This commit is contained in:
parent
cb6525636c
commit
64c2450121
@ -102,6 +102,7 @@ http {
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_pass http://frp_http_proxy;
|
||||
access_by_lua_file lua/authentication.lua;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,13 +1,34 @@
|
||||
local session, err, exists = require "resty.session".open()
|
||||
if exists and session:get("authenticated") then
|
||||
ngx.log(ngx.INFO, session:get("account"), " 访问")
|
||||
else
|
||||
local server = ""
|
||||
if ngx.var.server_port == "80" then
|
||||
-- opm get ledgetech/lua-resty-http
|
||||
-- https://unraid.amass.fun/
|
||||
-- http://127.0.0.1:3001/wt/login?redirect=https%3A%2F%2Famass.fun%0A
|
||||
|
||||
local wtauth_cookie = ngx.var.cookie_wtauth
|
||||
local server = ""
|
||||
if ngx.var.server_port == "80" or ngx.var.server_port == "443" then
|
||||
server = ngx.var.host
|
||||
else
|
||||
else
|
||||
server = ngx.var.host .. ":" .. ngx.var.server_port
|
||||
end
|
||||
local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri
|
||||
ngx.redirect('https://amass.fun/LoginPage?next=' .. ngx.escape_uri(target_url))
|
||||
end
|
||||
local target_url = ngx.var.scheme .. "://" .. server .. ngx.var.request_uri
|
||||
if not wtauth_cookie then
|
||||
return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url))
|
||||
end
|
||||
|
||||
local http = require "resty.http"
|
||||
local httpc = http.new()
|
||||
|
||||
local res, err = httpc:request_uri("http://127.0.0.1:8082/api/v1/auth/verify", {
|
||||
method = "GET",
|
||||
headers = {
|
||||
["Content-Type"] = "application/json",
|
||||
["Cookie"] = "wtauth=" .. wtauth_cookie
|
||||
}
|
||||
})
|
||||
|
||||
if not res then
|
||||
ngx.log(ngx.ERR, "failed to request: ", err)
|
||||
return ngx.exit(500)
|
||||
end
|
||||
if res.status ~= 200 then
|
||||
return ngx.redirect('https://amass.fun/wt/login?redirect=' .. ngx.escape_uri(target_url))
|
||||
end
|
||||
|
@ -1,20 +0,0 @@
|
||||
local cjson = require "cjson"
|
||||
|
||||
local session = require"resty.session".open()
|
||||
if (session == nil or session.data.identify == nil) then
|
||||
local chunk, eof = ngx.arg[1], ngx.arg[2];
|
||||
local post_list = cjson.decode(chunk);
|
||||
|
||||
for i, v in pairs(private_folder) do
|
||||
for dir, value in pairs(post_list) do
|
||||
if (dir == v) then
|
||||
post_list[dir] = nil;
|
||||
end
|
||||
end
|
||||
end
|
||||
ngx.arg[1] = cjson.encode(post_list);
|
||||
ngx.arg[2] = true
|
||||
else
|
||||
|
||||
end
|
||||
|
@ -82,10 +82,14 @@ Application::Application(const Wt::WEnvironment &env, bool embedded)
|
||||
app->authService().setAuthTokensEnabled(authTokensEnabled, authTokenCookieName, "");
|
||||
}
|
||||
}
|
||||
auto next = env.getParameter("redirect");
|
||||
if (next != nullptr) {
|
||||
m_loginedRedirectUrl = *next;
|
||||
}
|
||||
|
||||
LOG(info) << "url: " << url() << ", host name: " << env.hostName();
|
||||
LOG(info) << "resources url: " << resourcesUrl() << ", relative resources url: " << relativeResourcesUrl();
|
||||
LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl();
|
||||
LOG(info) << "internal path: " << internalPath() << ", bookmark url: " << bookmarkUrl() << ", next: " << m_loginedRedirectUrl;
|
||||
|
||||
m_loginPage = std::make_unique<LoginPage>(app->authService(), m_session->users(), m_session->login());
|
||||
if (externalPath.empty()) {
|
||||
@ -119,6 +123,18 @@ void Application::authEvent() {
|
||||
const Wt::Auth::User &u = m_session->login().user();
|
||||
LOG(info) << "User " << u.id() << " (" << u.identity(Wt::Auth::Identity::LoginName) << ")"
|
||||
<< " logged in.";
|
||||
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
||||
auto &service = app->authService();
|
||||
auto &env = environment();
|
||||
auto token = env.getCookie(service.authTokenCookieName());
|
||||
if (token == nullptr) {
|
||||
Wt::Http::Cookie cookie(service.authTokenCookieName(), service.createAuthToken(u));
|
||||
cookie.setDomain(service.authTokenCookieDomain());
|
||||
cookie.setPath(AuthModel::CookiePath);
|
||||
cookie.setExpires(Wt::WDateTime());
|
||||
setCookie(cookie);
|
||||
}
|
||||
if (m_loginedRedirectUrl.empty()) {
|
||||
if (m_loginPage) {
|
||||
if (m_navigationBar != nullptr) {
|
||||
m_loginPageRef = m_navigationBar->addLoginItem(std::move(m_loginPage));
|
||||
@ -134,17 +150,8 @@ void Application::authEvent() {
|
||||
}
|
||||
}
|
||||
setInternalPath("/", true);
|
||||
|
||||
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
||||
auto &service = app->authService();
|
||||
auto &env = environment();
|
||||
auto token = env.getCookie(service.authTokenCookieName());
|
||||
if (token == nullptr) {
|
||||
Wt::Http::Cookie cookie(service.authTokenCookieName(), service.createAuthToken(u));
|
||||
cookie.setDomain(service.authTokenCookieDomain());
|
||||
cookie.setPath(AuthModel::CookiePath);
|
||||
cookie.setExpires(Wt::WDateTime());
|
||||
setCookie(cookie);
|
||||
} else {
|
||||
redirect(m_loginedRedirectUrl);
|
||||
}
|
||||
} else {
|
||||
if (m_navigationBar != nullptr) {
|
||||
|
@ -43,6 +43,7 @@ private:
|
||||
std::unique_ptr<LoginPage> m_loginPage;
|
||||
LoginPage *m_loginPageRef = nullptr;
|
||||
Wt::JSignal<> m_logout;
|
||||
std::string m_loginedRedirectUrl;
|
||||
};
|
||||
|
||||
class Server {
|
||||
|
@ -8,6 +8,7 @@
|
||||
#include <Wt/Dbo/Json.h>
|
||||
#include <Wt/Dbo/backend/Sqlite3.h>
|
||||
#include <Wt/Http/Response.h>
|
||||
#include <boost/beast/http/status.hpp>
|
||||
#include <boost/scope/scope_exit.hpp>
|
||||
#include <format>
|
||||
|
||||
@ -15,7 +16,7 @@ DBO_INSTANTIATE_TEMPLATES(MyMessage)
|
||||
|
||||
void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt::Http::Response &response) {
|
||||
auto tag = request.urlParam("tag");
|
||||
LOG(info) << "path: " << request.path() << ", tag: " << tag;
|
||||
// LOG(info) << "path: " << request.path() << ", tag: " << tag;
|
||||
response.setMimeType("application/json");
|
||||
MyMessage message;
|
||||
auto app = Amass::Singleton<WebToolkit::Server>::instance();
|
||||
@ -40,9 +41,11 @@ void AuthenticationResource::handleRequest(const Wt::Http::Request &request, Wt:
|
||||
if (user.isValid()) {
|
||||
message.user = user.identity(Wt::Auth::Identity::LoginName).toUTF8();
|
||||
}
|
||||
LOG(info) << "state: " << (int)state << " " << message.user;
|
||||
// LOG(info) << "state: " << (int)state << " " << message.user;
|
||||
message.message = "Hello, World!";
|
||||
message.status = state == Wt::Auth::AuthTokenState::Valid ? 0 : 404;
|
||||
using namespace boost::beast::http;
|
||||
response.setStatus(static_cast<int>(state == Wt::Auth::AuthTokenState::Valid ? status::ok : status::unauthorized));
|
||||
} else { // logout
|
||||
response.addHeader("Set-Cookie", std::format("{}=; path={}; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 GMT",
|
||||
service.authTokenCookieName(), AuthModel::CookiePath));
|
||||
|
Loading…
Reference in New Issue
Block a user