Feat: sign auth middleware
This commit is contained in:
HFO4
parent
36d5f51495
commit
ea7f034332
4 changed files with 45 additions and 8 deletions
|
|
@ -1,22 +1,22 @@
|
||||||
package middleware
|
package middleware
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
|
||||||
"github.com/HFO4/cloudreve/models"
|
"github.com/HFO4/cloudreve/models"
|
||||||
|
"github.com/HFO4/cloudreve/pkg/auth"
|
||||||
"github.com/HFO4/cloudreve/pkg/serializer"
|
"github.com/HFO4/cloudreve/pkg/serializer"
|
||||||
"github.com/gin-contrib/sessions"
|
"github.com/gin-contrib/sessions"
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
)
|
)
|
||||||
|
|
||||||
// SignRequired 验证请求签名
|
// SignRequired 验证请求签名
|
||||||
|
// TODO 测试
|
||||||
func SignRequired() gin.HandlerFunc {
|
func SignRequired() gin.HandlerFunc {
|
||||||
return func(c *gin.Context) {
|
return func(c *gin.Context) {
|
||||||
// 获取待验证的签名正文
|
err := auth.CheckURI(c.Request.URL)
|
||||||
queries := c.Request.URL.Query()
|
if err != nil {
|
||||||
queries.Del("sign")
|
c.JSON(200, serializer.Err(serializer.CodeCheckLogin, err.Error(), err))
|
||||||
c.Request.URL.RawQuery = queries.Encode()
|
c.Abort()
|
||||||
requestURI := c.Request.URL.RequestURI()
|
}
|
||||||
fmt.Println(requestURI)
|
|
||||||
c.Next()
|
c.Next()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -40,6 +40,18 @@ func SignURI(uri string, expires int64) (*url.URL, error) {
|
||||||
return base, nil
|
return base, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// CheckURI 对URI进行鉴权
|
||||||
|
func CheckURI(url *url.URL) error {
|
||||||
|
//获取待验证的签名正文
|
||||||
|
queries := url.Query()
|
||||||
|
sign := queries.Get("sign")
|
||||||
|
queries.Del("sign")
|
||||||
|
url.RawQuery = queries.Encode()
|
||||||
|
requestURI := url.RequestURI()
|
||||||
|
|
||||||
|
return General.Check(requestURI, sign)
|
||||||
|
}
|
||||||
|
|
||||||
// Init 初始化通用鉴权器
|
// Init 初始化通用鉴权器
|
||||||
// TODO slave模式下从配置文件获取
|
// TODO slave模式下从配置文件获取
|
||||||
func Init() {
|
func Init() {
|
||||||
|
|
|
||||||
|
|
@ -18,7 +18,19 @@ import (
|
||||||
|
|
||||||
// AnonymousGetContent 匿名获取文件资源
|
// AnonymousGetContent 匿名获取文件资源
|
||||||
func AnonymousGetContent(c *gin.Context) {
|
func AnonymousGetContent(c *gin.Context) {
|
||||||
c.JSON(200, serializer.Response{})
|
// 创建上下文
|
||||||
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
|
defer cancel()
|
||||||
|
|
||||||
|
var service explorer.FileAnonymousGetService
|
||||||
|
if err := c.ShouldBind(&service); err == nil {
|
||||||
|
res := service.Download(ctx, c)
|
||||||
|
if res.Code != 0 {
|
||||||
|
c.JSON(200, res)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
c.JSON(200, ErrorResponse(err))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetSource 获取文件的外链地址
|
// GetSource 获取文件的外链地址
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,19 @@ type FileDownloadService struct {
|
||||||
Path string `uri:"path" binding:"required,min=1,max=65535"`
|
Path string `uri:"path" binding:"required,min=1,max=65535"`
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type FileAnonymousGetService struct {
|
||||||
|
ID uint `uri:"id" binding:"required,min=1"`
|
||||||
|
Name string `uri:"name" binding:"required"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// Download 签名的匿名文件下载
|
||||||
|
func (service *FileAnonymousGetService) Download(ctx context.Context, c *gin.Context) serializer.Response {
|
||||||
|
|
||||||
|
return serializer.Response{
|
||||||
|
Code: 0,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Download 文件下载
|
// Download 文件下载
|
||||||
func (service *FileDownloadService) Download(ctx context.Context, c *gin.Context) serializer.Response {
|
func (service *FileDownloadService) Download(ctx context.Context, c *gin.Context) serializer.Response {
|
||||||
// 创建文件系统
|
// 创建文件系统
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue