1.5.0

EdgeNode/internal/nodes/http_request_auth.go

@@ -9,14 +9,20 @@ import (
 	"net/http"
 )
 
-// 执行认证
+// 鎵ц璁よ瘉
 func (this *HTTPRequest) doAuth() (shouldStop bool) {
 	if this.web.Auth == nil || !this.web.Auth.IsOn {
 		return
 	}
 
 	for _, ref := range this.web.Auth.PolicyRefs {
-		if !ref.IsOn || ref.AuthPolicy == nil || !ref.AuthPolicy.IsOn {
+		if !ref.IsOn {
+			continue
+		}
+		if ref.AuthPolicy == nil {
+			continue
+		}
+		if !ref.AuthPolicy.IsOn {
 			continue
 		}
 		if !ref.AuthPolicy.MatchRequest(this.RawReq) {
@@ -36,7 +42,7 @@ func (this *HTTPRequest) doAuth() (shouldStop bool) {
 			return writer.StatusCode(), nil
 		}, this.Format)
 		if err != nil {
-			this.write50x(err, http.StatusInternalServerError, "Failed to execute the AuthPolicy", "认证策略执行失败", false)
+			this.write50x(err, http.StatusInternalServerError, "Failed to execute the AuthPolicy", "璁よ瘉绛栫暐鎵ц澶辫触", false)
 			return
 		}
 		if ok {
@@ -45,28 +51,28 @@ func (this *HTTPRequest) doAuth() (shouldStop bool) {
 			}
 			this.tags = append(this.tags, "auth:"+ref.AuthPolicy.Type)
 			return
-		} else {
-			// Basic Auth比较特殊
-			if ref.AuthPolicy.Type == serverconfigs.HTTPAuthTypeBasicAuth {
-				method, ok := ref.AuthPolicy.Method().(*serverconfigs.HTTPAuthBasicMethod)
-				if ok {
-					var headerValue = "Basic realm=\""
-					if len(method.Realm) > 0 {
-						headerValue += method.Realm
-					} else {
-						headerValue += this.ReqHost
-					}
-					headerValue += "\""
-					if len(method.Charset) > 0 {
-						headerValue += ", charset=\"" + method.Charset + "\""
-					}
-					this.writer.Header()["WWW-Authenticate"] = []string{headerValue}
-				}
-			}
-			this.writer.WriteHeader(http.StatusUnauthorized)
-			this.tags = append(this.tags, "auth:"+ref.AuthPolicy.Type)
-			return true
 		}
+
+		// Basic Auth 姣旇緝鐗规畩
+		if ref.AuthPolicy.Type == serverconfigs.HTTPAuthTypeBasicAuth {
+			method, ok := ref.AuthPolicy.Method().(*serverconfigs.HTTPAuthBasicMethod)
+			if ok {
+				var headerValue = "Basic realm=\""
+				if len(method.Realm) > 0 {
+					headerValue += method.Realm
+				} else {
+					headerValue += this.ReqHost
+				}
+				headerValue += "\""
+				if len(method.Charset) > 0 {
+					headerValue += ", charset=\"" + method.Charset + "\""
+				}
+				this.writer.Header()["WWW-Authenticate"] = []string{headerValue}
+			}
+		}
+		this.writer.WriteHeader(http.StatusUnauthorized)
+		this.tags = append(this.tags, "auth:"+ref.AuthPolicy.Type)
+		return true
 	}
 	return
 }

EdgeNode/internal/nodes/node_tasks_packet_plus.go

@@ -1,35 +0,0 @@
-// Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
-//go:build plus && packet
-
-package nodes
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	networksecurity "github.com/TeaOSLab/EdgeNode/internal/network-security"
-	"github.com/TeaOSLab/EdgeNode/internal/remotelogs"
-	"github.com/TeaOSLab/EdgeNode/internal/rpc"
-)
-
-func (this *Node) execNetworkSecurityPolicyChangedTask(rpcClient *rpc.RPCClient) error {
-	remotelogs.Println("NODE", "updating network security policy ...")
-	resp, err := rpcClient.NodeRPC.FindNodeNetworkSecurityPolicy(rpcClient.Context(), &pb.FindNodeNetworkSecurityPolicyRequest{})
-	if err != nil {
-		return err
-	}
-
-	var policy = nodeconfigs.NewNetworkSecurityPolicy()
-	if len(resp.NetworkSecurityPolicyJSON) > 0 {
-		err = json.Unmarshal(resp.NetworkSecurityPolicyJSON, policy)
-		if err != nil {
-			return err
-		}
-	}
-
-	sharedNodeConfig.NetworkSecurityPolicy = policy
-
-	go networksecurity.SharedManager.Apply(policy)
-
-	return nil
-}

EdgeNode/internal/nodes/node_tasks_packet_stub_plus.go

@@ -1,5 +1,5 @@
 // Copyright 2023 GoEdge CDN goedge.cdn@gmail.com. All rights reserved. Official site: https://goedge.cn .
-//go:build plus && !packet
+//go:build plus
 
 package nodes