add api.github.com support

2026-02-03 08:11:11 +08:00 · 2024-12-12 11:48:23 +08:00 · 2024-12-12 11:48:23 +08:00 · a43f1f20f6
commit a43f1f20f6
parent e59c118475
2 changed files with 16 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,5 +1,10 @@
 # 更新日志

+24w27a
+---
+- PRE-RELEASE: 此版本做为实验性功能测试版本,请勿在生产环境中使用
+- ADD: 新增`api.github.com`反代支持, 强制性要求开启`Header Auth`功能
+
 v1.7.7
 ---
 - CHANGE: 更新相关依赖库
--- a/proxy/proxy.go
+++ b/proxy/proxy.go
@ -31,6 +31,7 @@ var exps = []*regexp.Regexp{
 	regexp.MustCompile(`^(?:https?://)?github\.com/([^/]+)/([^/]+)/(?:info|git-).*`),
 	regexp.MustCompile(`^(?:https?://)?raw\.github(?:usercontent|)\.com/([^/]+)/([^/]+)/.+?/.+`),
 	regexp.MustCompile(`^(?:https?://)?gist\.github(?:usercontent|)\.com/([^/]+)/.+?/.+`),
+	regexp.MustCompile(`^(?:https?://)?api\.github\.com/repos/([^/]+)/([^/]+)/.*`),
 }

 func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *rate.IPRateLimiter) gin.HandlerFunc {
@ -106,6 +107,16 @@ func NoRouteHandler(cfg *config.Config, limiter *rate.RateLimiter, iplimiter *ra
 			return
 		}

+		// 若匹配api.github.com/repos/用户名/仓库名/路径, 则检查是否开启HeaderAuth
+		if exps[5].MatchString(rawPath) {
+			if cfg.Auth.AuthMethod != "header" || !cfg.Auth.Enabled {
+				c.JSON(http.StatusForbidden, gin.H{"error": "HeaderAuth is not enabled."})
+				logWarning("%s %s %s %s %s HeaderAuth-Error: HeaderAuth is not enabled.", c.ClientIP(), c.Request.Method, rawPath, c.Request.Header.Get("User-Agent"), c.Request.Proto)
+				return
+			}
+		}
+
+		// 处理blob/raw路径
 		if exps[1].MatchString(rawPath) {
 			rawPath = strings.Replace(rawPath, "/blob/", "/raw/", 1)
 		}