24w15c

2026-02-03 16:21:11 +08:00 · 2024-10-12 03:50:34 +08:00 · 2024-10-12 03:50:34 +08:00 · 824656f9d0
commit 824656f9d0
parent e3d56ae9b7
10 changed files with 191 additions and 75 deletions
--- a/auth/auth.go
+++ b/auth/auth.go
@ -7,7 +7,24 @@ import (
 	"github.com/gin-gonic/gin"
 )

-var logw = logger.Logw
+// 日志模块
+var (
+	logw       = logger.Logw
+	logInfo    = logger.LogInfo
+	LogWarning = logger.LogWarning
+	logError   = logger.LogError
+)
+
+// Auth Init
+func Init(cfg *config.Config) {
+	if cfg.Blacklist.Enabled {
+		LoadBlacklist(cfg)
+	}
+	if cfg.Whitelist.Enabled {
+		LoadWhitelist(cfg)
+	}
+	logInfo("Auth Init")
+}

 func AuthHandler(c *gin.Context, cfg *config.Config) bool {
 	// 如果身份验证未启用，直接返回 true
@ -17,19 +34,19 @@ func AuthHandler(c *gin.Context, cfg *config.Config) bool {

 	// 获取 auth_token 参数
 	authToken := c.Query("auth_token")
-	logw("auth_token received: %s", authToken)
+	logInfo("auth_token received: %s", authToken)

 	// 验证 token
 	if authToken == "" {
-		logw("auth FAILED: no auth_token provided")
+		LogWarning("auth FAILED: no auth_token provided")
 		return false
 	}

 	isValid := authToken == cfg.Auth.AuthToken
 	if !isValid {
-		logw("auth FAILED: invalid auth_token: %s", authToken)
+		LogWarning("auth FAILED: invalid auth_token: %s", authToken)
 	}

-	logw("auth SUCCESS: %t", isValid)
+	logInfo("auth SUCCESS: %t", isValid)
 	return isValid
 }
--- a/auth/blacklist.go
+++ b/auth/blacklist.go
@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"ghproxy/config"
 	"os"
+	"strings"
 )

 type BlacklistConfig struct {
@ -22,22 +23,32 @@ func LoadBlacklist(cfg *config.Config) {

 	data, err := os.ReadFile(blacklistfile)
 	if err != nil {
-		logw("Failed to read blacklist file: %v", err)
+		logError("Failed to read blacklist file: %v", err)
 	}

 	err = json.Unmarshal(data, blacklist)
 	if err != nil {
-		logw("Failed to unmarshal blacklist JSON: %v", err)
+		logError("Failed to unmarshal blacklist JSON: %v", err)
 	}
 }

+// fullrepo: "owner/repo" or "owner/*"
 func CheckBlacklist(fullrepo string) bool {
 	return forRangeCheckBlacklist(blacklist.Blacklist, fullrepo)
 }

+func sliceRepoName_Blacklist(fullrepo string) (string, string) {
+	s := strings.Split(fullrepo, "/")
+	if len(s) != 2 {
+		return "", ""
+	}
+	return s[0], s[1]
+}
+
 func forRangeCheckBlacklist(blist []string, fullrepo string) bool {
+	repoUser, _ := sliceRepoName_Blacklist(fullrepo)
 	for _, blocked := range blist {
-		if blocked == fullrepo {
+		if blocked == fullrepo || (strings.HasSuffix(blocked, "/*") && strings.HasPrefix(repoUser, blocked[:len(blocked)-2])) {
 			return true
 		}
 	}
--- a/auth/whitelist.go
+++ b/auth/whitelist.go
@ -4,6 +4,7 @@ import (
 	"encoding/json"
 	"ghproxy/config"
 	"os"
+	"strings"
 )

 type WhitelistConfig struct {
@ -21,12 +22,12 @@ func LoadWhitelist(cfg *config.Config) {

 	data, err := os.ReadFile(whitelistfile)
 	if err != nil {
-		logw("Failed to read whitelist file: %v", err)
+		logError("Failed to read whitelist file: %v", err)
 	}

 	err = json.Unmarshal(data, whitelist)
 	if err != nil {
-		logw("Failed to unmarshal whitelist JSON: %v", err)
+		logError("Failed to unmarshal whitelist JSON: %v", err)
 	}
 }

@ -34,9 +35,18 @@ func CheckWhitelist(fullrepo string) bool {
 	return forRangeCheckWhitelist(whitelist.Whitelist, fullrepo)
 }

-func forRangeCheckWhitelist(blist []string, fullrepo string) bool {
-	for _, blocked := range blist {
-		if blocked == fullrepo {
+func sliceRepoName_Whitelist(fullrepo string) (string, string) {
+	s := strings.Split(fullrepo, "/")
+	if len(s) != 2 {
+		return "", ""
+	}
+	return s[0], s[1]
+}
+
+func forRangeCheckWhitelist(wlist []string, fullrepo string) bool {
+	repoUser, _ := sliceRepoName_Whitelist(fullrepo)
+	for _, blocked := range wlist {
+		if blocked == fullrepo || (strings.HasSuffix(blocked, "/*") && strings.HasPrefix(repoUser, blocked[:len(blocked)-2])) {
 			return true
 		}
 	}