mirror of
https://github.com/casdoor/casdoor.git
synced 2025-09-07 11:00:28 +08:00
Improve filter code.
This commit is contained in:
Yang Luo
@@ -120,11 +120,11 @@ func (c *ApiController) UploadResource() {
|
|||||||
fullFilePath := c.Input().Get("fullFilePath")
|
fullFilePath := c.Input().Get("fullFilePath")
|
||||||
|
|
||||||
file, header, err := c.GetFile("file")
|
file, header, err := c.GetFile("file")
|
||||||
defer file.Close()
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.ResponseError(err.Error())
|
c.ResponseError(err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
defer file.Close()
|
||||||
|
|
||||||
filename := filepath.Base(fullFilePath)
|
filename := filepath.Base(fullFilePath)
|
||||||
fileBuffer := bytes.NewBuffer(nil)
|
fileBuffer := bytes.NewBuffer(nil)
|
||||||
|
|||||||
@@ -34,7 +34,7 @@ type Object struct {
|
|||||||
func getUsernameByClientIdSecret(ctx *context.Context) string {
|
func getUsernameByClientIdSecret(ctx *context.Context) string {
|
||||||
clientId := ctx.Input.Query("clientId")
|
clientId := ctx.Input.Query("clientId")
|
||||||
clientSecret := ctx.Input.Query("clientSecret")
|
clientSecret := ctx.Input.Query("clientSecret")
|
||||||
if len(clientId) == 0 || len(clientSecret) == 0 {
|
if clientId == "" || clientSecret == "" {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -42,6 +42,7 @@ func getUsernameByClientIdSecret(ctx *context.Context) string {
|
|||||||
if app == nil || app.ClientSecret != clientSecret {
|
if app == nil || app.ClientSecret != clientSecret {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
return "built-in/service"
|
return "built-in/service"
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -56,7 +57,7 @@ func getUsername(ctx *context.Context) (username string) {
|
|||||||
// so we catch the panic
|
// so we catch the panic
|
||||||
username = ctx.Input.Session("username").(string)
|
username = ctx.Input.Session("username").(string)
|
||||||
|
|
||||||
if len(username) == 0 {
|
if username == "" {
|
||||||
username = getUsernameByClientIdSecret(ctx)
|
username = getUsernameByClientIdSecret(ctx)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -79,13 +80,12 @@ func getSubject(ctx *context.Context) (string, string) {
|
|||||||
func getObject(ctx *context.Context) (string, string) {
|
func getObject(ctx *context.Context) (string, string) {
|
||||||
method := ctx.Request.Method
|
method := ctx.Request.Method
|
||||||
if method == http.MethodGet {
|
if method == http.MethodGet {
|
||||||
query := ctx.Request.URL.RawQuery
|
|
||||||
// query == "?id=built-in/admin"
|
// query == "?id=built-in/admin"
|
||||||
idParamValue := parseQuery(query, "id")
|
id := ctx.Input.Query("id")
|
||||||
if idParamValue == "" {
|
if id == "" {
|
||||||
return "", ""
|
return "", ""
|
||||||
}
|
}
|
||||||
return parseSlash(idParamValue)
|
return parseSlash(id)
|
||||||
} else {
|
} else {
|
||||||
body := ctx.Input.RequestBody
|
body := ctx.Input.RequestBody
|
||||||
|
|
||||||
|
|||||||
@@ -16,10 +16,8 @@ package routers
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/url"
|
|
||||||
|
|
||||||
"github.com/astaxie/beego/context"
|
"github.com/astaxie/beego/context"
|
||||||
"github.com/casbin/casdoor/controllers"
|
|
||||||
"github.com/casbin/casdoor/object"
|
"github.com/casbin/casdoor/object"
|
||||||
"github.com/casbin/casdoor/util"
|
"github.com/casbin/casdoor/util"
|
||||||
)
|
)
|
||||||
@@ -43,33 +41,17 @@ func setSessionUser(ctx *context.Context, user string) {
|
|||||||
ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
|
ctx.Input.CruSession.SessionRelease(ctx.ResponseWriter)
|
||||||
}
|
}
|
||||||
|
|
||||||
func returnRequest(ctx *context.Context, msg string) {
|
|
||||||
w := ctx.ResponseWriter
|
|
||||||
w.WriteHeader(200)
|
|
||||||
resp := &controllers.Response{Status: "error", Msg: msg}
|
|
||||||
_, err := w.Write([]byte(util.StructToJson(resp)))
|
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func AutoSigninFilter(ctx *context.Context) {
|
func AutoSigninFilter(ctx *context.Context) {
|
||||||
//if getSessionUser(ctx) != "" {
|
//if getSessionUser(ctx) != "" {
|
||||||
// return
|
// return
|
||||||
//}
|
//}
|
||||||
|
|
||||||
query := ctx.Request.URL.RawQuery
|
|
||||||
queryMap, err := url.ParseQuery(query)
|
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
// "/page?access_token=123"
|
// "/page?access_token=123"
|
||||||
accessToken := queryMap.Get("accessToken")
|
accessToken := ctx.Input.Query("accessToken")
|
||||||
if accessToken != "" {
|
if accessToken != "" {
|
||||||
claims, err := object.ParseJwtToken(accessToken)
|
claims, err := object.ParseJwtToken(accessToken)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
returnRequest(ctx, "Invalid JWT token")
|
responseError(ctx, "invalid JWT token")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -79,13 +61,13 @@ func AutoSigninFilter(ctx *context.Context) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// "/page?username=abc&password=123"
|
// "/page?username=abc&password=123"
|
||||||
userId := queryMap.Get("username")
|
userId := ctx.Input.Query("username")
|
||||||
password := queryMap.Get("password")
|
password := ctx.Input.Query("password")
|
||||||
if userId != "" && password != "" {
|
if userId != "" && password != "" {
|
||||||
owner, name := util.GetOwnerAndNameFromId(userId)
|
owner, name := util.GetOwnerAndNameFromId(userId)
|
||||||
_, msg := object.CheckUserPassword(owner, name, password)
|
_, msg := object.CheckUserPassword(owner, name, password)
|
||||||
if msg != "" {
|
if msg != "" {
|
||||||
returnRequest(ctx, msg)
|
responseError(ctx, msg)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user