🎇 md5 and filename

2021-12-02 18:57:29 +08:00 · 2021-12-02 18:57:29 +08:00 · d81ec0637d
commit d81ec0637d
parent 1d7d37e642
4 changed files with 17 additions and 9 deletions
--- a/server/check.go
+++ b/server/check.go
@ -55,7 +55,7 @@ func CheckParent(path string, password string) bool {
 	}
 }
-func CheckDownLink(path string, passwordMd5 string) bool {
+func CheckDownLink(path string, passwordMd5 string, name string) bool {
 	if !conf.CheckDown {
 		return true
 	}
@ -63,7 +63,7 @@ func CheckDownLink(path string, passwordMd5 string) bool {
 	log.Debugf("check down path: %s", path)
 	if err == nil {
 		log.Debugf("check down link: %s,%s", meta.Password, passwordMd5)
-		if meta.Password != "" && utils.Get16MD5Encode(meta.Password) != passwordMd5 {
+		if meta.Password != "" && utils.Get16MD5Encode("alist"+meta.Password+name) != passwordMd5 {
 			return false
 		}
 		return true
@ -74,6 +74,6 @@ func CheckDownLink(path string, passwordMd5 string) bool {
 		if path == "/" {
 			return true
 		}
-		return CheckDownLink(utils.Dir(path), passwordMd5)
+		return CheckDownLink(utils.Dir(path), passwordMd5, name)
 	}
 }
--- a/server/down.go
+++ b/server/down.go
@ -18,7 +18,7 @@ func Down(c *gin.Context) {
 	rawPath = utils.ParsePath(rawPath)
 	log.Debugf("down: %s", rawPath)
 	pw := c.Query("pw")
-	if !CheckDownLink(utils.Dir(rawPath), pw) {
+	if !CheckDownLink(utils.Dir(rawPath), pw, utils.Base(rawPath)) {
 		ErrorResp(c, fmt.Errorf("wrong password"), 401)
 		return
 	}
@ -50,7 +50,7 @@ func Proxy(c *gin.Context) {
 	rawPath = utils.ParsePath(rawPath)
 	log.Debugf("proxy: %s", rawPath)
 	pw := c.Query("pw")
-	if !CheckDownLink(utils.Dir(rawPath), pw) {
+	if !CheckDownLink(utils.Dir(rawPath), pw, utils.Base(rawPath)) {
 		ErrorResp(c, fmt.Errorf("wrong password"), 401)
 		return
 	}
--- a/server/webdav/file.go
+++ b/server/webdav/file.go
@ -80,14 +80,14 @@ func (fs *FileSystem) Files(rawPath string) ([]model.File, error) {
 	return driver.Files(path_, account)
 }
-func GetPW(path string) string {
+func GetPW(path string, name string) string {
 	if !conf.CheckDown {
 		return ""
 	}
 	meta, err := model.GetMetaByPath(path)
 	if err == nil {
 		if meta.Password != "" {
-			utils.Get16MD5Encode(meta.Password)
+			utils.Get16MD5Encode("alist" + meta.Password + name)
 		}
 		return ""
 	} else {
@ -97,7 +97,7 @@ func GetPW(path string) string {
 		if path == "/" {
 			return ""
 		}
-		return GetPW(utils.Dir(path))
+		return GetPW(utils.Dir(path), name)
 	}
 }
@ -119,7 +119,7 @@ func (fs *FileSystem) Link(r *http.Request, rawPath string) (string, error) {
 	if driver.Config().OnlyProxy || account.WebdavProxy {
 		link = fmt.Sprintf("%s://%s/p%s", protocol, r.Host, rawPath)
 		if conf.CheckDown {
-			pw := GetPW(utils.Dir(rawPath))
+			pw := GetPW(utils.Dir(rawPath), utils.Base(rawPath))
 			link += "?pw" + pw
 		}
 	} else {
--- a/utils/file.go
+++ b/utils/file.go
@ -105,4 +105,12 @@ func Dir(path string) string {
 		return path
 	}
 	return path[:idx]
 }
 func Base(path string) string {
 	idx := strings.LastIndex(path, "/")
 	if idx == -1 {
 		return path
 	}
 	return path[idx+1:]
 }