2017-04-30 22:13:12 +08:00
|
|
|
|
package routers
|
|
|
|
|
|
|
|
|
|
import (
|
2018-01-26 17:17:38 +08:00
|
|
|
|
"encoding/json"
|
|
|
|
|
"net/url"
|
2018-11-09 18:10:34 +08:00
|
|
|
|
"regexp"
|
2021-03-23 15:09:17 +08:00
|
|
|
|
|
|
|
|
|
"github.com/astaxie/beego"
|
|
|
|
|
"github.com/astaxie/beego/context"
|
|
|
|
|
"github.com/mindoc-org/mindoc/conf"
|
|
|
|
|
"github.com/mindoc-org/mindoc/models"
|
2017-04-30 22:13:12 +08:00
|
|
|
|
)
|
|
|
|
|
|
2018-01-26 17:17:38 +08:00
|
|
|
|
func init() {
|
2017-04-30 22:13:12 +08:00
|
|
|
|
var FilterUser = func(ctx *context.Context) {
|
|
|
|
|
_, ok := ctx.Input.Session(conf.LoginSessionName).(models.Member)
|
|
|
|
|
|
|
|
|
|
if !ok {
|
2017-07-07 16:20:55 +08:00
|
|
|
|
if ctx.Input.IsAjax() {
|
2018-01-26 17:17:38 +08:00
|
|
|
|
jsonData := make(map[string]interface{}, 3)
|
2017-07-07 16:20:55 +08:00
|
|
|
|
|
|
|
|
|
jsonData["errcode"] = 403
|
|
|
|
|
jsonData["message"] = "请登录后再操作"
|
2018-01-26 17:17:38 +08:00
|
|
|
|
|
2017-07-07 16:20:55 +08:00
|
|
|
|
returnJSON, _ := json.Marshal(jsonData)
|
|
|
|
|
|
|
|
|
|
ctx.ResponseWriter.Write(returnJSON)
|
2018-01-26 17:17:38 +08:00
|
|
|
|
} else {
|
2019-05-20 12:08:14 +08:00
|
|
|
|
ctx.Redirect(302, conf.URLFor("AccountController.Login")+"?url="+url.PathEscape(conf.BaseUrl+ctx.Request.URL.RequestURI()))
|
2017-07-07 16:20:55 +08:00
|
|
|
|
}
|
2017-04-30 22:13:12 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
2018-01-26 17:17:38 +08:00
|
|
|
|
beego.InsertFilter("/manager", beego.BeforeRouter, FilterUser)
|
|
|
|
|
beego.InsertFilter("/manager/*", beego.BeforeRouter, FilterUser)
|
|
|
|
|
beego.InsertFilter("/setting", beego.BeforeRouter, FilterUser)
|
|
|
|
|
beego.InsertFilter("/setting/*", beego.BeforeRouter, FilterUser)
|
|
|
|
|
beego.InsertFilter("/book", beego.BeforeRouter, FilterUser)
|
|
|
|
|
beego.InsertFilter("/book/*", beego.BeforeRouter, FilterUser)
|
|
|
|
|
beego.InsertFilter("/api/*", beego.BeforeRouter, FilterUser)
|
2019-05-20 12:08:14 +08:00
|
|
|
|
beego.InsertFilter("/manage/*", beego.BeforeRouter, FilterUser)
|
2017-05-03 14:22:05 +08:00
|
|
|
|
|
|
|
|
|
var FinishRouter = func(ctx *context.Context) {
|
2018-01-26 17:17:38 +08:00
|
|
|
|
ctx.ResponseWriter.Header().Add("MinDoc-Version", conf.VERSION)
|
|
|
|
|
ctx.ResponseWriter.Header().Add("MinDoc-Site", "https://www.iminho.me")
|
2019-05-20 12:08:14 +08:00
|
|
|
|
ctx.ResponseWriter.Header().Add("X-XSS-Protection", "1; mode=block")
|
2017-05-03 14:22:05 +08:00
|
|
|
|
}
|
|
|
|
|
|
2018-11-09 18:10:34 +08:00
|
|
|
|
var StartRouter = func(ctx *context.Context) {
|
|
|
|
|
sessionId := ctx.Input.Cookie(beego.AppConfig.String("sessionname"))
|
2018-11-12 21:01:59 +08:00
|
|
|
|
if sessionId != "" {
|
|
|
|
|
//sessionId必须是数字字母组成,且最小32个字符,最大1024字符
|
|
|
|
|
if ok, err := regexp.MatchString(`^[a-zA-Z0-9]{32,512}$`, sessionId); !ok || err != nil {
|
|
|
|
|
panic("401")
|
|
|
|
|
}
|
2018-11-09 18:10:34 +08:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
beego.InsertFilter("/*", beego.BeforeStatic, StartRouter, false)
|
2018-01-26 17:17:38 +08:00
|
|
|
|
beego.InsertFilter("/*", beego.BeforeRouter, FinishRouter, false)
|
2017-04-30 22:13:12 +08:00
|
|
|
|
}
|