mirror of
https://github.com/MHSanaei/3x-ui.git
synced 2026-05-13 09:36:05 +00:00
61c84e8223
- Vite dev server reads webBasePath from x-ui.db via node:sqlite and injects __X_UI_BASE_PATH__ on every HTML serve, mirroring dist.go. Single broad proxy regex catches backend routes whether the URL is prefixed or not, and the bypass serves login.html for the bare basePath URL so post-logout navigation lands on Vite's own page instead of the production dist HTML's hashed asset URLs. - axios.defaults.baseURL is set from __X_UI_BASE_PATH__ at startup so HttpUtil calls reach the backend's basePath group instead of 404ing on every prefixed install. fetch() for the public CSRF endpoint prepends the prefix manually since it doesn't honor axios defaults. - Logout/redirect responses set Cache-Control: no-store and the index handler's logged-in redirect uses an absolute base_path+panel/ URL, preventing browsers from replaying a stale cached 307 that bounced the user back to /panel/ after logout. - ClearSession also issues a Path=/ deletion cookie when basePath is not "/", so a legacy cookie from an earlier basePath setting can't keep IsLogin returning true after logout. - getPanelUpdateInfo no longer returns a translated error message on GitHub fetch failures, so HttpUtil's auto-popup stays quiet on offline / blocked environments. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
43 lines
1.4 KiB
Go
43 lines
1.4 KiB
Go
// Package controller provides HTTP request handlers and controllers for the 3x-ui web management panel.
|
|
// It handles routing, authentication, and API endpoints for managing Xray inbounds, settings, and more.
|
|
package controller
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/mhsanaei/3x-ui/v2/logger"
|
|
"github.com/mhsanaei/3x-ui/v2/web/locale"
|
|
"github.com/mhsanaei/3x-ui/v2/web/session"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// BaseController provides common functionality for all controllers, including authentication checks.
|
|
type BaseController struct{}
|
|
|
|
// checkLogin is a middleware that verifies user authentication and handles unauthorized access.
|
|
func (a *BaseController) checkLogin(c *gin.Context) {
|
|
if !session.IsLogin(c) {
|
|
if isAjax(c) {
|
|
pureJsonMsg(c, http.StatusUnauthorized, false, I18nWeb(c, "pages.login.loginAgain"))
|
|
} else {
|
|
c.Header("Cache-Control", "no-store")
|
|
c.Redirect(http.StatusTemporaryRedirect, c.GetString("base_path"))
|
|
}
|
|
c.Abort()
|
|
} else {
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// I18nWeb retrieves an internationalized message for the web interface based on the current locale.
|
|
func I18nWeb(c *gin.Context, name string, params ...string) string {
|
|
anyfunc, funcExists := c.Get("I18n")
|
|
if !funcExists {
|
|
logger.Warning("I18n function not exists in gin context!")
|
|
return ""
|
|
}
|
|
i18nFunc, _ := anyfunc.(func(i18nType locale.I18nType, key string, keyParams ...string) string)
|
|
msg := i18nFunc(locale.Web, name, params...)
|
|
return msg
|
|
}
|