feat: middle save

2025-03-23 16:15:46 +09:00 · 2025-03-23 16:15:46 +09:00 · 83a5ef9bf6
commit 83a5ef9bf6
parent 5727d39eb8
6 changed files with 129 additions and 44 deletions
--- a/internal/middleware/auth.go
+++ b/internal/middleware/auth.go
@ -9,17 +9,31 @@ import (
 	"github.com/gin-gonic/gin"
 )

-func BasicAuth(ctx *gin.Context) {
-	var matches = false
-	var list = []string{"/settings"}
+func WorkerRoute(ctx *gin.Context) {
+	if !strings.HasPrefix(ctx.Request.URL.Path, "/api/worker") {
+		ctx.Next()
+		return
+	}

-	for _, i := range list {
-		if !strings.HasPrefix(ctx.Request.URL.Path, i) {
+	var err error
+	var dirs []service.PrivDir
+	auth := service.NewAuthService()
+	privdir := service.NewPrivDirService(nil)
+	dirs = privdir.Query()
+	if len(dirs) == 0 {
+		ctx.Next()
+		return
+	}
+
+	var target string
+	var matches = false
+	for _, dir := range dirs {
+		if !strings.HasSuffix(ctx.Request.URL.Path, dir.DirName) {
 			continue
 		}

+		target = dir.DirName
 		matches = true
-		break
 	}

 	if !matches {
@ -27,22 +41,67 @@ func BasicAuth(ctx *gin.Context) {
 		return
 	}

-	auth := service.NewAuthService()
 	username, password, ok := ctx.Request.BasicAuth()
 	if !ok {
-		ctx.Status(401)
+		ctx.JSON(401, gin.H{
+			"ok":    0,
+			"errno": "Unauthorized",
+		})
+		ctx.Abort()
 		return
 	}

-	ok, err := auth.VerifyToken(username, password)
+	ok, err = auth.VerifyToken(username, password)
 	if err != nil {
-		ctx.Status(500)
 		_, _ = fmt.Fprintln(os.Stderr, err)
+		ctx.JSON(401, gin.H{
+			"ok":    0,
+			"errno": "Unauthorized",
+		})
+		ctx.Abort()
 		return
 	}

+	var acc *service.Account
+	acc, err = auth.Read(username)
+	if err != nil {
+		ctx.JSON(500, gin.H{
+			"ok":    0,
+			"errno": "Internal Server Error",
+		})
+
+		ctx.Abort()
+		return
+	}
+
+	privdir = service.NewPrivDirService(acc)
 	if !ok {
-		ctx.Status(401)
+		ctx.JSON(401, gin.H{
+			"ok":    0,
+			"errno": "Unauthorized",
+		})
+
+		ctx.Abort()
+		return
+	}
+
+	var d *service.PrivDir
+	d, err = privdir.Read(target)
+	if err != nil {
+		ctx.JSON(500, gin.H{
+			"ok":    0,
+			"errno": "Internal Server Error",
+		})
+		ctx.Abort()
+		return
+	}
+
+	if d == nil {
+		ctx.JSON(401, gin.H{
+			"ok":    0,
+			"errno": "Unauthorized",
+		})
+		ctx.Abort()
 		return
 	}

--- a/internal/routes/auth.go
+++ b/internal/routes/auth.go
@ -8,35 +8,6 @@ import (
 	"github.com/gin-gonic/gin"
 )

-func login(ctx *gin.Context) {
-	auth := service.NewAuthService()
-	username := ctx.PostForm("username")
-	password := ctx.PostForm("password")
-
-	acc, err := auth.Read(username)
-	if err != nil {
-		ctx.JSON(401, gin.H{
-			"ok":    0,
-			"errno": "username or password not invalid",
-		})
-		return
-	}
-
-	ok, err := auth.Verify(username, password)
-	if err != nil || !ok {
-		ctx.JSON(401, gin.H{
-			"ok":    0,
-			"errno": "username or password not invalid",
-		})
-		return
-	}
-
-	ctx.JSON(200, gin.H{
-		"ok":    1,
-		"token": auth.Token(acc.Username, acc.Password),
-	})
-}
-
 func readAcc(ctx *gin.Context) {
 	auth := service.NewAuthService()
 	username, password, ok := ctx.Request.BasicAuth()
@ -120,3 +91,49 @@ func deleteAcc(ctx *gin.Context) {

 	ctx.Status(200)
 }
+
+func login(ctx *gin.Context) {
+	auth := service.NewAuthService()
+	username := ctx.PostForm("username")
+	password := ctx.PostForm("password")
+
+	acc, err := auth.Read(username)
+	if err != nil {
+		ctx.JSON(401, gin.H{
+			"ok":    0,
+			"errno": "username or password not invalid",
+		})
+		return
+	}
+
+	ok, err := auth.Verify(username, password)
+	if err != nil || !ok {
+		ctx.JSON(401, gin.H{
+			"ok":    0,
+			"errno": "username or password not invalid",
+		})
+		return
+	}
+
+	ctx.JSON(200, gin.H{
+		"ok":    1,
+		"token": auth.Token(acc.Username, acc.Password),
+	})
+}
+
+func check(ctx *gin.Context) {
+	auth := service.NewAuthService()
+	username, password, ok := ctx.Request.BasicAuth()
+	if !ok {
+		ctx.Status(401)
+		return
+	}
+
+	ok, err := auth.VerifyToken(username, password)
+	if err != nil || !ok {
+		ctx.Status(401)
+		return
+	}
+
+	ctx.Status(200)
+}
--- a/internal/routes/mod.go
+++ b/internal/routes/mod.go
@ -10,14 +10,21 @@ import (
 func New(app *gin.Engine, version *service.Version, apiOnly bool) {
 	app.Use(middleware.CORS)
 	app.Use(middleware.Header)
-	app.Use(middleware.BasicAuth)
+	app.Use(middleware.WorkerRoute)

 	api := app.Group("/api")
 	api.GET("/path/*path", discoverPath)
 	api.GET("/download/*path", downloadPath)

+	w := api.Group("/worker")
+	{
+		w.GET("/discover/*path", discoverPath)
+		w.GET("/download/*path", downloadPath)
+	}
+
 	auth := api.Group("/auth")
 	{
+		auth.GET("/check", check)
 		auth.POST("/login", login)
 		auth.GET("/read", readAcc)
 		auth.PATCH("/update", updateAcc)
--- a/src/components/settings/index.tsx
+++ b/src/components/settings/index.tsx
@ -10,13 +10,13 @@ function Settings() {

 	useEffect(() => {
 		if (auth.token === null) {
-			document.location.href = "/";
+			// document.location.href = "/";
 			return;
 		}

 		auth.checkToken(auth.token).then((ok) => {
 			if (!ok) {
-				document.location.href = "/";
+				// document.location.href = "/";
 				return;
 			}

--- a/src/store/auth.ts
+++ b/src/store/auth.ts
@ -27,6 +27,8 @@ export const useAuthStore = create<AuthState>()(
 			clearToken: () => set({ token: null }),
 			checkToken: async (token: string) => {
 				const res = await fetch("/api/auth/check", {
+					method: "GET",
+					mode: "same-origin",
 					headers: {
 						"Authorization": `Basic ${token}`
 					}
--- a/src/store/path.ts
+++ b/src/store/path.ts
@ -24,7 +24,7 @@ export interface DirEntry {
 export const usePath = create<PathState>((set) => ({
 	data: undefined,
 	update: async (path: string) => {
-		const res = await fetch(`/api/path/${path}`);
+		const res = await fetch(`/api/worker/discover/${path}`);
 		if (res.status !== 200 && res.status !== 304) {
 			set({ data: undefined });
 			return;