From c15e3cc3aecbf63496fe52cf741b1b3c598e11db Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=80=97=E5=AD=90?= <haozi@loli.email>
Date: Sat, 24 May 2025 15:15:57 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BC=98=E5=8C=96=E8=AE=BF=E9=97=AE?=
 =?UTF-8?q?=E5=85=A5=E5=8F=A3=E6=A3=80=E6=9F=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/http/middleware/entrance.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/internal/http/middleware/entrance.go b/internal/http/middleware/entrance.go
index 55ab6d3e..847e8cea 100644
--- a/internal/http/middleware/entrance.go
+++ b/internal/http/middleware/entrance.go
@@ -57,7 +57,9 @@ func Entrance(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager) fu
 			}
 
 			// 情况二：请求路径与入口路径相同或者未设置访问入口，标记通过验证并重定向到登录页面
-			if (strings.TrimSuffix(r.URL.Path, "/") == entrance || entrance == "/") && sess.Missing("verify_entrance") {
+			if (strings.TrimSuffix(r.URL.Path, "/") == entrance || entrance == "/") &&
+				sess.Missing("verify_entrance") &&
+				r.Header.Get("Authorization") == "" {
 				sess.Put("verify_entrance", true)
 				render := chix.NewRender(w, r)
 				defer render.Release()
@@ -71,14 +73,14 @@ func Entrance(t *gotext.Locale, conf *koanf.Koanf, session *sessions.Manager) fu
 				if entrance != "/" {
 					if rctx := chi.RouteContext(r.Context()); rctx != nil {
 						rctx.RoutePath = strings.TrimPrefix(rctx.RoutePath, entrance)
+						r.URL.Path = strings.TrimPrefix(r.URL.Path, entrance)
 					}
-					r.URL.Path = strings.TrimPrefix(r.URL.Path, entrance)
 				}
 				next.ServeHTTP(w, r)
 				return
 			}
 
-			// 情况三：非调试模式且未通过验证的请求，返回错误
+			// 情况四：非调试模式且未通过验证的请求，返回错误
 			if !conf.Bool("app.debug") &&
 				sess.Missing("verify_entrance") &&
 				r.URL.Path != "/robots.txt" {