This commit is contained in:
parent
cb6525636c
commit
64c2450121
@ -102,6 +102,7 @@ http {
|
|||||||
proxy_set_header Host $http_host;
|
proxy_set_header Host $http_host;
|
||||||
proxy_set_header X-Forwarded-Proto $scheme;
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
proxy_pass http://frp_http_proxy;
|
proxy_pass http://frp_http_proxy;
|
||||||
|
access_by_lua_file lua/authentication.lua;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,13 +1,34 @@
|
|||||||
local session, err, exists = require "resty.session".open()
|
-- opm get ledgetech/lua-resty-http
|
||||||
if exists and session:get("authenticated") then
|
-- https://unraid.amass.fun/
|
||||||
ngx.log(ngx.INFO, session:get("account"), " 访问")
|
-- http://127.0.0.1:3001/wt/login?redirect=https%3A%2F%2Famass.fun%0A
|
||||||
|
|
||||||
|
local wtauth_cookie = ngx.var.cookie_wtauth
|
||||||
|
local server = ""
|
||||||
|
if ngx.var.server_port == "80" or ngx.var.server_port == "443" then
|
||||||
|
server = ngx.var.host
|
||||||
else
|
else
|
||||||
local server = ""
|
server = ngx.var.host .. ":" .. ngx.var.server_port
|
||||||
if ngx.var.server_port == "80" then
|
end
|
||||||
server = ngx.var.host
|
local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri
|
||||||
else
|
if not wtauth_cookie then
|
||||||
server = ngx.var.host .. ":" .. ngx.var.server_port
|
return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url))
|
||||||
end
|
end
|
||||||
local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri
|
|
||||||
ngx.redirect('https://amass.fun/LoginPage?next=' .. ngx.escape_uri(target_url))
|
local http = require "resty.http"
|
||||||
|
local httpc = http.new()
|
||||||
|
|
||||||
|
local res, err = httpc:request_uri("http://127.0.0.1:8082/api/v1/auth/verify", {
|
||||||
|
method = "GET",
|
||||||
|
headers = {
|
||||||
|
["Content-Type"] = "application/json",
|
||||||
|
["Cookie"] = "wtauth=" .. wtauth_cookie
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
if not res then
|
||||||
|
ngx.log(ngx.ERR, "failed to request: ", err)
|
||||||
|
return ngx.exit(500)
|
||||||
|
end
|
||||||
|
if res.status ~= 200 then
|
||||||
|
return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url))
|
||||||
end
|
end
|
||||||
|
@ -1,20 +0,0 @@
|
|||||||
local cjson = require "cjson"
|
|
||||||
|
|
||||||
local session = require"resty.session".open()
|
|
||||||
if (session == nil or session.data.identify == nil) then
|
|
||||||
local chunk, eof = ngx.arg[1], ngx.arg[2];
|
|
||||||
local post_list = cjson.decode(chunk);
|
|
||||||
|
|
||||||
for i, v in pairs(private_folder) do
|
|
||||||
for dir, value in pairs(post_list) do
|
|
||||||
if (dir == v) then
|
|
||||||
post_list[dir] = nil;
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
ngx.arg[1] = cjson.encode(post_list);
|
|
||||||
ngx.arg[2] = true
|
|
||||||
else
|
|
||||||
|
|
||||||
end
|
|
||||||
|
|
@ -82,10 +82,14 @@ Application::Application(const Wt::WEnvironment &env, bool embedded)
|
|||||||
app->authService().setAuthTokensEnabled(authTokensEnabled, authTokenCookieName, "");
|
app->authService().setAuthTokensEnabled(authTokensEnabled, authTokenCookieName, "");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
auto next = env.getParameter("redirect");
|
||||||
|
if (next != nullptr) {
|
||||||
|
m_loginedRedirectUrl = *next;
|
||||||
|
}
|
||||||
|
|
||||||
LOG(info) << "url: " << url() << ", host name: " << env.hostName();
|
LOG(info) << "url: " << url() << ", host name: " << env.hostName();
|
||||||
LOG(info) << "resources url: " << resourcesUrl() << ", relative resources url: " << relativeResourcesUrl();
|
LOG(info) << "resources url: " << resourcesUrl() << ", relative resources url: " << relativeResourcesUrl();
|
||||||
LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl();
|
LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl() << ", next: " << m_loginedRedirectUrl;
|
||||||
|
|
||||||
m_loginPage = std::make_unique<LoginPage>(app->authService(), m_session->users(), m_session->login());
|
m_loginPage = std::make_unique<LoginPage>(app->authService(), m_session->users(), m_session->login());
|
||||||
if (externalPath.empty()) {
|
if (externalPath.empty()) {
|
||||||
@ -119,22 +123,6 @@ void Application::authEvent() {
|
|||||||
const Wt::Auth::User &u = m_session->login().user();
|
const Wt::Auth::User &u = m_session->login().user();
|
||||||
LOG(info) << "User " << u.id() << " (" << u.identity(Wt::Auth::Identity::LoginName) << ")"
|
LOG(info) << "User " << u.id() << " (" << u.identity(Wt::Auth::Identity::LoginName) << ")"
|
||||||
<< " logged in.";
|
<< " logged in.";
|
||||||
if (m_loginPage) {
|
|
||||||
if (m_navigationBar != nullptr) {
|
|
||||||
m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage));
|
|
||||||
m_loginPageRef->removeStyleClass("bulma-m-auto");
|
|
||||||
m_loginPageRef->removeStyleClass("bulma-container");
|
|
||||||
}
|
|
||||||
} else if (m_loginPageRef != nullptr && m_loginPageRef->parent() == m_root) {
|
|
||||||
m_loginPage = m_loginPageRef->parent()->removeWidget(m_loginPageRef);
|
|
||||||
if (m_navigationBar != nullptr) {
|
|
||||||
m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage));
|
|
||||||
m_loginPageRef->removeStyleClass("bulma-m-auto");
|
|
||||||
m_loginPageRef->removeStyleClass("bulma-container");
|
|
||||||
}
|
|
||||||
}
|
|
||||||
setInternalPath("/", true);
|
|
||||||
|
|
||||||
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
||||||
auto &service = app->authService();
|
auto &service = app->authService();
|
||||||
auto &env = environment();
|
auto &env = environment();
|
||||||
@ -146,6 +134,25 @@ void Application::authEvent() {
|
|||||||
cookie.setExpires(Wt::WDateTime());
|
cookie.setExpires(Wt::WDateTime());
|
||||||
setCookie(cookie);
|
setCookie(cookie);
|
||||||
}
|
}
|
||||||
|
if (m_loginedRedirectUrl.empty()) {
|
||||||
|
if (m_loginPage) {
|
||||||
|
if (m_navigationBar != nullptr) {
|
||||||
|
m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage));
|
||||||
|
m_loginPageRef->removeStyleClass("bulma-m-auto");
|
||||||
|
m_loginPageRef->removeStyleClass("bulma-container");
|
||||||
|
}
|
||||||
|
} else if (m_loginPageRef != nullptr && m_loginPageRef->parent() == m_root) {
|
||||||
|
m_loginPage = m_loginPageRef->parent()->removeWidget(m_loginPageRef);
|
||||||
|
if (m_navigationBar != nullptr) {
|
||||||
|
m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage));
|
||||||
|
m_loginPageRef->removeStyleClass("bulma-m-auto");
|
||||||
|
m_loginPageRef->removeStyleClass("bulma-container");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
setInternalPath("/", true);
|
||||||
|
} else {
|
||||||
|
redirect(m_loginedRedirectUrl);
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
if (m_navigationBar != nullptr) {
|
if (m_navigationBar != nullptr) {
|
||||||
m_loginPage = m_navigationBar->removeLoginItem();
|
m_loginPage = m_navigationBar->removeLoginItem();
|
||||||
|
@ -43,6 +43,7 @@ private:
|
|||||||
std::unique_ptr<LoginPage> m_loginPage;
|
std::unique_ptr<LoginPage> m_loginPage;
|
||||||
LoginPage *m_loginPageRef = nullptr;
|
LoginPage *m_loginPageRef = nullptr;
|
||||||
Wt::JSignal<> m_logout;
|
Wt::JSignal<> m_logout;
|
||||||
|
std::string m_loginedRedirectUrl;
|
||||||
};
|
};
|
||||||
|
|
||||||
class Server {
|
class Server {
|
||||||
|
@ -8,6 +8,7 @@
|
|||||||
#include <Wt/Dbo/Json.h>
|
#include <Wt/Dbo/Json.h>
|
||||||
#include <Wt/Dbo/backend/Sqlite3.h>
|
#include <Wt/Dbo/backend/Sqlite3.h>
|
||||||
#include <Wt/Http/Response.h>
|
#include <Wt/Http/Response.h>
|
||||||
|
#include <boost/beast/http/status.hpp>
|
||||||
#include <boost/scope/scope_exit.hpp>
|
#include <boost/scope/scope_exit.hpp>
|
||||||
#include <format>
|
#include <format>
|
||||||
|
|
||||||
@ -15,7 +16,7 @@ DBO_INSTANTIATE_TEMPLATES(MyMessage)
|
|||||||
|
|
||||||
void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) {
|
void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) {
|
||||||
auto tag = request.urlParam("tag");
|
auto tag = request.urlParam("tag");
|
||||||
LOG(info) << "path: " << request.path() << ", tag: " << tag;
|
// LOG(info) << "path: " << request.path() << ", tag: " << tag;
|
||||||
response.setMimeType("application/json");
|
response.setMimeType("application/json");
|
||||||
MyMessage message;
|
MyMessage message;
|
||||||
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
||||||
@ -40,9 +41,11 @@ void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt:
|
|||||||
if (user.isValid()) {
|
if (user.isValid()) {
|
||||||
message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8();
|
message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8();
|
||||||
}
|
}
|
||||||
LOG(info) << "state: " << (int)state << " " << message.user;
|
// LOG(info) << "state: " << (int)state << " " << message.user;
|
||||||
message.message = "Hello, World!";
|
message.message = "Hello, World!";
|
||||||
message.status = state == Wt::Auth::AuthTokenState::Valid ? 0 : 404;
|
message.status = state == Wt::Auth::AuthTokenState::Valid ? 0 : 404;
|
||||||
|
using namespace boost::beast::http;
|
||||||
|
response.setStatus(static_cast<int>(state == Wt::Auth::AuthTokenState::Valid ? status::ok : status::unauthorized));
|
||||||
} else { // logout
|
} else { // logout
|
||||||
response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT",
|
response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT",
|
||||||
service.authTokenCookieName(), AuthModel::CookiePath));
|
service.authTokenCookieName(), AuthModel::CookiePath));
|
||||||
|
Loading…
Reference in New Issue
Block a user