From a3f026872dc2ab12e294c85c69584e574455d3d7 Mon Sep 17 00:00:00 2001 From: chenyifan01 Date: Wed, 23 Feb 2022 18:14:54 +0800 Subject: [PATCH] #1494 fix --- modules/context/auth.go | 39 +++++++++++++++++++++++++++++++-------- routers/routes/routes.go | 5 +++-- 2 files changed, 34 insertions(+), 10 deletions(-) diff --git a/modules/context/auth.go b/modules/context/auth.go index b374e385b..57fe3350c 100755 --- a/modules/context/auth.go +++ b/modules/context/auth.go @@ -21,13 +21,14 @@ import ( // ToggleOptions contains required or check options type ToggleOptions struct { - SignInRequired bool - SignOutRequired bool - AdminRequired bool - DisableCSRF bool - BasicAuthRequired bool - OperationRequired bool - WechatAuthRequired bool + SignInRequired bool + SignOutRequired bool + AdminRequired bool + DisableCSRF bool + BasicAuthRequired bool + OperationRequired bool + WechatAuthRequired bool + WechatAuthRequiredForAPI bool } // Toggle returns toggle options as middleware @@ -134,11 +135,33 @@ func Toggle(options *ToggleOptions) macaron.Handler { return } if ctx.User.WechatOpenId == "" { - ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL) + redirectUrl := ctx.Query("redirect_to") + if redirectUrl == "" { + redirectUrl = ctx.Req.URL.RequestURI() + } + ctx.SetCookie("redirect_to", setting.AppSubURL+redirectUrl, 0, setting.AppSubURL) ctx.Redirect(setting.AppSubURL + "/authentication/wechat/bind") } } + if setting.WechatAuthSwitch && options.WechatAuthRequiredForAPI { + if !ctx.IsSigned { + ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL) + ctx.Redirect(setting.AppSubURL + "/user/login") + return + } + if ctx.User.WechatOpenId == "" { + redirectUrl := ctx.Query("redirect_to") + if redirectUrl == "" { + redirectUrl = ctx.Req.URL.RequestURI() + } + ctx.SetCookie("redirect_to", setting.AppSubURL+redirectUrl, 0, setting.AppSubURL) + ctx.JSON(200, map[string]interface{}{ + "WechatRedirectUrl": setting.AppSubURL + "/authentication/wechat/bind", + }) + } + } + // Redirect to log in page if auto-signin info is provided and has not signed in. if !options.SignOutRequired && !ctx.IsSigned && !auth.IsAPIPath(ctx.Req.URL.Path) && len(ctx.GetCookie(setting.CookieUserName)) > 0 { diff --git a/routers/routes/routes.go b/routers/routes/routes.go index 7241b8299..319af6f0a 100755 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -276,6 +276,7 @@ func RegisterRoutes(m *macaron.Macaron) { reqSignOut := context.Toggle(&context.ToggleOptions{SignOutRequired: true}) reqBasicAuth := context.Toggle(&context.ToggleOptions{BasicAuthRequired: true, DisableCSRF: true}) reqWechatBind := context.Toggle(&context.ToggleOptions{WechatAuthRequired: true}) + reqWechatBindForApi := context.Toggle(&context.ToggleOptions{WechatAuthRequiredForAPI: true}) bindIgnErr := binding.BindIgnErr validation.AddBindingRules() @@ -985,11 +986,11 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/cloudbrain", func() { m.Group("/:jobid", func() { m.Get("", reqRepoCloudBrainReader, repo.CloudBrainShow) - m.Get("/debug", reqWechatBind, cloudbrain.AdminOrJobCreaterRight, repo.CloudBrainDebug) + m.Get("/debug", reqWechatBindForApi, cloudbrain.AdminOrJobCreaterRight, repo.CloudBrainDebug) m.Post("/commit_image", cloudbrain.AdminOrJobCreaterRight, bindIgnErr(auth.CommitImageCloudBrainForm{}), repo.CloudBrainCommitImage) m.Post("/stop", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.CloudBrainStop) m.Post("/del", cloudbrain.AdminOrOwnerOrJobCreaterRight, repo.CloudBrainDel) - m.Post("/restart", reqWechatBind, cloudbrain.AdminOrJobCreaterRight, repo.CloudBrainRestart) + m.Post("/restart", reqWechatBindForApi, cloudbrain.AdminOrJobCreaterRight, repo.CloudBrainRestart) m.Get("/rate", reqRepoCloudBrainReader, repo.GetRate) m.Get("/models", reqRepoCloudBrainReader, repo.CloudBrainShowModels) m.Get("/download_model", cloudbrain.AdminOrJobCreaterRight, repo.CloudBrainDownloadModel)