add wt login app.

2025-01-09 19:16:00 +08:00 · 2025-01-09 19:16:00 +08:00 · 64c2450121
commit 64c2450121
parent cb6525636c
6 changed files with 63 additions and 50 deletions
--- a/Server/conf/nginx.conf
+++ b/Server/conf/nginx.conf
@ -102,6 +102,7 @@ http {
            proxy_set_header Host $http_host;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_pass http://frp_http_proxy;
+            access_by_lua_file lua/authentication.lua;
        }
    }

--- a/Server/lua/authentication.lua
+++ b/Server/lua/authentication.lua
@ -1,13 +1,34 @@
-local session, err, exists = require "resty.session".open()
-if exists and session:get("authenticated") then
-    ngx.log(ngx.INFO, session:get("account"), " 访问")
-else
+-- opm get ledgetech/lua-resty-http
+-- https://unraid.amass.fun/
+-- http://127.0.0.1:3001/wt/login?redirect=https%3A%2F%2Famass.fun%0A
+
+local wtauth_cookie = ngx.var.cookie_wtauth
 local server = ""
-    if ngx.var.server_port == "80" then
+if ngx.var.server_port == "80" or ngx.var.server_port == "443" then
    server = ngx.var.host
 else
    server = ngx.var.host .. ":" .. ngx.var.server_port
 end
 local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri
-    ngx.redirect('https://amass.fun/LoginPage?next=' .. ngx.escape_uri(target_url))
+if not wtauth_cookie then
+    return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url))
+end
+
+local http = require "resty.http"
+local httpc = http.new()
+
+local res, err = httpc:request_uri("http://127.0.0.1:8082/api/v1/auth/verify", {
+    method = "GET",
+    headers = {
+        ["Content-Type"] = "application/json",
+        ["Cookie"] = "wtauth=" .. wtauth_cookie 
+    }
+})
+
+if not res then
+    ngx.log(ngx.ERR, "failed to request: ", err)
+    return ngx.exit(500)
+end
+if res.status ~= 200 then
+    return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url))
 end
--- a/Server/lua/blog_list.lua
+++ b/Server/lua/blog_list.lua
@ -1,20 +0,0 @@
-local cjson = require "cjson"
-
-local session = require"resty.session".open()
-if (session == nil or session.data.identify == nil) then
-    local chunk, eof = ngx.arg[1], ngx.arg[2];
-    local post_list = cjson.decode(chunk);
-
-    for i, v in pairs(private_folder) do
-        for dir, value in pairs(post_list) do
-            if (dir == v) then
-                post_list[dir] = nil;
-            end
-        end
-    end
-    ngx.arg[1] = cjson.encode(post_list);
-    ngx.arg[2] = true
-else
-
-end
-
--- a/WebApplication/Application.cpp
+++ b/WebApplication/Application.cpp
@ -82,10 +82,14 @@ Application::Application(const Wt::WEnvironment &env, bool embedded)
            app->authService().setAuthTokensEnabled(authTokensEnabled, authTokenCookieName, "");
        }
    }
+    auto next = env.getParameter("redirect");
+    if (next != nullptr) {
+        m_loginedRedirectUrl = *next;
+    }

    LOG(info) << "url: " << url() << ", host name: " << env.hostName();
    LOG(info) << "resources url: " << resourcesUrl() << ", relative resources url: " << relativeResourcesUrl();
-    LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl();
+    LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl() << ", next: " << m_loginedRedirectUrl;

    m_loginPage = std::make_unique<LoginPage>(app->authService(), m_session->users(), m_session->login());
    if (externalPath.empty()) {
@ -119,6 +123,18 @@ void Application::authEvent() {
        const Wt::Auth::User &u = m_session->login().user();
        LOG(info) << "User " << u.id() << " (" << u.identity(Wt::Auth::Identity::LoginName) << ")"
                  << " logged in.";
+        auto app = Amass::Singleton<WebToolkit::Server>::instance();
+        auto &service = app->authService();
+        auto &env = environment();
+        auto token = env.getCookie(service.authTokenCookieName());
+        if (token == nullptr) {
+            Wt::Http::Cookie cookie(service.authTokenCookieName(), service.createAuthToken(u));
+            cookie.setDomain(service.authTokenCookieDomain());
+            cookie.setPath(AuthModel::CookiePath);
+            cookie.setExpires(Wt::WDateTime());
+            setCookie(cookie);
+        }
+        if (m_loginedRedirectUrl.empty()) {
            if (m_loginPage) {
                if (m_navigationBar != nullptr) {
                    m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage));
@ -134,17 +150,8 @@ void Application::authEvent() {
                }
            }
            setInternalPath("/", true);
-
-        auto app = Amass::Singleton<WebToolkit::Server>::instance();
-        auto &service = app->authService();
-        auto &env = environment();
-        auto token = env.getCookie(service.authTokenCookieName());
-        if (token == nullptr) {
-            Wt::Http::Cookie cookie(service.authTokenCookieName(), service.createAuthToken(u));
-            cookie.setDomain(service.authTokenCookieDomain());
-            cookie.setPath(AuthModel::CookiePath);
-            cookie.setExpires(Wt::WDateTime());
-            setCookie(cookie);
+        } else {
+            redirect(m_loginedRedirectUrl);
        }
    } else {
        if (m_navigationBar != nullptr) {
--- a/WebApplication/Application.h
+++ b/WebApplication/Application.h
@ -43,6 +43,7 @@ private:
    std::unique_ptr<LoginPage> m_loginPage;
    LoginPage *m_loginPageRef = nullptr;
    Wt::JSignal<> m_logout;
+    std::string m_loginedRedirectUrl;
 };

 class Server {
--- a/WebApplication/Restful.cpp
+++ b/WebApplication/Restful.cpp
@ -8,6 +8,7 @@
 #include <Wt/Dbo/Json.h>
 #include <Wt/Dbo/backend/Sqlite3.h>
 #include <Wt/Http/Response.h>
+#include <boost/beast/http/status.hpp>
 #include <boost/scope/scope_exit.hpp>
 #include <format>

@ -15,7 +16,7 @@ DBO_INSTANTIATE_TEMPLATES(MyMessage)

 void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) {
    auto tag = request.urlParam("tag");
-    LOG(info) << "path: " << request.path() << ", tag: " << tag;
+    // LOG(info) << "path: " << request.path() << ", tag: " << tag;
    response.setMimeType("application/json");
    MyMessage message;
    auto app = Amass::Singleton<WebToolkit::Server>::instance();
@ -40,9 +41,11 @@ void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt:
        if (user.isValid()) {
            message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8();
        }
-        LOG(info) << "state: " << (int)state << " " << message.user;
+        // LOG(info) << "state: " << (int)state << " " << message.user;
        message.message = "Hello, World!";
        message.status = state == Wt::Auth::AuthTokenState::Valid ? 0 : 404;
+        using namespace boost::beast::http;
+        response.setStatus(static_cast<int>(state == Wt::Auth::AuthTokenState::Valid ? status::ok : status::unauthorized));
    } else { // logout
        response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT",
                                                     service.authTokenCookieName(), AuthModel::CookiePath));