diff --git a/internal/http/middleware/entrance.go b/internal/http/middleware/entrance.go index 34bb6238..bb934da8 100644 --- a/internal/http/middleware/entrance.go +++ b/internal/http/middleware/entrance.go @@ -29,8 +29,6 @@ func Entrance(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager) fu entrance = "/" + entrance } - routePath := chi.RouteContext(r.Context()).RoutePath - // 情况一:设置了绑定域名、IP、UA,且请求不符合要求,返回错误 host, _, err := net.SplitHostPort(r.Host) if err != nil { @@ -80,7 +78,7 @@ func Entrance(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager) fu } // 情况二:请求路径与入口路径相同或者未设置访问入口,标记通过验证并重定向到登录页面 - if (strings.TrimSuffix(routePath, "/") == entrance || entrance == "/") && + if (strings.TrimSuffix(r.URL.Path, "/") == entrance || entrance == "/") && r.Header.Get("Authorization") == "" { sess.Put("verify_entrance", true) render := chix.NewRender(w, r) @@ -90,12 +88,12 @@ func Entrance(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager) fu } // 情况三:通过APIKey+入口路径访问,重写请求路径并跳过验证 - if strings.HasPrefix(routePath, entrance) && r.Header.Get("Authorization") != "" { + if strings.HasPrefix(r.URL.Path, entrance) && r.Header.Get("Authorization") != "" { // 只在设置了入口路径的情况下,才进行重写 if entrance != "/" { if rctx := chi.RouteContext(r.Context()); rctx != nil { - rctx.RoutePath = strings.TrimPrefix(routePath, entrance) - r.URL.Path = strings.TrimPrefix(routePath, entrance) + rctx.RoutePath = strings.TrimPrefix(rctx.RoutePath, entrance) + r.URL.Path = strings.TrimPrefix(r.URL.Path, entrance) } } next.ServeHTTP(w, r) @@ -105,7 +103,7 @@ func Entrance(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager) fu // 情况四:非调试模式且未通过验证的请求,返回错误 if !conf.Bool("app.debug") && sess.Missing("verify_entrance") && - routePath != "/robots.txt" { + r.URL.Path != "/robots.txt" { Abort(w, http.StatusTeapot, t.Get("invalid access entrance")) return } diff --git a/internal/http/middleware/must_install.go b/internal/http/middleware/must_install.go index 9c00c072..2b5e62ff 100644 --- a/internal/http/middleware/must_install.go +++ b/internal/http/middleware/must_install.go @@ -4,7 +4,6 @@ import ( "net/http" "strings" - "github.com/go-chi/chi/v5" "github.com/leonelquinteros/gotext" "github.com/tnb-labs/panel/internal/biz" @@ -14,15 +13,13 @@ import ( func MustInstall(t *gotext.Locale, app biz.AppRepo) func(next http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - routePath := chi.RouteContext(r.Context()).RoutePath - var slugs []string - if strings.HasPrefix(routePath, "/api/website") { + if strings.HasPrefix(r.URL.Path, "/api/website") { slugs = append(slugs, "nginx") - } else if strings.HasPrefix(routePath, "/api/container") { + } else if strings.HasPrefix(r.URL.Path, "/api/container") { slugs = append(slugs, "podman", "docker") - } else if strings.HasPrefix(routePath, "/api/apps/") { - pathArr := strings.Split(routePath, "/") + } else if strings.HasPrefix(r.URL.Path, "/api/apps/") { + pathArr := strings.Split(r.URL.Path, "/") if len(pathArr) < 4 { Abort(w, http.StatusForbidden, t.Get("app not found")) return diff --git a/internal/http/middleware/must_login.go b/internal/http/middleware/must_login.go index 8355f905..d9449ab4 100644 --- a/internal/http/middleware/must_login.go +++ b/internal/http/middleware/must_login.go @@ -9,7 +9,6 @@ import ( "slices" "strings" - "github.com/go-chi/chi/v5" "github.com/go-rat/sessions" "github.com/leonelquinteros/gotext" "github.com/spf13/cast" @@ -36,10 +35,8 @@ func MustLogin(t *gotext.Locale, session *sessions.Manager, userToken biz.UserTo return } - routePath := chi.RouteContext(r.Context()).RoutePath - // 对白名单和非 API 请求放行 - if slices.Contains(whiteList, routePath) || !strings.HasPrefix(routePath, "/api") { + if slices.Contains(whiteList, r.URL.Path) || !strings.HasPrefix(r.URL.Path, "/api") { next.ServeHTTP(w, r) return } @@ -47,7 +44,7 @@ func MustLogin(t *gotext.Locale, session *sessions.Manager, userToken biz.UserTo userID := uint(0) if r.Header.Get("Authorization") != "" { // 禁止访问 ws 相关的接口 - if strings.HasPrefix(routePath, "/api/ws") { + if strings.HasPrefix(r.URL.Path, "/api/ws") { Abort(w, http.StatusForbidden, t.Get("ws not allowed")) return }