24w23a

2026-02-03 08:11:11 +08:00 · 2024-11-15 19:04:35 +08:00 · 2024-11-15 19:04:35 +08:00 · c55ae4a5b7
commit c55ae4a5b7
parent 85896ffbfe
11 changed files with 102 additions and 25 deletions
--- a/auth/auth-header.go
+++ b/auth/auth-header.go
@ -0,0 +1,30 @@
+package auth
+
+import (
+	"fmt"
+	"ghproxy/config"
+
+	"github.com/gin-gonic/gin"
+)
+
+func AuthHeaderHandler(c *gin.Context, cfg *config.Config) (isValid bool, err string) {
+	if !cfg.Auth.Enabled {
+		return true, ""
+	}
+	// 获取"GH-Auth"的值
+	authToken := c.GetHeader("GH-Auth")
+	logInfo("%s %s %s %s %s AUTH_TOKEN: %s", c.Request.Method, c.Request.Host, c.Request.URL.Path, c.Request.Proto, c.Request.RemoteAddr, authToken)
+	if authToken == "" {
+		err := "Auth Header == nil"
+		return false, err
+	}
+
+	isValid = authToken == cfg.Auth.AuthToken
+	if !isValid {
+		err := fmt.Sprintf("Auth token incorrect: %s", authToken)
+		return false, err
+	}
+
+	logInfo("auth SUCCESS: %t", isValid)
+	return isValid, ""
+}
--- a/auth/auth-parameters.go
+++ b/auth/auth-parameters.go
@ -0,0 +1,31 @@
+package auth
+
+import (
+	"fmt"
+	"ghproxy/config"
+
+	"github.com/gin-gonic/gin"
+)
+
+func AuthParametersHandler(c *gin.Context, cfg *config.Config) (isValid bool, err string) {
+	if !cfg.Auth.Enabled {
+		return true, ""
+	}
+
+	authToken := c.Query("auth_token")
+	logInfo("%s %s %s %s %s AUTH_TOKEN: %s", c.ClientIP(), c.Request.Method, c.Request.URL.Path, c.Request.UserAgent(), c.Request.Proto, authToken)
+
+	if authToken == "" {
+		err := "Auth token == nil"
+		return false, err
+	}
+
+	isValid = authToken == cfg.Auth.AuthToken
+	if !isValid {
+		err := fmt.Sprintf("Auth token incorrect: %s", authToken)
+		return false, err
+	}
+
+	logInfo("auth SUCCESS: %t", isValid)
+	return isValid, ""
+}
--- a/auth/auth.go
+++ b/auth/auth.go
@ -1,7 +1,6 @@
 package auth

 import (
-	"fmt"
 	"ghproxy/config"
 	"ghproxy/logger"

@ -26,24 +25,17 @@ func Init(cfg *config.Config) {
 }

 func AuthHandler(c *gin.Context, cfg *config.Config) (isValid bool, err string) {
-	if !cfg.Auth.Enabled {
+	if cfg.Auth.AuthMethod == "parameters" {
+		isValid, err = AuthParametersHandler(c, cfg)
+		return isValid, err
+	} else if cfg.Auth.AuthMethod == "header" {
+		isValid, err = AuthHeaderHandler(c, cfg)
+		return isValid, err
+	} else if cfg.Auth.AuthMethod == "" {
+		logWarning("Auth method not set")
 		return true, ""
+	} else {
+		logWarning("Auth method not supported")
+		return false, "Auth method not supported"
 	}
-
-	authToken := c.Query("auth_token")
-	logInfo("%s %s %s %s %s AUTH_TOKEN: %s", c.ClientIP(), c.Request.Method, c.Request.URL.Path, c.Request.UserAgent(), c.Request.Proto, authToken)
-
-	if authToken == "" {
-		err := "Auth token == nil"
-		return false, err
-	}
-
-	isValid = authToken == cfg.Auth.AuthToken
-	if !isValid {
-		err := fmt.Sprintf("Auth token incorrect: %s", authToken)
-		return false, err
-	}
-
-	logInfo("auth SUCCESS: %t", isValid)
-	return isValid, ""
 }