feat: 0.1.2

1. login page && auth required 2. file dir cleanup
2025-05-09 17:49:12 +08:00
parent a2635698e0
commit b1b3ac5b6b
31 changed files with 1178 additions and 36 deletions
--- a/internal/handler/auth.go
+++ b/internal/handler/auth.go
@ -0,0 +1,70 @@
+package handler
+
+import (
+	"fmt"
+	"github.com/loveuer/nf"
+	"github.com/loveuer/ushare/internal/controller"
+	"github.com/loveuer/ushare/internal/model"
+	"github.com/loveuer/ushare/internal/opt"
+	"net/http"
+)
+
+func AuthVerify() nf.HandlerFunc {
+	tokenFn := func(c *nf.Ctx) (token string) {
+		if token = c.Get("Authorization"); token != "" {
+			return
+		}
+
+		token = c.Cookies("ushare")
+
+		return
+	}
+
+	return func(c *nf.Ctx) error {
+		if opt.Cfg.Auth == "" {
+			return c.Next()
+		}
+
+		token := tokenFn(c)
+		if token == "" {
+			return c.Status(http.StatusUnauthorized).JSON(map[string]string{"error": "unauthorized"})
+		}
+
+		op, err := controller.UserManager.Verify(token)
+		if err != nil {
+			return c.Status(http.StatusUnauthorized).JSON(map[string]string{"error": "unauthorized", "msg": err.Error()})
+		}
+
+		c.Locals("user", op)
+
+		return c.Next()
+	}
+}
+
+func AuthLogin() nf.HandlerFunc {
+	return func(c *nf.Ctx) error {
+		type Req struct {
+			Username string `json:"username"`
+			Password string `json:"password"`
+		}
+
+		var (
+			err error
+			req Req
+			op  *model.User
+		)
+
+		if err = c.BodyParser(&req); err != nil {
+			return c.Status(http.StatusBadRequest).JSON(map[string]string{"msg": "错误的用户名或密码<1>"})
+		}
+
+		if op, err = controller.UserManager.Login(req.Username, req.Password); err != nil {
+			return c.Status(http.StatusBadRequest).JSON(map[string]string{"msg": err.Error()})
+		}
+
+		header := fmt.Sprintf("ushare=%s; Path=/; Max-Age=%d", op.Token, 8*3600)
+		c.SetHeader("Set-Cookie", header)
+
+		return c.Status(http.StatusOK).JSON(map[string]any{"data": op})
+	}
+}
--- a/internal/handler/share.go
+++ b/internal/handler/share.go
@ -49,11 +49,6 @@ func Fetch() nf.HandlerFunc {

 func ShareNew() nf.HandlerFunc {
 	return func(c *nf.Ctx) error {
-
-		if opt.Cfg.Auth {
-			return c.SendStatus(http.StatusUnauthorized)
-		}
-
 		filename := strings.TrimSpace(c.Param("filename"))
 		if filename == "" {
 			return c.Status(http.StatusBadRequest).JSON(map[string]string{"msg": "filename required"})