Infrastructure/Cloudreve
0
Fork 0
Code Issues Pull requests Activity

feat(mobile): only allow request from mobile client to copy session

Browse source
This commit is contained in:
HFO4 2022-12-19 17:35:39 +08:00
parent e4c87483d6
commit bc0c374f00
3 changed files with 21 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
middleware/common.go
View file

@ -3,9 +3,11 @@ package middleware
import ( import (
"fmt" "fmt"
model "github.com/cloudreve/Cloudreve/v3/models" model "github.com/cloudreve/Cloudreve/v3/models"
"github.com/cloudreve/Cloudreve/v3/pkg/auth"
"github.com/cloudreve/Cloudreve/v3/pkg/hashid" "github.com/cloudreve/Cloudreve/v3/pkg/hashid"
"github.com/cloudreve/Cloudreve/v3/pkg/serializer" "github.com/cloudreve/Cloudreve/v3/pkg/serializer"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"net/http"
) )
// HashID 将给定对象的HashID转换为真实ID // HashID 将给定对象的HashID转换为真实ID
@ -60,3 +62,16 @@ func StaticResourceCache() gin.HandlerFunc {
} }
} }
// MobileRequestOnly
func MobileRequestOnly() gin.HandlerFunc {
return func(c *gin.Context) {
if c.GetHeader(auth.CrHeaderPrefix+"ios") == "" {
c.Redirect(http.StatusMovedPermanently, model.GetSiteURL().String())
c.Abort()
return
}
c.Next()
}
}

1
routers/controllers/user.go
View file

@ -395,5 +395,4 @@ func UserPerformCopySession(c *gin.Context) {
} else { } else {
c.JSON(200, ErrorResponse(err)) c.JSON(200, ErrorResponse(err))
} }
} }

7
routers/router.go
View file

@ -234,7 +234,12 @@ func InitMasterRouter() *gin.Engine {
file.GET("archive/:sessionID/archive.zip", controllers.DownloadArchive) file.GET("archive/:sessionID/archive.zip", controllers.DownloadArchive)
} }
sign.GET("user/session/copy/:id", controllers.UserPerformCopySession) // Copy user session
sign.GET(
"user/session/copy/:id",
middleware.MobileRequestOnly(),
controllers.UserPerformCopySession,
)
} }
// 从机的 RPC 通信 // 从机的 RPC 通信