OptimusX
/
OneAuth
mirror of https://github.com/veypi/OneAuth.git
4
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: fs auth bug

Browse Source
v3
veypi 3 weeks ago
parent 23b85c1495
commit 7e1235cb28
7 changed files with 35 additions and 58 deletions
Show Stats Download Patch File Download Diff File

13
oa/builtin/fs/app.go
Unescape Escape View File

@ -44,18 +44,17 @@ func NewAppFs(prefix string) func(http.ResponseWriter, *http.Request) {
root = "/" + strings.Join(dirs[1:], "/")
}
if root == "/" {
if !utils.FileExists(tmp + "/" + aid) {
os.MkdirAll(tmp+"/"+aid, 0744)
// if !utils.FileExists(tmp + "/" + aid) {
// os.MkdirAll(tmp+"/"+aid, 0744)
// }
}
}
logv.Warn().Msgf("aid: %v, root: %v", aid, root)
if aid == "" {
return "", errs.AuthNoPerm
}
if root == "/pub" || strings.HasPrefix(root, "/pub/") {
switch r.Method {
case "OPTIONS", "GET", "HEAD", "POST":
return dir, nil
return "", nil
default:
}
}
@ -75,8 +74,8 @@ func NewAppFs(prefix string) func(http.ResponseWriter, *http.Request) {
if err != nil {
return "", err
}
if payload.Access.CheckPrefix("app", aid, handlerLevle) {
return "/" + payload.UID + dir, nil
if payload.Access.Check("app", aid, handlerLevle) {
return "", nil
}
return "", errs.AuthNoPerm
}

13
oa/builtin/fs/user.go
Unescape Escape View File

@ -62,7 +62,11 @@ func getToken(r *http.Request) (*auth.Claims, error) {
authHeader := r.Header.Get("Authorization")
token := ""
if authHeader != "" {
if strings.HasPrefix(authHeader, "Basic ") {
typ := ""
if tags := strings.Split(authHeader, " "); len(tags) > 1 {
typ = strings.ToLower(tags[0])
}
if typ == "basic" {
decodedAuth, err := base64.StdEncoding.DecodeString(authHeader[6:])
if err != nil {
return nil, errs.AuthInvalid
@ -76,11 +80,8 @@ func getToken(r *http.Request) (*auth.Claims, error) {
username = strings.TrimSuffix(username, "\n")
username = strings.TrimSuffix(username, ":")
token = strings.TrimPrefix(password, "\n")
logv.Warn().Msgf("username: %s, password: %s", username, token)
}
if strings.HasPrefix(authHeader, "Bearer ") {
token = strings.TrimPrefix(authHeader, "Bearer ")
} else if typ == "bearer" {
token = authHeader[7:]
}
} else {
acookie, err := r.Cookie("fstoken")

2
oa/libs/webdav/file.go
Unescape Escape View File

@ -96,7 +96,7 @@ func (d Dir) OpenFile(ctx context.Context, name string, flag int, perm os.FileMo
if err != nil {
return nil, err
}
return d.OpenFile(ctx, name, flag, perm)
return os.OpenFile(name, flag, perm)
}
return nil, err
}

13
oaer/lib/fs.ts
Unescape Escape View File

@ -37,16 +37,13 @@ class davWraper {
this.prefix = this.prefix.slice(0, -1)
}
}
set(k: 'host' | 'token', value: string) {
set(k: 'host' | 'token' | 'prefix', value: string) {
if (value !== this[k]) {
this[k] = value
if (k === 'token') {
this.client = webdav.createClient(this.host + this.prefix)
this.client.setHeaders({
authorization: "bearer " + value
authorization: "bearer " + this.token
})
} else if (k === 'host') {
this.client = webdav.createClient(this.host + this.prefix)
}
}
}
putFileContents(filename: string, data: string | webdav.BufferLike, options?: webdav.PutFileContentsOptions) {
@ -78,6 +75,7 @@ class davWraper {
let retries = 0;
function attempt(): Promise<T> {
return fn().catch(error => {
console.log(error.status)
if (retries < 3) {
retries++;
console.log(`Attempt ${retries} failed, retrying after 1 second...`);
@ -94,7 +92,7 @@ class davWraper {
let token = logic.token.oa.raw()
const user = new davWraper(logic.Host(), '/fs/u/', token)
const app = new davWraper(logic.Host(), '/fs/a/', token)
const app = new davWraper(logic.Host(), '/fs/a/' + logic.oa_id, token)
export const set_host = (h: string) => {
@ -107,6 +105,7 @@ const sync = () => {
// console.warn('sync oafs token: ' + t)
user.set('token', t)
app.set('token', t)
app.set('prefix', '/fs/a/' + logic.app_id)
}
}
proxy.Listen(() => {

1
oaer/lib/logic.ts
Unescape Escape View File

@ -178,6 +178,7 @@ bus.on('logout', () => {
// load token from localStorage
logic.token.refresh = new Token('refresh')
logic.app_id = logic.token.refresh.aid || ''
logic.token.oa = new Token('oa')
logic.token.app = new Token('app')

17
oaweb/composables/api/webapi.ts
Unescape Escape View File

@ -50,7 +50,7 @@ export const token = {
}
// 请求拦截
const beforeRequest = (config: any) => {
config.retryTimes = 3
config.retryTimes = config.retryTimes || 3
// NOTE 添加自定义头部
token.value && (config.headers.Authorization = `Bearer ${token.value}`)
return config
@ -76,24 +76,25 @@ const responseSuccess = (client: AxiosInstance) => {
const responseFailed = (client: AxiosInstance) => {
return (error: AxiosError) => {
const { response } = error
const config = response?.config
const data = response?.data || {} as any
if (!window.navigator.onLine) {
alert('没有网络')
return Promise.reject(new Error('请检查网络连接'))
}
let needRetry = true
// @ts-ignore
let needRetry = config?.needRetry !== false
if (response?.status == 404) {
needRetry = false
} else if (response?.status == 401) {
} else if (response?.status == 401 && needRetry) {
needRetry = false
// AuthNotFound = New(40100, "auth not found")
// AuthExpired = New(40102, "auth expired")
if (data.code === 40102 || data.code === 40100) {
token.value = ''
return token.update().then((e) => {
console.log('token updated: ' + e)
return requestRetry(client)(500, response!)
return token.update().then(() => {
return requestRetry(client)(200, response!)
})
}
} else if (response?.status == 500) {
@ -143,6 +144,7 @@ interface data {
query?: any
form?: any
header?: any
config?: Object
}
@ -159,6 +161,9 @@ function transData(d: data) {
if (d.header) {
opts.headers = Object.assign(opts.headers, d.header)
}
if (d.config) {
opts = Object.assign(opts, d.config)
}
return opts
}

30
oaweb/pages/index.vue
Unescape Escape View File

@ -36,14 +36,13 @@
<div class="text-h6">{{ $t('p.index.create') }} </div>
</template>
<div class="p-4">
<Uploader @success="temp_app.icon = $event" dir="app_icon">
<Uploader @success="temp_app.icon = $event" dir="/pub/icon/">
<!-- <img alt="LOGO" class="rounded-full w-16 h-16 mx-auto my-4" :src="temp_app.icon"> -->
<div alt="LOGO" class="divimg rounded-full w-16 h-16 mx-auto" :style="`--bgurl:url('${temp_app.icon}')`">
</div>
</Uploader>
<Vinput class="mt-4" v-model="temp_app.name" :validate="/^\w{2,}$/" :label="$t('c.appname')" type="text">
</Vinput>
{{ temp_app.typ }}
<Vinput class='mt-12' v-model="temp_app.typ" type="radio"
:options="{ 'public': $t('atyp.public'), 'apply': $t('atyp.apply'), 'private': $t('atyp.private') }"
:validate="/^\w{2,}$/">
@ -57,33 +56,6 @@
</template>
</UCard>
</UModal>
<!-- <q-dialog :square="false" v-model="new_flag"> -->
<!-- <q-card class="w-4/5 md:w-96 rounded-2xl"> -->
<!-- <q-card-section> -->
<!-- </q-card-section> -->
<!-- <q-separator></q-separator> -->
<!-- <q-card-section> -->
<!-- <q-form @submit="create_new"> -->
<!-- <q-input label="应用名" v-model="temp_app.name" :rules="rules.name"></q-input> -->
<!-- <div class="flex justify-center my-4 items-center" label='icon'> -->
<!-- <uploader @success="temp_app.icon = $event" dir="app_icon"> -->
<!-- <q-avatar> -->
<!-- <img :src="temp_app.icon"> -->
<!-- </q-avatar> -->
<!-- </uploader> -->
<!-- <q-icon class="ml-2" size="1rem" name='autorenew' @click="temp_app.icon = rand_icon()"></q-icon> -->
<!-- </div> -->
<!-- <q-separator></q-separator> -->
<!-- <div class="flex justify-end mt-8"> -->
<!-- <q-btn class="mx-3" @click="new_flag = false">取消</q-btn> -->
<!-- <q-btn type="submit">创建</q-btn> -->
<!-- </div> -->
<!-- </q-form> -->
<!-- </q-card-section> -->
<!-- </q-card> -->
<!-- </q-dialog> -->
</div>
</template>

Write Preview
Loading…
Cancel
Save