mindoc/routers/filter.go

60 lines
2.0 KiB
Go
Raw Normal View History

package routers
import (
"encoding/json"
"net/url"
"regexp"
"github.com/astaxie/beego"
"github.com/astaxie/beego/context"
"github.com/mindoc-org/mindoc/conf"
"github.com/mindoc-org/mindoc/models"
)
func init() {
var FilterUser = func(ctx *context.Context) {
_, ok := ctx.Input.Session(conf.LoginSessionName).(models.Member)
if !ok {
if ctx.Input.IsAjax() {
jsonData := make(map[string]interface{}, 3)
jsonData["errcode"] = 403
jsonData["message"] = "请登录后再操作"
returnJSON, _ := json.Marshal(jsonData)
ctx.ResponseWriter.Write(returnJSON)
} else {
ctx.Redirect(302, conf.URLFor("AccountController.Login")+"?url="+url.PathEscape(conf.BaseUrl+ctx.Request.URL.RequestURI()))
}
}
}
beego.InsertFilter("/manager", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/manager/*", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/setting", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/setting/*", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/book", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/book/*", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/api/*", beego.BeforeRouter, FilterUser)
beego.InsertFilter("/manage/*", beego.BeforeRouter, FilterUser)
2017-05-03 14:22:05 +08:00
var FinishRouter = func(ctx *context.Context) {
ctx.ResponseWriter.Header().Add("MinDoc-Version", conf.VERSION)
ctx.ResponseWriter.Header().Add("MinDoc-Site", "https://www.iminho.me")
ctx.ResponseWriter.Header().Add("X-XSS-Protection", "1; mode=block")
2017-05-03 14:22:05 +08:00
}
var StartRouter = func(ctx *context.Context) {
sessionId := ctx.Input.Cookie(beego.AppConfig.String("sessionname"))
2018-11-12 21:01:59 +08:00
if sessionId != "" {
//sessionId必须是数字字母组成且最小32个字符最大1024字符
if ok, err := regexp.MatchString(`^[a-zA-Z0-9]{32,512}$`, sessionId); !ok || err != nil {
panic("401")
}
}
}
beego.InsertFilter("/*", beego.BeforeStatic, StartRouter, false)
beego.InsertFilter("/*", beego.BeforeRouter, FinishRouter, false)
}