ProjectHentai/alist
6
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: fs link api

Browse Source
This commit is contained in:
Noah Hsu
2022-06-29 16:08:55 +08:00
parent f275f83de0
commit 40548926e6
11 changed files with 174 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
server/middlewares/auth.go
View File

@ -1,6 +1,7 @@
package middlewares
import (
"github.com/alist-org/alist/v3/internal/conf"
"github.com/alist-org/alist/v3/internal/db"
"github.com/alist-org/alist/v3/internal/model"
"github.com/alist-org/alist/v3/internal/setting"
@ -12,7 +13,7 @@ import (
// if token is empty, set user to guest
func Auth(c *gin.Context) {
token := c.GetHeader("Authorization")
if token == setting.GetByKey("token") {
if token == setting.GetByKey(conf.Token) {
admin, err := db.GetAdmin()
if err != nil {
common.ErrorResp(c, err, 500)
@ -59,3 +60,13 @@ func AuthAdmin(c *gin.Context) {
c.Next()
}
}
func AuthWrite(c *gin.Context) {
user := c.MustGet("user").(*model.User)
if !user.IsAdmin() && user.ReadOnly {
common.ErrorStrResp(c, "You have no write access", 403)
c.Abort()
} else {
c.Next()
}
}