From ea7f034332a3c91dbfcdc3057bf53cd990474ec9 Mon Sep 17 00:00:00 2001
From: HFO4 <912394456@qq.com>
Date: Tue, 10 Dec 2019 20:17:21 +0800
Subject: [PATCH] Feat: sign auth middleware

---
 middleware/auth.go          | 14 +++++++-------
 pkg/auth/auth.go            | 12 ++++++++++++
 routers/controllers/file.go | 14 +++++++++++++-
 service/explorer/file.go    | 13 +++++++++++++
 4 files changed, 45 insertions(+), 8 deletions(-)

diff --git a/middleware/auth.go b/middleware/auth.go
index c295771..963364c 100644
--- a/middleware/auth.go
+++ b/middleware/auth.go
@@ -1,22 +1,22 @@
 package middleware
 
 import (
-	"fmt"
 	"github.com/HFO4/cloudreve/models"
+	"github.com/HFO4/cloudreve/pkg/auth"
 	"github.com/HFO4/cloudreve/pkg/serializer"
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 )
 
 // SignRequired 验证请求签名
+// TODO 测试
 func SignRequired() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		// 获取待验证的签名正文
-		queries := c.Request.URL.Query()
-		queries.Del("sign")
-		c.Request.URL.RawQuery = queries.Encode()
-		requestURI := c.Request.URL.RequestURI()
-		fmt.Println(requestURI)
+		err := auth.CheckURI(c.Request.URL)
+		if err != nil {
+			c.JSON(200, serializer.Err(serializer.CodeCheckLogin, err.Error(), err))
+			c.Abort()
+		}
 		c.Next()
 	}
 }
diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
index 748987f..a000f70 100644
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@@ -40,6 +40,18 @@ func SignURI(uri string, expires int64) (*url.URL, error) {
 	return base, nil
 }
 
+// CheckURI 对URI进行鉴权
+func CheckURI(url *url.URL) error {
+	//获取待验证的签名正文
+	queries := url.Query()
+	sign := queries.Get("sign")
+	queries.Del("sign")
+	url.RawQuery = queries.Encode()
+	requestURI := url.RequestURI()
+
+	return General.Check(requestURI, sign)
+}
+
 // Init 初始化通用鉴权器
 // TODO slave模式下从配置文件获取
 func Init() {
diff --git a/routers/controllers/file.go b/routers/controllers/file.go
index e1acb5e..49ddaaf 100644
--- a/routers/controllers/file.go
+++ b/routers/controllers/file.go
@@ -18,7 +18,19 @@ import (
 
 // AnonymousGetContent 匿名获取文件资源
 func AnonymousGetContent(c *gin.Context) {
-	c.JSON(200, serializer.Response{})
+	// 创建上下文
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	var service explorer.FileAnonymousGetService
+	if err := c.ShouldBind(&service); err == nil {
+		res := service.Download(ctx, c)
+		if res.Code != 0 {
+			c.JSON(200, res)
+		}
+	} else {
+		c.JSON(200, ErrorResponse(err))
+	}
 }
 
 // GetSource 获取文件的外链地址
diff --git a/service/explorer/file.go b/service/explorer/file.go
index 39b115b..5df3bd2 100644
--- a/service/explorer/file.go
+++ b/service/explorer/file.go
@@ -14,6 +14,19 @@ type FileDownloadService struct {
 	Path string `uri:"path" binding:"required,min=1,max=65535"`
 }
 
+type FileAnonymousGetService struct {
+	ID   uint   `uri:"id" binding:"required,min=1"`
+	Name string `uri:"name" binding:"required"`
+}
+
+// Download 签名的匿名文件下载
+func (service *FileAnonymousGetService) Download(ctx context.Context, c *gin.Context) serializer.Response {
+
+	return serializer.Response{
+		Code: 0,
+	}
+}
+
 // Download 文件下载
 func (service *FileDownloadService) Download(ctx context.Context, c *gin.Context) serializer.Response {
 	// 创建文件系统