mirror of
https://github.com/lkddi/Xboard.git
synced 2026-04-24 20:17:32 +08:00
feat: new xboard
This commit is contained in:
xboard
@@ -3,9 +3,8 @@
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use App\Exceptions\ApiException;
|
||||
use App\Services\AuthService;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
use Closure;
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
|
||||
class Admin
|
||||
{
|
||||
@@ -18,14 +17,15 @@ class Admin
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
$authorization = $request->input('auth_data') ?? $request->header('authorization');
|
||||
if (!$authorization) throw new ApiException('未登录或登陆已过期', 403);
|
||||
if (!Auth::guard('sanctum')->check()) {
|
||||
throw new ApiException('未登录或登陆已过期', 403);
|
||||
}
|
||||
|
||||
$user = Auth::guard('sanctum')->user();
|
||||
if (!$user->is_admin) {
|
||||
throw new ApiException('无管理员权限', 403);
|
||||
}
|
||||
|
||||
$user = AuthService::decryptAuthData($authorization);
|
||||
if (!$user || !$user['is_admin']) throw new ApiException('未登录或登陆已过期',403);
|
||||
$request->merge([
|
||||
'user' => $user
|
||||
]);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,17 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Illuminate\Auth\Middleware\Authenticate as Middleware;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class Authenticate extends Middleware
|
||||
{
|
||||
/**
|
||||
* Get the path the user should be redirected to when they are not authenticated.
|
||||
*/
|
||||
protected function redirectTo(Request $request): ?string
|
||||
{
|
||||
return $request->expectsJson() ? null : null;
|
||||
}
|
||||
}
|
||||
@@ -3,10 +3,9 @@
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use App\Exceptions\ApiException;
|
||||
use App\Utils\CacheKey;
|
||||
use Closure;
|
||||
use App\Models\User;
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
use Illuminate\Support\Facades\Auth;
|
||||
|
||||
class Client
|
||||
{
|
||||
@@ -19,7 +18,7 @@ class Client
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
$token = $request->input('token');
|
||||
$token = $request->input('token', $request->route('token'));
|
||||
if (empty($token)) {
|
||||
throw new ApiException('token is null',403);
|
||||
}
|
||||
@@ -27,9 +26,8 @@ class Client
|
||||
if (!$user) {
|
||||
throw new ApiException('token is error',403);
|
||||
}
|
||||
$request->merge([
|
||||
'user' => $user
|
||||
]);
|
||||
|
||||
Auth::setUser($user);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,54 +1,55 @@
|
||||
<?php
|
||||
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use App\Exceptions\ApiException;
|
||||
use App\Models\Server as ServerModel;
|
||||
use App\Services\ServerService;
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
|
||||
class Server
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
|
||||
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
|
||||
*/
|
||||
public function handle(Request $request, Closure $next, $node_type = null)
|
||||
public function handle(Request $request, Closure $next, ?string $nodeType = null)
|
||||
{
|
||||
$this->validateRequest($request);
|
||||
|
||||
$serverInfo = ServerService::getServer(
|
||||
$request->input('node_id'),
|
||||
$request->input('node_type') ?? $nodeType
|
||||
);
|
||||
if (!$serverInfo) {
|
||||
throw new ApiException('Server does not exist');
|
||||
}
|
||||
|
||||
$request->merge(['node_info' => $serverInfo]);
|
||||
return $next($request);
|
||||
}
|
||||
|
||||
private function validateRequest(Request $request): void
|
||||
{
|
||||
// alias
|
||||
$aliasTypes = [
|
||||
'v2ray' => 'vmess',
|
||||
'hysteria2' => 'hysteria'
|
||||
];
|
||||
$request->validate([
|
||||
'token' => [
|
||||
"string",
|
||||
"required",
|
||||
'string',
|
||||
'required',
|
||||
function ($attribute, $value, $fail) {
|
||||
if ($value !== admin_setting('server_token')) {
|
||||
$fail('The ' . $attribute . ' is invalid.');
|
||||
$fail("Invalid {$attribute}");
|
||||
}
|
||||
},
|
||||
],
|
||||
'node_id' => 'required',
|
||||
'node_type' => [
|
||||
'required',
|
||||
'nullable',
|
||||
'regex:/^(?i)(hysteria|hysteria2|vless|trojan|vmess|v2ray|tuic|shadowsocks|shadowsocks-plugin)$/',
|
||||
function ($attribute, $value, $fail) use ($aliasTypes, $request) {
|
||||
$request->merge([$attribute => strtolower(isset($aliasTypes[$value]) ? $aliasTypes[$value] : $value)]);
|
||||
function ($attribute, $value, $fail) use ($request) {
|
||||
if (!ServerModel::isValidType($value)) {
|
||||
$fail("Invalid node type specified");
|
||||
return;
|
||||
}
|
||||
$request->merge([$attribute => ServerModel::normalizeType($value)]);
|
||||
},
|
||||
]
|
||||
], [
|
||||
'node_type.regex' => 'node_type is error!'
|
||||
]);
|
||||
$nodeInfo = ServerService::getServer($request->input('node_id'), $request->input('node_type') ?? $node_type);
|
||||
if (!$nodeInfo)
|
||||
throw new ApiException('server is not exist!');
|
||||
$request->merge(['node_info' => $nodeInfo]);
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ namespace App\Http\Middleware;
|
||||
|
||||
use App\Exceptions\ApiException;
|
||||
use App\Services\AuthService;
|
||||
use Auth;
|
||||
use Closure;
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
|
||||
@@ -18,14 +19,9 @@ class User
|
||||
*/
|
||||
public function handle($request, Closure $next)
|
||||
{
|
||||
$authorization = $request->input('auth_data') ?? $request->header('authorization');
|
||||
if (!$authorization) throw new ApiException( '未登录或登陆已过期', 403);
|
||||
|
||||
$user = AuthService::decryptAuthData($authorization);
|
||||
if (!$user) throw new ApiException('未登录或登陆已过期', 403);
|
||||
$request->merge([
|
||||
'user' => $user
|
||||
]);
|
||||
if (!Auth::guard('sanctum')->check()) {
|
||||
throw new ApiException('未登录或登陆已过期', 403);
|
||||
}
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user