From 64c2450121c593ea986279ca0d5f3f16ab50030d Mon Sep 17 00:00:00 2001 From: amass Date: Thu, 9 Jan 2025 19:16:00 +0800 Subject: [PATCH] add wt login app. --- Server/conf/nginx.conf | 1 + Server/lua/authentication.lua | 43 +++++++++++++++++++++++++--------- Server/lua/blog_list.lua | 20 ---------------- WebApplication/Application.cpp | 41 ++++++++++++++++++-------------- WebApplication/Application.h | 1 + WebApplication/Restful.cpp | 7 ++++-- 6 files changed, 63 insertions(+), 50 deletions(-) delete mode 100755 Server/lua/blog_list.lua diff --git a/Server/conf/nginx.conf b/Server/conf/nginx.conf index 22ea6d4..1ad306c 100644 --- a/Server/conf/nginx.conf +++ b/Server/conf/nginx.conf @@ -102,6 +102,7 @@ http { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://frp_http_proxy; + access_by_lua_file lua/authentication.lua; } } diff --git a/Server/lua/authentication.lua b/Server/lua/authentication.lua index 1a3d869..ddfd709 100644 --- a/Server/lua/authentication.lua +++ b/Server/lua/authentication.lua @@ -1,13 +1,34 @@ -local session, err, exists = require "resty.session".open() -if exists and session:get("authenticated") then - ngx.log(ngx.INFO, session:get("account"), " 访问") +-- opm get ledgetech/lua-resty-http +-- https://unraid.amass.fun/ +-- http://127.0.0.1:3001/wt/login?redirect=https%3A%2F%2Famass.fun%0A + +local wtauth_cookie = ngx.var.cookie_wtauth +local server = "" +if ngx.var.server_port == "80" or ngx.var.server_port == "443" then + server = ngx.var.host else - local server = "" - if ngx.var.server_port == "80" then - server = ngx.var.host - else - server = ngx.var.host .. ":" .. ngx.var.server_port - end - local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri - ngx.redirect('https://amass.fun/LoginPage?next=' .. ngx.escape_uri(target_url)) + server = ngx.var.host .. ":" .. ngx.var.server_port +end +local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri +if not wtauth_cookie then + return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url)) +end + +local http = require "resty.http" +local httpc = http.new() + +local res, err = httpc:request_uri("http://127.0.0.1:8082/api/v1/auth/verify", { + method = "GET", + headers = { + ["Content-Type"] = "application/json", + ["Cookie"] = "wtauth=" .. wtauth_cookie + } +}) + +if not res then + ngx.log(ngx.ERR, "failed to request: ", err) + return ngx.exit(500) +end +if res.status ~= 200 then + return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url)) end diff --git a/Server/lua/blog_list.lua b/Server/lua/blog_list.lua deleted file mode 100755 index cb1850b..0000000 --- a/Server/lua/blog_list.lua +++ /dev/null @@ -1,20 +0,0 @@ -local cjson = require "cjson" - -local session = require"resty.session".open() -if (session == nil or session.data.identify == nil) then - local chunk, eof = ngx.arg[1], ngx.arg[2]; - local post_list = cjson.decode(chunk); - - for i, v in pairs(private_folder) do - for dir, value in pairs(post_list) do - if (dir == v) then - post_list[dir] = nil; - end - end - end - ngx.arg[1] = cjson.encode(post_list); - ngx.arg[2] = true -else - -end - diff --git a/WebApplication/Application.cpp b/WebApplication/Application.cpp index 913c2a8..ed83aa9 100644 --- a/WebApplication/Application.cpp +++ b/WebApplication/Application.cpp @@ -82,10 +82,14 @@ Application::Application(const Wt::WEnvironment &env, bool embedded) app->authService().setAuthTokensEnabled(authTokensEnabled, authTokenCookieName, ""); } } + auto next = env.getParameter("redirect"); + if (next != nullptr) { + m_loginedRedirectUrl = *next; + } LOG(info) << "url: " << url() << ", host name: " << env.hostName(); LOG(info) << "resources url: " << resourcesUrl() << ", relative resources url: " << relativeResourcesUrl(); - LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl(); + LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl() << ", next: " << m_loginedRedirectUrl; m_loginPage = std::make_unique(app->authService(), m_session->users(), m_session->login()); if (externalPath.empty()) { @@ -119,22 +123,6 @@ void Application::authEvent() { const Wt::Auth::User &u = m_session->login().user(); LOG(info) << "User " << u.id() << " (" << u.identity(Wt::Auth::Identity::LoginName) << ")" << " logged in."; - if (m_loginPage) { - if (m_navigationBar != nullptr) { - m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage)); - m_loginPageRef->removeStyleClass("bulma-m-auto"); - m_loginPageRef->removeStyleClass("bulma-container"); - } - } else if (m_loginPageRef != nullptr && m_loginPageRef->parent() == m_root) { - m_loginPage = m_loginPageRef->parent()->removeWidget(m_loginPageRef); - if (m_navigationBar != nullptr) { - m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage)); - m_loginPageRef->removeStyleClass("bulma-m-auto"); - m_loginPageRef->removeStyleClass("bulma-container"); - } - } - setInternalPath("/", true); - auto app = Amass::Singleton::instance(); auto &service = app->authService(); auto &env = environment(); @@ -146,6 +134,25 @@ void Application::authEvent() { cookie.setExpires(Wt::WDateTime()); setCookie(cookie); } + if (m_loginedRedirectUrl.empty()) { + if (m_loginPage) { + if (m_navigationBar != nullptr) { + m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage)); + m_loginPageRef->removeStyleClass("bulma-m-auto"); + m_loginPageRef->removeStyleClass("bulma-container"); + } + } else if (m_loginPageRef != nullptr && m_loginPageRef->parent() == m_root) { + m_loginPage = m_loginPageRef->parent()->removeWidget(m_loginPageRef); + if (m_navigationBar != nullptr) { + m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage)); + m_loginPageRef->removeStyleClass("bulma-m-auto"); + m_loginPageRef->removeStyleClass("bulma-container"); + } + } + setInternalPath("/", true); + } else { + redirect(m_loginedRedirectUrl); + } } else { if (m_navigationBar != nullptr) { m_loginPage = m_navigationBar->removeLoginItem(); diff --git a/WebApplication/Application.h b/WebApplication/Application.h index 48f0684..1545094 100644 --- a/WebApplication/Application.h +++ b/WebApplication/Application.h @@ -43,6 +43,7 @@ private: std::unique_ptr m_loginPage; LoginPage *m_loginPageRef = nullptr; Wt::JSignal<> m_logout; + std::string m_loginedRedirectUrl; }; class Server { diff --git a/WebApplication/Restful.cpp b/WebApplication/Restful.cpp index e71cc9d..7958c85 100644 --- a/WebApplication/Restful.cpp +++ b/WebApplication/Restful.cpp @@ -8,6 +8,7 @@ #include #include #include +#include #include #include @@ -15,7 +16,7 @@ DBO_INSTANTIATE_TEMPLATES(MyMessage) void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) { auto tag = request.urlParam("tag"); - LOG(info) << "path: " << request.path() << ", tag: " << tag; + // LOG(info) << "path: " << request.path() << ", tag: " << tag; response.setMimeType("application/json"); MyMessage message; auto app = Amass::Singleton::instance(); @@ -40,9 +41,11 @@ void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt: if (user.isValid()) { message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8(); } - LOG(info) << "state: " << (int)state << " " << message.user; + // LOG(info) << "state: " << (int)state << " " << message.user; message.message = "Hello, World!"; message.status = state == Wt::Auth::AuthTokenState::Valid ? 0 : 404; + using namespace boost::beast::http; + response.setStatus(static_cast(state == Wt::Auth::AuthTokenState::Valid ? status::ok : status::unauthorized)); } else { // logout response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT", service.authTokenCookieName(), AuthModel::CookiePath));