From ad02a659a6a06cd0101377e90011619a582d949f Mon Sep 17 00:00:00 2001
From: HFO4 <912394456@qq.com>
Date: Fri, 13 Dec 2019 19:00:58 +0800
Subject: [PATCH] Feat: read CORS config from file

---
 models/migration.go         |  3 ++-
 pkg/conf/conf.go            | 11 +++++++++++
 pkg/conf/defaults.go        | 10 ++++++++++
 routers/router.go           | 19 ++++++++++++-------
 service/explorer/objects.go |  9 +++++++--
 5 files changed, 42 insertions(+), 10 deletions(-)

diff --git a/models/migration.go b/models/migration.go
index 96d02d1..35178cd 100644
--- a/models/migration.go
+++ b/models/migration.go
@@ -96,7 +96,8 @@ func addDefaultSettings() {
 solid #e9e9e9;"bgcolor="#fff"><tbody><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="alert alert-warning"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 16px; vertical-align: top; color: #fff; font-weight: 500; text-align: center; border-radius: 3px 3px 0 0; background-color: #FF9F00; margin: 0; padding: 20px;"align="center"bgcolor="#FF9F00"valign="top">容量超额警告</td></tr><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="content-wrap"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; vertical-align: top; margin: 0; padding: 20px;"valign="top"><table width="100%"cellpadding="0"cellspacing="0"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><tbody><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="content-block"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; vertical-align: top; margin: 0; padding: 0 0 20px;"valign="top">亲爱的<strong style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;">{userName}</strong>：</td></tr><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="content-block"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; vertical-align: top; margin: 0; padding: 0 0 20px;"valign="top">由于{notifyReason}，您在{siteTitle}的账户的容量使用超出配额，您将无法继续上传新文件，请尽快清理文件，否则我们将会禁用您的账户。</td></tr><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="content-block"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; vertical-align: top; margin: 0; padding: 0 0 20px;"valign="top"><a href="{siteUrl}Login"class="btn-primary"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; color: #FFF; text-decoration: none; line-height: 2em; font-weight: bold; text-align: center; cursor: pointer; display: inline-block; border-radius: 5px; text-transform: capitalize; background-color: #348eda; margin: 0; border-color: #348eda; border-style: solid; border-width: 10px 20px;">登录{siteTitle}</a></td></tr><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="content-block"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; vertical-align: top; margin: 0; padding: 0 0 20px;"valign="top">感谢您选择{siteTitle}。</td></tr></tbody></table></td></tr></tbody></table><div class="footer"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; width: 100%; clear: both; color: #999; margin: 0; padding: 20px;"><table width="100%"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><tbody><tr style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; margin: 0;"><td class="aligncenter content-block"style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 12px; vertical-align: top; color: #999; text-align: center; margin: 0; padding: 0 0 20px;"align="center"valign="top">此邮件由系统自动发送，请不要直接回复。</td></tr></tbody></table></div></div></td><td style="font-family: 'Helvetica Neue',Helvetica,Arial,sans-serif; box-sizing: border-box; font-size: 14px; vertical-align: top; margin: 0;"valign="top"></td></tr></tbody></table>`, Type: "mail_template"},
 		{Name: "ban_time", Value: `10`, Type: "storage_policy"},
 		{Name: "maxEditSize", Value: `100000`, Type: "file_edit"},
-		{Name: "timeout", Value: `3600`, Type: "oss"},
+		{Name: "oss_timeout", Value: `3600`, Type: "timeout"},
+		{Name: "local_archive_timeout", Value: `30`, Type: "timeout"},
 		{Name: "allowdVisitorDownload", Value: `false`, Type: "share"},
 		{Name: "login_captcha", Value: `0`, Type: "login"},
 		{Name: "qq_login", Value: `0`, Type: "login"},
diff --git a/pkg/conf/conf.go b/pkg/conf/conf.go
index 7a8e2b7..07484f6 100644
--- a/pkg/conf/conf.go
+++ b/pkg/conf/conf.go
@@ -51,6 +51,16 @@ type thumb struct {
 	FileSuffix string `validate:"min=1"`
 }
 
+// 跨域配置
+type cors struct {
+	AllowAllOrigins  bool
+	AllowOrigins     []string
+	AllowMethods     []string
+	AllowHeaders     []string
+	AllowCredentials bool
+	ExposeHeaders    []string
+}
+
 var cfg *ini.File
 
 // Init 初始化配置文件
@@ -69,6 +79,7 @@ func Init(path string) {
 		"Captcha":   CaptchaConfig,
 		"Redis":     RedisConfig,
 		"Thumbnail": ThumbConfig,
+		"CORS":      CORSConfig,
 	}
 	for sectionName, sectionStruct := range sections {
 		err = mapSection(sectionName, sectionStruct)
diff --git a/pkg/conf/defaults.go b/pkg/conf/defaults.go
index 7f58118..771fea5 100644
--- a/pkg/conf/defaults.go
+++ b/pkg/conf/defaults.go
@@ -34,6 +34,16 @@ var CaptchaConfig = &captcha{
 	CaptchaLen:         6,
 }
 
+// CORSConfig 跨域配置
+var CORSConfig = &cors{
+	AllowAllOrigins:  false,
+	AllowOrigins:     []string{"UNSET"},
+	AllowMethods:     []string{"PUT", "POST", "GET", "OPTIONS"},
+	AllowHeaders:     []string{"Cookie", "Content-Length", "Content-Type", "X-Path", "X-FileName"},
+	AllowCredentials: true,
+	ExposeHeaders:    nil,
+}
+
 var ThumbConfig = &thumb{
 	MaxWidth:   400,
 	MaxHeight:  300,
diff --git a/routers/router.go b/routers/router.go
index d5138c2..b93b381 100644
--- a/routers/router.go
+++ b/routers/router.go
@@ -4,6 +4,7 @@ import (
 	"github.com/HFO4/cloudreve/middleware"
 	"github.com/HFO4/cloudreve/pkg/conf"
 	"github.com/HFO4/cloudreve/routers/controllers"
+	"github.com/gin-contrib/cors"
 	"github.com/gin-contrib/pprof"
 	"github.com/gin-gonic/gin"
 )
@@ -18,13 +19,17 @@ func InitRouter() *gin.Engine {
 	*/
 	r.Use(middleware.Session(conf.SystemConfig.SessionSecret))
 
-	//// CORS TODO: 根据配置文件来
-	//r.Use(cors.New(cors.Config{
-	//	AllowOrigins:     []string{"http://localhost:3000"},
-	//	AllowMethods:     []string{"PUT", "POST", "GET", "OPTIONS"},
-	//	AllowHeaders:     []string{"Cookie", "Content-Length", "Content-Type", "X-Path", "X-FileName"},
-	//	AllowCredentials: true,
-	//}))
+	// CORS TODO: 根据配置文件来
+	if conf.CORSConfig.AllowOrigins[0] != "UNSET" || conf.CORSConfig.AllowAllOrigins {
+		r.Use(cors.New(cors.Config{
+			AllowOrigins:     conf.CORSConfig.AllowOrigins,
+			AllowAllOrigins:  conf.CORSConfig.AllowAllOrigins,
+			AllowMethods:     conf.CORSConfig.AllowHeaders,
+			AllowHeaders:     conf.CORSConfig.AllowHeaders,
+			AllowCredentials: conf.CORSConfig.AllowCredentials,
+			ExposeHeaders:    conf.CORSConfig.ExposeHeaders,
+		}))
+	}
 
 	// 测试模式加入Mock助手中间件
 	if gin.Mode() == gin.TestMode {
diff --git a/service/explorer/objects.go b/service/explorer/objects.go
index 5aa56ec..85d881b 100644
--- a/service/explorer/objects.go
+++ b/service/explorer/objects.go
@@ -12,6 +12,7 @@ import (
 	"github.com/HFO4/cloudreve/pkg/util"
 	"github.com/gin-gonic/gin"
 	"net/url"
+	"strconv"
 	"time"
 )
 
@@ -60,14 +61,18 @@ func (service *ItemService) Archive(ctx context.Context, c *gin.Context) seriali
 		return serializer.Err(serializer.CodeNotSet, "无法解析站点URL", err)
 	}
 	zipID := util.RandStringRunes(16)
+	ttl, err := strconv.Atoi(model.GetSettingByName("local_archive_timeout"))
+	if err != nil {
+		ttl = 30
+	}
 	signedURI, err := auth.SignURI(
 		fmt.Sprintf("/api/v3/file/archive/%s/archive.zip", zipID),
-		time.Now().Unix()+30,
+		time.Now().Unix()+int64(ttl),
 	)
 	finalURL := siteURL.ResolveReference(signedURI).String()
 
 	// 将压缩文件记录存入缓存
-	err = cache.Set("archive_"+zipID, zipFile, 30)
+	err = cache.Set("archive_"+zipID, zipFile, ttl)
 	if err != nil {
 		return serializer.Err(serializer.CodeIOFailed, "无法写入缓存", err)
 	}