Feat: sign auth middleware

ea7f0343 · HFO4 · 36d5f514 · ea7f0343 · ea7f0343 · ea7f0343
Showing with 45 addition and 8 deletion

middleware/auth.go middleware/auth.go +7 -7

pkg/auth/auth.go pkg/auth/auth.go +12 -0

routers/controllers/file.go routers/controllers/file.go +13 -1

service/explorer/file.go service/explorer/file.go +13 -0

未找到文件。
--- a/middleware/auth.go
+++ b/middleware/auth.go
 package middleware

 import (
-	"fmt"
 	"github.com/HFO4/cloudreve/models"
+	"github.com/HFO4/cloudreve/pkg/auth"
 	"github.com/HFO4/cloudreve/pkg/serializer"
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 )

 // SignRequired 验证请求签名
+// TODO 测试
 func SignRequired() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		// 获取待验证的签名正文
-		queries := c.Request.URL.Query()
-		queries.Del("sign")
-		c.Request.URL.RawQuery = queries.Encode()
-		requestURI := c.Request.URL.RequestURI()
-		fmt.Println(requestURI)
+		err := auth.CheckURI(c.Request.URL)
+		if err != nil {
+			c.JSON(200, serializer.Err(serializer.CodeCheckLogin, err.Error(), err))
+			c.Abort()
+		}
 		c.Next()
 	}
 }

--- a/pkg/auth/auth.go
+++ b/pkg/auth/auth.go
@@ -40,6 +40,18 @@ func SignURI(uri string, expires int64) (*url.URL, error) {
 	return base, nil
 }

+// CheckURI 对URI进行鉴权
+func CheckURI(url *url.URL) error {
+	//获取待验证的签名正文
+	queries := url.Query()
+	sign := queries.Get("sign")
+	queries.Del("sign")
+	url.RawQuery = queries.Encode()
+	requestURI := url.RequestURI()
+
+	return General.Check(requestURI, sign)
+}
+
 // Init 初始化通用鉴权器
 // TODO slave模式下从配置文件获取
 func Init() {

--- a/routers/controllers/file.go
+++ b/routers/controllers/file.go
@@ -18,7 +18,19 @@ import (

 // AnonymousGetContent 匿名获取文件资源
 func AnonymousGetContent(c *gin.Context) {
-	c.JSON(200, serializer.Response{})
+	// 创建上下文
+	ctx, cancel := context.WithCancel(context.Background())
+	defer cancel()
+
+	var service explorer.FileAnonymousGetService
+	if err := c.ShouldBind(&service); err == nil {
+		res := service.Download(ctx, c)
+		if res.Code != 0 {
+			c.JSON(200, res)
+		}
+	} else {
+		c.JSON(200, ErrorResponse(err))
+	}
 }

 // GetSource 获取文件的外链地址

--- a/service/explorer/file.go
+++ b/service/explorer/file.go
@@ -14,6 +14,19 @@ type FileDownloadService struct {
 	Path string `uri:"path" binding:"required,min=1,max=65535"`
 }

+type FileAnonymousGetService struct {
+	ID   uint   `uri:"id" binding:"required,min=1"`
+	Name string `uri:"name" binding:"required"`
+}
+
+// Download 签名的匿名文件下载
+func (service *FileAnonymousGetService) Download(ctx context.Context, c *gin.Context) serializer.Response {
+
+	return serializer.Response{
+		Code: 0,
+	}
+}
+
 // Download 文件下载
 func (service *FileDownloadService) Download(ctx context.Context, c *gin.Context) serializer.Response {
 	// 创建文件系统