51 lines
1.6 KiB
Go
51 lines
1.6 KiB
Go
package helpers
|
|
|
|
import (
|
|
"github.com/TeaOSLab/EdgeUser/internal/utils/numberutils"
|
|
"github.com/TeaOSLab/EdgeUser/internal/web/actions/default/login/loginutils"
|
|
"github.com/iwind/TeaGo/actions"
|
|
"net/http"
|
|
)
|
|
|
|
type UserShouldAuth struct {
|
|
action *actions.ActionObject
|
|
}
|
|
|
|
func (this *UserShouldAuth) BeforeAction(actionPtr actions.ActionWrapper, paramName string) (goNext bool) {
|
|
this.action = actionPtr.Object()
|
|
|
|
// 检测注入
|
|
if !safeFilterRequest(this.action.Request) {
|
|
this.action.ResponseWriter.WriteHeader(http.StatusForbidden)
|
|
_, _ = this.action.ResponseWriter.Write([]byte("Denied By WAF"))
|
|
return false
|
|
}
|
|
|
|
var action = this.action
|
|
action.AddHeader("X-Frame-Options", "SAMEORIGIN")
|
|
action.AddHeader("Content-Security-Policy", "default-src 'self' data:; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' blob: data:;")
|
|
|
|
return true
|
|
}
|
|
|
|
// StoreUser 存储用户名到SESSION
|
|
func (this *UserShouldAuth) StoreUser(userId int64, remember bool) {
|
|
loginutils.SetCookie(this.action, remember)
|
|
this.action.Session().Write("userId", numberutils.FormatInt64(userId))
|
|
this.action.Session().Write("@fingerprint", loginutils.CalculateClientFingerprint(this.action))
|
|
this.action.Session().Write("@ip", loginutils.RemoteIP(this.action))
|
|
}
|
|
|
|
func (this *UserShouldAuth) IsUser() bool {
|
|
return this.action.Session().GetInt("userId") > 0
|
|
}
|
|
|
|
func (this *UserShouldAuth) UserId() int64 {
|
|
return this.action.Session().GetInt64("userId")
|
|
}
|
|
|
|
func (this *UserShouldAuth) Logout() {
|
|
loginutils.UnsetCookie(this.action)
|
|
this.action.Session().Delete()
|
|
}
|