUserByEmail(username)
		if err != nil {
			c.Status(http.StatusUnauthorized)
			c.Abort()
			return
		}

		// 密码正确？
		ok, _ = expectedUser.CheckPassword(password)
		if !ok {
			c.Status(http.StatusUnauthorized)
			c.Abort()
			return
		}

		// 用户组已启用WebDAV？
		if !expectedUser.Group.WebDAVEnabled {
			c.Status(http.StatusForbidden)
			c.Abort()
			return
		}

		c.Set("user", &expectedUser)
		c.Next()
	}
}
-												Feat: User/Me

											
										
										
											2019-11-12 02:34:54 -05:00
+								package middleware
 								import (
-												Modify: package name

											
										
										
											2019-11-16 03:11:37 -05:00
+									"github.com/HFO4/cloudreve/models"
-												Feat: sign auth middleware

											
										
										
											2019-12-10 07:17:21 -05:00
+									"github.com/HFO4/cloudreve/pkg/auth"
-												Modify: package name

											
										
										
											2019-11-16 03:11:37 -05:00
+									"github.com/HFO4/cloudreve/pkg/serializer"
-												Feat: User/Me

											
										
										
											2019-11-12 02:34:54 -05:00
+									"github.com/gin-contrib/sessions"
 									"github.com/gin-gonic/gin"
-												Fix: unable to save office file in root directory of WebDAV

											
										
										
											2019-12-21 05:32:13 -05:00
+									"net/http"
-												Feat: User/Me

											
										
										
											2019-11-12 02:34:54 -05:00
+								)
-												Feat: sign file source url

											
										
										
											2019-12-10 04:10:34 -05:00
+								// SignRequired 验证请求签名
 								func SignRequired() gin.HandlerFunc {
 									return func(c *gin.Context) {
-												Feat: sign auth middleware

											
										
										
											2019-12-10 07:17:21 -05:00
+										err := auth.CheckURI(c.Request.URL)
 										if err != nil {
 											c.JSON(200, serializer.Err(serializer.CodeCheckLogin, err.Error(), err))
 											c.Abort()
 										}
-												Feat: sign file source url

											
										
										
											2019-12-10 04:10:34 -05:00
+										c.Next()
 									}
 								}
-												Feat: User/Me

											
										
										
											2019-11-12 02:34:54 -05:00
+								// CurrentUser 获取登录用户
 								func CurrentUser() gin.HandlerFunc {
 									return func(c *gin.Context) {
 										session := sessions.Default(c)
 										uid := session.Get("user_id")
 										if uid != nil {
 											user, err := model.GetUserByID(uid)
 											if err == nil {
 												c.Set("user", &user)
 											}
 										}
 										c.Next()
 									}
 								}
 								// AuthRequired 需要登录
 								func AuthRequired() gin.HandlerFunc {
 									return func(c *gin.Context) {
 										if user, _ := c.Get("user"); user != nil {
 											if _, ok := user.(*model.User); ok {
 												c.Next()
 												return
 											}
 										}
 										c.JSON(200, serializer.CheckLogin())
 										c.Abort()
 									}
 								}
-												Fix: unable to save office file in root directory of WebDAV

											
										
										
											2019-12-21 05:32:13 -05:00
 								// WebDAVAuth 验证WebDAV登录及权限
 								func WebDAVAuth() gin.HandlerFunc {
 									return func(c *gin.Context) {
 										// OPTIONS 请求不需要鉴权，否则Windows10下无法保存文档
 										if c.Request.Method == "OPTIONS" {
 											c.Next()
 											return
 										}
 										username, password, ok := c.Request.BasicAuth()
 										if !ok {
 											c.Writer.Header()["WWW-Authenticate"] = []string{`Basic realm="cloudreve"`}
 											c.Status(http.StatusUnauthorized)
 											c.Abort()
 											return
 										}
 										expectedUser, err := model.GetUserByEmail(username)
 										if err != nil {
 											c.Status(http.StatusUnauthorized)
 											c.Abort()
 											return
 										}
 										// 密码正确？
 										ok, _ = expectedUser.CheckPassword(password)
 										if !ok {
 											c.Status(http.StatusUnauthorized)
 											c.Abort()
 											return
 										}
 										// 用户组已启用WebDAV？
 										if !expectedUser.Group.WebDAVEnabled {
 											c.Status(http.StatusForbidden)
 											c.Abort()
 											return
 										}
 										c.Set("user", &expectedUser)
 										c.Next()
 									}
 								}