github/siyuan
4
0
Fork 0
mirror of https://github.com/siyuan-note/siyuan.git synced 2025-05-04 03:19:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

🎨 Authentication supports query parameters token (#9069)

Browse Source
This commit is contained in:
Yingyi / 颖逸 2023-08-29 16:16:33 +08:00 committed by GitHub
parent 2349b080db
commit 2bfefbe885
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
kernel/model/session.go
View File

@ -195,7 +195,7 @@ func CheckAuth(c *gin.Context) {
return return
} }
// 通过 API token // 通过 API token (header: Authorization)
if authHeader := c.GetHeader("Authorization"); "" != authHeader { if authHeader := c.GetHeader("Authorization"); "" != authHeader {
if strings.HasPrefix(authHeader, "Token ") { if strings.HasPrefix(authHeader, "Token ") {
token := strings.TrimPrefix(authHeader, "Token ") token := strings.TrimPrefix(authHeader, "Token ")
@ -210,6 +210,18 @@ func CheckAuth(c *gin.Context) {
} }
} }
// 通过 API token (query-params: token)
if token := c.Query("token"); "" != token {
if Conf.Api.Token == token {
c.Next()
return
}
c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed"})
c.Abort()
return
}
if "/check-auth" == c.Request.URL.Path { // 跳过访问授权页 if "/check-auth" == c.Request.URL.Path { // 跳过访问授权页
c.Next() c.Next()
return return