1.4.5.2

2026-02-04 20:27:13 +08:00
commit 3b042d1dad
9410 changed files with 1488147 additions and 0 deletions
--- a/EdgeUser/internal/web/helpers/user_should_auth.go
+++ b/EdgeUser/internal/web/helpers/user_should_auth.go
@@ -0,0 +1,50 @@
+package helpers
+
+import (
+	"github.com/TeaOSLab/EdgeUser/internal/utils/numberutils"
+	"github.com/TeaOSLab/EdgeUser/internal/web/actions/default/login/loginutils"
+	"github.com/iwind/TeaGo/actions"
+	"net/http"
+)
+
+type UserShouldAuth struct {
+	action *actions.ActionObject
+}
+
+func (this *UserShouldAuth) BeforeAction(actionPtr actions.ActionWrapper, paramName string) (goNext bool) {
+	this.action = actionPtr.Object()
+
+	// 检测注入
+	if !safeFilterRequest(this.action.Request) {
+		this.action.ResponseWriter.WriteHeader(http.StatusForbidden)
+		_, _ = this.action.ResponseWriter.Write([]byte("Denied By WAF"))
+		return false
+	}
+
+	var action = this.action
+	action.AddHeader("X-Frame-Options", "SAMEORIGIN")
+	action.AddHeader("Content-Security-Policy", "default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data:;")
+
+	return true
+}
+
+// StoreUser 存储用户名到SESSION
+func (this *UserShouldAuth) StoreUser(userId int64, remember bool) {
+	loginutils.SetCookie(this.action, remember)
+	this.action.Session().Write("userId", numberutils.FormatInt64(userId))
+	this.action.Session().Write("@fingerprint", loginutils.CalculateClientFingerprint(this.action))
+	this.action.Session().Write("@ip", loginutils.RemoteIP(this.action))
+}
+
+func (this *UserShouldAuth) IsUser() bool {
+	return this.action.Session().GetInt("userId") > 0
+}
+
+func (this *UserShouldAuth) UserId() int64 {
+	return this.action.Session().GetInt64("userId")
+}
+
+func (this *UserShouldAuth) Logout() {
+	loginutils.UnsetCookie(this.action)
+	this.action.Session().Delete()
+}