3x-ui/web/controller/base.go

package controller

import (
	"fmt"
	"net/http"
    "strings"

	"x-ui/logger"
	"x-ui/web/locale"
	"x-ui/web/session"

	"github.com/gin-gonic/gin"
	"x-ui/web/service"
)

type BaseController struct{
	settingService service.SettingService
}

func (a *BaseController) checkLogin(c *gin.Context) {
	if !session.IsLogin(c) {
		if isAjax(c) {
			pureJsonMsg(c, http.StatusUnauthorized, false, I18nWeb(c, "pages.login.loginAgain"))
		} else {
			c.Redirect(http.StatusTemporaryRedirect, c.GetString("base_path"))
		}
		c.Abort()
	} else {
		c.Next()
	}
}

func I18nWeb(c *gin.Context, name string, params ...string) string {
	anyfunc, funcExists := c.Get("I18n")
	if !funcExists {
		logger.Warning("I18n function not exists in gin context!")
		return ""
	}
	i18nFunc, _ := anyfunc.(func(i18nType locale.I18nType, key string, keyParams ...string) string)
	msg := i18nFunc(locale.Web, name, params...)
	return msg
}

func (a *BaseController) apiTokenGuard(c *gin.Context) {
	bearerToken := c.Request.Header.Get("Authorization")
	tokenParts := strings.Split(bearerToken, " ")
	if len(tokenParts) != 2 {
		pureJsonMsg(c, http.StatusUnauthorized, false, "Invalid token format")
		c.Abort()
		return
	}
	reqToken := tokenParts[1]
	token, err := a.settingService.GetApiToken()

	if err != nil {
		pureJsonMsg(c, http.StatusUnauthorized, false, err.Error())
		c.Abort()
		return
	}

	if reqToken != token {
		pureJsonMsg(c, http.StatusUnauthorized, false, "Auth failed")
		c.Abort()
		return
	}

	userService := service.UserService{}
	user, err := userService.GetFirstUser()
	if err != nil {
		fmt.Println("get current user info failed, error info:", err)
	}

	session.SetSessionUser(c, user)

	c.Next()

	session.ClearSession(c)
}
3x-ui 2023-02-09 19:18:06 +00:00			`package controller`

			`import (`
Added token based auth 2025-02-11 08:10:21 +00:00			`"fmt"`
3x-ui 2023-02-09 19:18:06 +00:00			`"net/http"`
Added token based auth 2025-02-11 08:10:21 +00:00			`"strings"`
Some fixes and improvements (#1997) * [refactor] api controller * [fix] access log path better to not hardcode the access log path, maybe some ppl dont want to use the default ./access.log * [fix] set select options from logs paths in xray settings * [update] .gitignore * [lint] all .go files * [update] use status code for jsonMsg and 401 to unauthorize * [update] handle response status code via axios * [fix] set correct value if log paths is set to 'none' we also use the default value for the paths if its set to none * [fix] iplimit - only warning access log if f2b is installed 2024-03-10 21:31:24 +00:00
update I18n function for controller 2023-05-20 15:19:39 +00:00			`"x-ui/logger"`
			`"x-ui/web/locale"`
3x-ui 2023-02-09 19:18:06 +00:00			`"x-ui/web/session"`
[feature] add sniffing DestOverride options #298 Co-Authored-By: Alireza Ahmadi <alireza7@gmail.com> 2023-04-29 15:17:44 +00:00
			`"github.com/gin-gonic/gin"`
Added token based auth 2025-02-11 08:10:21 +00:00			`"x-ui/web/service"`
3x-ui 2023-02-09 19:18:06 +00:00			`)`

Added token based auth 2025-02-11 08:10:21 +00:00			`type BaseController struct{`
			`settingService service.SettingService`
			`}`
3x-ui 2023-02-09 19:18:06 +00:00
			`func (a BaseController) checkLogin(c gin.Context) {`
			`if !session.IsLogin(c) {`
			`if isAjax(c) {`
Some fixes and improvements (#1997) * [refactor] api controller * [fix] access log path better to not hardcode the access log path, maybe some ppl dont want to use the default ./access.log * [fix] set select options from logs paths in xray settings * [update] .gitignore * [lint] all .go files * [update] use status code for jsonMsg and 401 to unauthorize * [update] handle response status code via axios * [fix] set correct value if log paths is set to 'none' we also use the default value for the paths if its set to none * [fix] iplimit - only warning access log if f2b is installed 2024-03-10 21:31:24 +00:00			`pureJsonMsg(c, http.StatusUnauthorized, false, I18nWeb(c, "pages.login.loginAgain"))`
3x-ui 2023-02-09 19:18:06 +00:00			`} else {`
			`c.Redirect(http.StatusTemporaryRedirect, c.GetString("base_path"))`
			`}`
			`c.Abort()`
			`} else {`
			`c.Next()`
			`}`
			`}`

rename I18n to I18nWeb 2023-05-20 22:59:27 +00:00			`func I18nWeb(c *gin.Context, name string, params ...string) string {`
update I18n function for controller 2023-05-20 15:19:39 +00:00			`anyfunc, funcExists := c.Get("I18n")`
			`if !funcExists {`
			`logger.Warning("I18n function not exists in gin context!")`
			`return ""`
			`}`
			`i18nFunc, _ := anyfunc.(func(i18nType locale.I18nType, key string, keyParams ...string) string)`
			`msg := i18nFunc(locale.Web, name, params...)`
			`return msg`
3x-ui 2023-02-09 19:18:06 +00:00			`}`
Added token based auth 2025-02-11 08:10:21 +00:00
			`func (a BaseController) apiTokenGuard(c gin.Context) {`
Fix ident 2025-02-11 08:41:17 +00:00			`bearerToken := c.Request.Header.Get("Authorization")`
			`tokenParts := strings.Split(bearerToken, " ")`
			`if len(tokenParts) != 2 {`
Added token based auth 2025-02-11 08:10:21 +00:00			`pureJsonMsg(c, http.StatusUnauthorized, false, "Invalid token format")`
Fix ident 2025-02-11 08:41:17 +00:00			`c.Abort()`
			`return`
			`}`
			`reqToken := tokenParts[1]`
Added token based auth 2025-02-11 08:10:21 +00:00			`token, err := a.settingService.GetApiToken()`

			`if err != nil {`
			`pureJsonMsg(c, http.StatusUnauthorized, false, err.Error())`
			`c.Abort()`
			`return`
			`}`

			`if reqToken != token {`
Fix ident 2025-02-11 08:41:17 +00:00			`pureJsonMsg(c, http.StatusUnauthorized, false, "Auth failed")`
Added token based auth 2025-02-11 08:10:21 +00:00			`c.Abort()`
			`return`
			`}`

			`userService := service.UserService{}`
			`user, err := userService.GetFirstUser()`
			`if err != nil {`
			`fmt.Println("get current user info failed, error info:", err)`
			`}`

			`session.SetSessionUser(c, user)`

Fix ident 2025-02-11 08:41:17 +00:00			`c.Next()`
Added token based auth 2025-02-11 08:10:21 +00:00
			`session.ClearSession(c)`
			`}`