mirror of
https://github.com/WJQSERVER-STUDIO/ghproxy.git
synced 2026-02-03 08:11:11 +08:00
24w21d
This commit is contained in:
WJQSERVER
parent
e32adadaff
commit
267dfafcb9
10 changed files with 154 additions and 35 deletions
|
|
@ -8,7 +8,6 @@ import (
|
|||
"github.com/gin-gonic/gin"
|
||||
)
|
||||
|
||||
// 日志模块
|
||||
var (
|
||||
logw = logger.Logw
|
||||
logInfo = logger.LogInfo
|
||||
|
|
@ -16,7 +15,6 @@ var (
|
|||
logError = logger.LogError
|
||||
)
|
||||
|
||||
// Auth Init
|
||||
func Init(cfg *config.Config) {
|
||||
if cfg.Blacklist.Enabled {
|
||||
LoadBlacklist(cfg)
|
||||
|
|
@ -28,17 +26,13 @@ func Init(cfg *config.Config) {
|
|||
}
|
||||
|
||||
func AuthHandler(c *gin.Context, cfg *config.Config) (isValid bool, err string) {
|
||||
// 如果身份验证未启用,直接返回 true
|
||||
if !cfg.Auth.Enabled {
|
||||
return true, ""
|
||||
}
|
||||
|
||||
// 获取 auth_token 参数
|
||||
authToken := c.Query("auth_token")
|
||||
// IP METHOD URL USERAGENT PROTO TOKEN
|
||||
logInfo("%s %s %s %s %s AUTH_TOKEN: %s", c.ClientIP(), c.Request.Method, c.Request.URL.Path, c.Request.UserAgent(), c.Request.Proto, authToken)
|
||||
|
||||
// 验证 token
|
||||
if authToken == "" {
|
||||
err := "Auth token == nil"
|
||||
return false, err
|
||||
|
|
|
|||
|
|
@ -33,8 +33,8 @@ func LoadBlacklist(cfg *config.Config) {
|
|||
}
|
||||
|
||||
// fullrepo: "owner/repo" or "owner/*"
|
||||
func CheckBlacklist(fullrepo string) bool {
|
||||
return forRangeCheckBlacklist(blacklist.Blacklist, fullrepo)
|
||||
func CheckBlacklist(repouser string, user string, repo string) bool {
|
||||
return forRangeCheckBlacklist(blacklist.Blacklist, repouser, user)
|
||||
}
|
||||
|
||||
func sliceRepoName_Blacklist(fullrepo string) (string, string) {
|
||||
|
|
@ -45,12 +45,29 @@ func sliceRepoName_Blacklist(fullrepo string) (string, string) {
|
|||
return s[0], s[1]
|
||||
}
|
||||
|
||||
func forRangeCheckBlacklist(blist []string, fullrepo string) bool {
|
||||
repoUser, _ := sliceRepoName_Blacklist(fullrepo)
|
||||
func forRangeCheckBlacklist(blist []string, fullrepo string, user string) bool {
|
||||
// 先匹配user,再匹配user/*,最后匹配完整repo
|
||||
for _, blocked := range blist {
|
||||
// 切片
|
||||
users, _ := sliceRepoName_Blacklist(blocked)
|
||||
logw("users:%s, blocked:%s", users, blocked)
|
||||
// 匹配 user
|
||||
if user == users {
|
||||
// 匹配 user/*
|
||||
if strings.HasSuffix(blocked, "/*") {
|
||||
return true
|
||||
}
|
||||
// 匹配完整repo
|
||||
if fullrepo == blocked {
|
||||
return true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/* for _, blocked := range blist {
|
||||
if blocked == fullrepo || (strings.HasSuffix(blocked, "/*") && strings.HasPrefix(repoUser, blocked[:len(blocked)-2])) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
} */
|
||||
return false
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue