Feat: sign auth middleware

5 years ago · ea7f034332
parent 36d5f51495
commit ea7f034332
4 changed files with 45 additions and 8 deletions
--- a/middleware/auth.go
+++ b/middleware/auth.go
@ -1,22 +1,22 @@
 package middleware
 import (
 	"fmt"
 	"github.com/HFO4/cloudreve/models"
 	"github.com/HFO4/cloudreve/pkg/auth"
 	"github.com/HFO4/cloudreve/pkg/serializer"
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 )
 // SignRequired 验证请求签名
 // TODO 测试
 func SignRequired() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		// 获取待验证的签名正文
+		err := auth.CheckURI(c.Request.URL)
-		queries := c.Request.URL.Query()
+		if err != nil {
-		queries.Del("sign")
+			c.JSON(200, serializer.Err(serializer.CodeCheckLogin, err.Error(), err))
-		c.Request.URL.RawQuery = queries.Encode()
+			c.Abort()
-		requestURI := c.Request.URL.RequestURI()
+		}
 		fmt.Println(requestURI)
 		c.Next()
 	}
 }
--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@ -40,6 +40,18 @@ func SignURI(uri string, expires int64) (*url.URL, error) {
 	return base, nil
 }
 // CheckURI 对URI进行鉴权
 func CheckURI(url *url.URL) error {
 	//获取待验证的签名正文
 	queries := url.Query()
 	sign := queries.Get("sign")
 	queries.Del("sign")
 	url.RawQuery = queries.Encode()
 	requestURI := url.RequestURI()
 	return General.Check(requestURI, sign)
 }
 // Init 初始化通用鉴权器
 // TODO slave模式下从配置文件获取
 func Init() {
--- a/routers/controllers/file.go
+++ b/routers/controllers/file.go
@ -18,7 +18,19 @@ import (
 // AnonymousGetContent 匿名获取文件资源
 func AnonymousGetContent(c *gin.Context) {
-	c.JSON(200, serializer.Response{})
+	// 创建上下文
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
 	var service explorer.FileAnonymousGetService
 	if err := c.ShouldBind(&service); err == nil {
 		res := service.Download(ctx, c)
 		if res.Code != 0 {
 			c.JSON(200, res)
 		}
 	} else {
 		c.JSON(200, ErrorResponse(err))
 	}
 }
 // GetSource 获取文件的外链地址
--- a/service/explorer/file.go
+++ b/service/explorer/file.go
@ -14,6 +14,19 @@ type FileDownloadService struct {
 	Path string `uri:"path" binding:"required,min=1,max=65535"`
 }
 type FileAnonymousGetService struct {
 	ID   uint   `uri:"id" binding:"required,min=1"`
 	Name string `uri:"name" binding:"required"`
 }
 // Download 签名的匿名文件下载
 func (service *FileAnonymousGetService) Download(ctx context.Context, c *gin.Context) serializer.Response {
 	return serializer.Response{
 		Code: 0,
 	}
 }
 // Download 文件下载
 func (service *FileDownloadService) Download(ctx context.Context, c *gin.Context) serializer.Response {
 	// 创建文件系统