kefu/middleware/domain_limit.go

package middleware

import (
	"github.com/gin-gonic/gin"
	"github.com/tidwall/gjson"
	"io/ioutil"
	"kefu/common"
	"kefu/models"
	"kefu/tools"
	"log"
	"strings"
)

/*
*
域名中间件
*/
func DomainLimitMiddleware(c *gin.Context) {
	//离线或者远程
	// if !CheckSystemAuthCode(c) && !CheckBindOffcial(c) {
	// 	c.Abort()
	// 	return
	// }

}

// 验证离线本地授权码
func CheckSystemAuthCode(c *gin.Context) bool {
	authCode := models.FindConfig("SystemAuthCode")
	privateKey := common.RsaPrivateKey
	if authCode == "" {
		authCodeByte, err := ioutil.ReadFile(common.RootPath + "/authorization")
		if err != nil || string(authCodeByte) == "" {
			log.Println("离线授权码本地文件错误:", err)
			return false
		}
		authCode = string(authCodeByte)
	}
	rsa := tools.NewRsa("", privateKey)
	decContent, _ := tools.Base64Decode2(authCode)
	jsonByte, err := rsa.Decrypt(decContent)
	if err != nil {
		log.Println("离线授权码解析失败:", err)
		jsonByte = []byte("")
	}
	allowHost := gjson.Get(string(jsonByte), "host").String()
	if allowHost == "" {
		log.Println("离线授权码解析字段失败")
		return false
	}
	domains := strings.Split(allowHost, "|")

	// 去除协议部分
	if strings.HasPrefix(c.Request.Host, "http://") {
		c.Request.Host = strings.TrimPrefix(c.Request.Host, "http://")
	} else if strings.HasPrefix(c.Request.Host, "https://") {
		c.Request.Host = strings.TrimPrefix(c.Request.Host, "https://")
	}
	// 去除末尾的斜杠
	c.Request.Host = strings.TrimSuffix(c.Request.Host, "/")

	for _, domain := range domains {
		if tools.IsMatchingDomain(domain, c.Request.Host) {
			return true
		}
	}
	//if !strings.Contains(allowHost, c.Request.Host) {
	//	log.Println("离线授权码域名不一致:", allowHost, c.Request.Host)
	//	return false
	//}
	log.Println("离线授权码域名不一致:", allowHost, c.Request.Host)
	return false
}

// 绑定官网账户
func CheckBindOffcial(c *gin.Context) bool {
	res, err := tools.HTTPGet("https://gofly.v1kf.com/2/isBindOfficial")
	if err != nil {
		log.Println("离线授权码失败,认证连接失败")
		c.Redirect(302, "/bind")
		c.Abort()
	}
	if string(res) != "success" {
		c.Redirect(302, "/bind")
		c.Abort()
	}
	return true
}
第一次 2024-12-10 02:50:12 +00:00			`package middleware`

			`import (`
			`"github.com/gin-gonic/gin"`
			`"github.com/tidwall/gjson"`
			`"io/ioutil"`
			`"kefu/common"`
			`"kefu/models"`
			`"kefu/tools"`
			`"log"`
			`"strings"`
			`)`

			`/*`
			`*`
			`域名中间件`
			`*/`
			`func DomainLimitMiddleware(c *gin.Context) {`
			`//离线或者远程`
			`// if !CheckSystemAuthCode(c) && !CheckBindOffcial(c) {`
			`// c.Abort()`
			`// return`
			`// }`

			`}`

			`// 验证离线本地授权码`
			`func CheckSystemAuthCode(c *gin.Context) bool {`
			`authCode := models.FindConfig("SystemAuthCode")`
			`privateKey := common.RsaPrivateKey`
			`if authCode == "" {`
			`authCodeByte, err := ioutil.ReadFile(common.RootPath + "/authorization")`
			`if err != nil \|\| string(authCodeByte) == "" {`
			`log.Println("离线授权码本地文件错误:", err)`
			`return false`
			`}`
			`authCode = string(authCodeByte)`
			`}`
			`rsa := tools.NewRsa("", privateKey)`
			`decContent, _ := tools.Base64Decode2(authCode)`
			`jsonByte, err := rsa.Decrypt(decContent)`
			`if err != nil {`
			`log.Println("离线授权码解析失败:", err)`
			`jsonByte = []byte("")`
			`}`
			`allowHost := gjson.Get(string(jsonByte), "host").String()`
			`if allowHost == "" {`
			`log.Println("离线授权码解析字段失败")`
			`return false`
			`}`
			`domains := strings.Split(allowHost, "\|")`

			`// 去除协议部分`
			`if strings.HasPrefix(c.Request.Host, "http://") {`
			`c.Request.Host = strings.TrimPrefix(c.Request.Host, "http://")`
			`} else if strings.HasPrefix(c.Request.Host, "https://") {`
			`c.Request.Host = strings.TrimPrefix(c.Request.Host, "https://")`
			`}`
			`// 去除末尾的斜杠`
			`c.Request.Host = strings.TrimSuffix(c.Request.Host, "/")`

			`for _, domain := range domains {`
			`if tools.IsMatchingDomain(domain, c.Request.Host) {`
			`return true`
			`}`
			`}`
			`//if !strings.Contains(allowHost, c.Request.Host) {`
			`// log.Println("离线授权码域名不一致:", allowHost, c.Request.Host)`
			`// return false`
			`//}`
			`log.Println("离线授权码域名不一致:", allowHost, c.Request.Host)`
			`return false`
			`}`

			`// 绑定官网账户`
			`func CheckBindOffcial(c *gin.Context) bool {`
			`res, err := tools.HTTPGet("https://gofly.v1kf.com/2/isBindOfficial")`
			`if err != nil {`
			`log.Println("离线授权码失败,认证连接失败")`
			`c.Redirect(302, "/bind")`
			`c.Abort()`
			`}`
			`if string(res) != "success" {`
			`c.Redirect(302, "/bind")`
			`c.Abort()`
			`}`
			`return true`
			`}`