☁️ origin

.github/workflows/build.yml

@@ -1,4 +1,4 @@
-name: Build
+name: build
 
 on:
   push:

.github/workflows/release.yml

@@ -1,4 +1,4 @@
-name: Release
+name: release
 on:
   push:
     tags:

README.md

@@ -3,7 +3,7 @@
 </p>
 <p align="center">
   <a href="https://github.com/Xhofe/alist/releases"><img src="https://img.shields.io/github/release/Xhofe/alist" alt="Release version"></a>
-  <a href="https://github.com/Xhofe/alist/actions?query=workflow%3ABuild"><img src="https://github.com/Xhofe/alist/workflows/Build/badge.svg" alt="Build status"></a>
+  <a href="https://github.com/Xhofe/alist/actions?query=workflow%3ABuild"><img src="https://github.com/Xhofe/alist/workflows/build/badge.svg" alt="Build status"></a>
   <a href="https://github.com/Xhofe/alist/releases"><img src="https://img.shields.io/github/downloads/Xhofe/alist/latest/total" alt="Downloads"></a>
   <a href="https://github.com/Xhofe/alist/blob/main/LICENSE"><img src="https://img.shields.io/github/license/Xhofe/alist" alt="License"></a>
   <a href="https://pay.xhofe.top">
@@ -42,17 +42,16 @@
 #### TODO
 
 - [x] 排序
-- [ ] 文件预览
+- [x] 文件预览
   - [x] 图片
   - [x] 视频 
   - [x] 音频
-  - [ ] 文档
 - [x] `Readme`渲染
 - [x] 密码加密
 - [ ] 搜索与翻页
-- [ ] 文件直链
+- [x] 文件直链
 - [ ] 路径优化
-- [ ] 缓存
+- [x] 缓存
 
 ### 如何使用
 

alidrive/auth.go

@@ -12,7 +12,7 @@ func TokenLogin() (*TokenLoginResp, error) {
 	log.Infof("尝试使用token登录...")
 	url:="https://auth.aliyundrive.com/v2/oauth/token_login"
 	req:=TokenLoginReq{Token:conf.Conf.AliDrive.LoginToken}
-	log.Debugf("token_login_req:%v",req)
+	log.Debugf("token_login_req:%+v",req)
 	var tokenLogin TokenLoginResp
 	if body, err := DoPost(url, req,false); err != nil {
 		log.Errorf("tokenLogin-doPost出错:%s",err.Error())

alidrive/request.go

@@ -146,7 +146,7 @@ func DoPost(url string,request interface{},auth bool) (body []byte, err error) {
 		log.Errorf("创建requestBody出错:%s",err.Error())
 	}
 	req,err:=http.NewRequest("POST",url,requestBody)
-	log.Debugf("do_post_req:%v",req)
+	log.Debugf("do_post_req:%+v",req)
 	if err != nil {
 		log.Errorf("创建request出错:%s",err.Error())
 		return

bootstrap/alidrive.go

@@ -24,13 +24,13 @@ func InitAliDrive() bool {
 	}else {
 		conf.Authorization=conf.Bearer+conf.Conf.AliDrive.AccessToken
 	}
-	log.Infof("token:%s",conf.Authorization)
+	log.Debugf("token:%s",conf.Authorization)
 	user,err:=alidrive.GetUserInfo()
 	if err != nil {
 		log.Errorf("初始化用户失败:%s",err.Error())
 		return false
 	}
-	log.Infof("当前用户信息:%v",user)
+	log.Infof("当前用户信息:%+v",user)
 	alidrive.User=user
 	return true
 }

bootstrap/cmd.go

@@ -39,6 +39,7 @@ func printASC()  {
 func start() {
 	InitLog()
 	printASC()
+	CheckUpdate()
 	if !ReadConf(conf.Con) {
 		log.Errorf("读取配置文件时出现错误,启动失败.")
 		return

bootstrap/config.go

@@ -6,6 +6,7 @@ import (
 	log "github.com/sirupsen/logrus"
 	"gopkg.in/yaml.v2"
 	"io/ioutil"
+	"strings"
 )
 
 func ReadConf(config string) bool {
@@ -24,6 +25,7 @@ func ReadConf(config string) bool {
 		log.Errorf("加载配置文件时发生错误:%s",err.Error())
 		return false
 	}
-	log.Debugf("config:%v",conf.Conf)
+	log.Debugf("config:%+v",conf.Conf)
+	conf.Origins = strings.Split(conf.Conf.Server.SiteUrl,",")
 	return true
 }

bootstrap/update.go

@@ -0,0 +1,45 @@
+package bootstrap
+
+import (
+	"encoding/json"
+	"github.com/Xhofe/alist/conf"
+	"github.com/Xhofe/alist/utils"
+	log "github.com/sirupsen/logrus"
+	"io/ioutil"
+	"net/http"
+)
+
+type GithubRelease struct {
+	TagName	string `json:"tag_name"`
+	HtmlUrl	string `json:"html_url"`
+	Body	string `json:"body"`
+}
+
+func CheckUpdate() {
+	log.Infof("检查更新...")
+	url:="https://api.github.com/repos/Xhofe/alist/releases/latest"
+	resp,err:=http.Get(url)
+	if err!=nil {
+		log.Warnf("检查更新失败:%s",err.Error())
+		return
+	}
+	body,err:=ioutil.ReadAll(resp.Body)
+	if err!=nil {
+		log.Warnf("读取更新内容失败:%s",err.Error())
+		return
+	}
+	var release GithubRelease
+	err = json.Unmarshal(body,&release)
+	if err!=nil {
+		log.Warnf("解析更新失败:%s",err.Error())
+		return
+	}
+	lasted:=release.TagName[1:]
+	now:=conf.VERSION[1:]
+	if utils.VersionCompare(lasted,now) != 1 {
+		log.Infof("当前已是最新版本:%s",conf.VERSION)
+	}else {
+		log.Infof("发现新版本:%s",release.TagName)
+		log.Infof("请至'%s'获取更新.",release.HtmlUrl)
+	}
+}

conf.yml.example

@@ -1,19 +1,27 @@
 info:
   title: AList #标题
-  site_url: http://localhost:5277 #前端地址
-  backend_url: http://localhost:5244 #后端地址
   logo: "" #网站logo 如果填写,则会替换掉默认的
   footer_text: Xhofe's Blog #网页底部文字
   footer_url: https://www.nn.ci #网页底部文字链接
   music_img: https://img.oez.cc/2020/12/19/0f8b57866bdb5.gif #预览音乐文件时的图片
+  check_update: true #前端是否显示更新
+  script: #自定义脚本,可以是脚本的链接，也可以直接是脚本内容,如document.querySelector('body').style="background-image:url('https://api.mtyqx.cn/api/random.php');background-attachment:fixed"
+  autoplay: true #视频是否自动播放
+    preview:
+      url: https://view.alist.nn.ci/onlinePreview?url= #extensions中包含的后缀名预览的地址，默认使用了kkFileView，可以自行搭建
+      pre_process: [base64,encodeURIComponent] #对地址的处理，支持base64,encodeURIComponent,encodeURI
+      extensions: [doc,docx,ppt,pptx,xls,xlsx,pdf] #使用上面的url预览的文件后缀
+      text: [txt,htm,html,xml,java,properties,sql,js,md,json,conf,ini,vue,php,py,bat,gitignore,yml,go,sh,c,cpp,h,hpp] #要预览的文本文件的后缀，可以自行添加
+      max_size: 5242880
 server:
   port: "5244" #程序监听端口
   search: true #是否开启搜索接口,开启搜索之后密码和根目录都会失效,所以前端暂时不做搜索
   static: dist #前端文件目录
+  site_url: '*' #建议直接填*,若有信任域名要求,可填写其他,逗号分割
 cache:
   enable: true #是否开启缓存
-  expiration: 5 #缓存失效时间(单位:分钟)
-  cleanup_interval: 10 #清理失效缓存间隔
+  expiration: 60 #缓存失效时间(单位:分钟)
+  cleanup_interval: 120 #清理失效缓存间隔
   refresh_password: password #手动清理缓存密码
 ali_drive:
   api_url: https://api.aliyundrive.com/v2 #阿里云盘api,无需修改

conf/config.go

@@ -3,17 +3,26 @@ package conf
 type Config struct {
 	Info struct{
 		Title			string		`yaml:"title" json:"title"`
-		SiteUrl 		string 		`yaml:"site_url" json:"site_url"`//网站url
-		BackendUrl		string		`yaml:"backend_url" json:"backend_url"`//后端地址
 		Logo			string		`yaml:"logo" json:"logo"`
 		FooterText		string		`yaml:"footer_text" json:"footer_text"`
 		FooterUrl		string		`yaml:"footer_url" json:"footer_url"`
 		MusicImg		string		`yaml:"music_img" json:"music_img"`
+		CheckUpdate		bool		`yaml:"check_update" json:"check_update"`
+		Script			string 		`yaml:"script" json:"script"`
+		Autoplay		bool		`yaml:"autoplay" json:"autoplay"`
+		Preview	struct{
+			Url			string		`yaml:"url" json:"url"`
+			PreProcess	[]string	`yaml:"pre_process" json:"pre_process"`
+			Extensions	[]string	`yaml:"extensions" json:"extensions"`
+			Text		[]string	`yaml:"text" json:"text"`
+			MaxSize		int			`yaml:"max_size" json:"max_size"`
+		}	`yaml:"preview" json:"preview"`
 	}	`yaml:"info"`
 	Server struct{
 		Port 			string 		`yaml:"port"`//端口
 		Search			bool		`yaml:"search" json:"search"`//允许搜索
 		Static			string		`yaml:"static"`
+		SiteUrl 		string 		`yaml:"site_url" json:"site_url"`//网站url
 	}	`yaml:"server"`
 	Cache struct{
 		Enable			bool		`yaml:"enable"`

conf/const.go

@@ -13,12 +13,14 @@ var(
 	Authorization string
 
 	Cache *cache.Cache
+
+	Origins []string
 )
 
 var Conf = new(Config)
 
 const (
-	VERSION="0.1.0"
+	VERSION="v0.1.5"
 
 	ImageThumbnailProcess="image/resize,w_50"
 	VideoThumbnailProcess="video/snapshot,t_0,f_jpg,w_50"

server/controllers/common.go

@@ -2,7 +2,7 @@ package controllers
 
 import "github.com/gin-gonic/gin"
 
-func metaResponse(code int, msg string) gin.H {
+func MetaResponse(code int, msg string) gin.H {
 	return gin.H{
 		"meta":gin.H{
 			"code":code,
@@ -11,7 +11,7 @@ func metaResponse(code int, msg string) gin.H {
 	}
 }
 
-func dataResponse(data interface{}) gin.H {
+func DataResponse(data interface{}) gin.H {
 	return gin.H{
 		"meta":gin.H{
 			"code":200,

server/controllers/get.go

@@ -1,70 +1,69 @@
 package controllers
 
 import (
-	"fmt"
 	"github.com/Xhofe/alist/alidrive"
-	"github.com/Xhofe/alist/conf"
 	"github.com/gin-gonic/gin"
-	"github.com/patrickmn/go-cache"
 	log "github.com/sirupsen/logrus"
 	"strings"
 )
 
+// 因为下载地址有时效，所以去掉了文件请求和直链的缓存
+
 func Get(c *gin.Context) {
 	var get alidrive.GetReq
 	if err := c.ShouldBindJSON(&get); err != nil {
-		c.JSON(200,metaResponse(400,"Bad Request"))
+		c.JSON(200, MetaResponse(400,"Bad Request"))
 		return
 	}
-	log.Debugf("get:%v",get)
+	log.Debugf("get:%+v",get)
 	// cache
-	cacheKey:=fmt.Sprintf("%s-%s","g",get.FileId)
-	if conf.Conf.Cache.Enable {
-		file,exist:=conf.Cache.Get(cacheKey)
-		if exist {
-			log.Debugf("使用了缓存:%s",cacheKey)
-			c.JSON(200,dataResponse(file))
-			return
-		}
-	}
+	//cacheKey:=fmt.Sprintf("%s-%s","g",get.FileId)
+	//if conf.Conf.Cache.Enable {
+	//	file,exist:=conf.Cache.Get(cacheKey)
+	//	if exist {
+	//		log.Debugf("使用了缓存:%s",cacheKey)
+	//		c.JSON(200,DataResponse(file))
+	//		return
+	//	}
+	//}
 	file,err:=alidrive.GetFile(get.FileId)
 	if err !=nil {
-		c.JSON(200,metaResponse(500,err.Error()))
+		c.JSON(200, MetaResponse(500,err.Error()))
 		return
 	}
 	paths,err:=alidrive.GetPaths(get.FileId)
 	if err!=nil {
-		c.JSON(200,metaResponse(500,err.Error()))
+		c.JSON(200, MetaResponse(500,err.Error()))
 		return
 	}
 	file.Paths=*paths
-	if conf.Conf.Cache.Enable {
-		conf.Cache.Set(cacheKey,file,cache.DefaultExpiration)
-	}
-	c.JSON(200,dataResponse(file))
+	//if conf.Conf.Cache.Enable {
+	//	conf.Cache.Set(cacheKey,file,cache.DefaultExpiration)
+	//}
+	c.JSON(200, DataResponse(file))
 }
 
 func Down(c *gin.Context) {
 	fileIdParam:=c.Param("file_id")
 	log.Debugf("down:%s",fileIdParam)
 	fileId:=strings.Split(fileIdParam,"/")[1]
-	cacheKey:=fmt.Sprintf("%s-%s","d",fileId)
-	if conf.Conf.Cache.Enable {
-		downloadUrl,exist:=conf.Cache.Get(cacheKey)
-		if exist {
-			log.Debugf("使用了缓存:%s",cacheKey)
-			c.Redirect(301,downloadUrl.(string))
-			return
-		}
-	}
+	//cacheKey:=fmt.Sprintf("%s-%s","d",fileId)
+	//if conf.Conf.Cache.Enable {
+	//	downloadUrl,exist:=conf.Cache.Get(cacheKey)
+	//	if exist {
+	//		log.Debugf("使用了缓存:%s",cacheKey)
+	//		c.Redirect(301,downloadUrl.(string))
+	//		return
+	//	}
+	//}
 	file,err:=alidrive.GetFile(fileId)
 	if err != nil {
-		c.JSON(200, metaResponse(500,err.Error()))
+		c.JSON(200, MetaResponse(500,err.Error()))
 		return
 	}
-	if conf.Conf.Cache.Enable {
-		conf.Cache.Set(cacheKey,file.DownloadUrl,cache.DefaultExpiration)
-	}
+	//if conf.Conf.Cache.Enable {
+	//	conf.Cache.Set(cacheKey,file.DownloadUrl,cache.DefaultExpiration)
+	//}
 	c.Redirect(301,file.DownloadUrl)
 	return
 }

server/controllers/list.go

@@ -9,20 +9,25 @@ import (
 	log "github.com/sirupsen/logrus"
 )
 
+type ListReq struct {
+	Password	string	`json:"password"`
+	alidrive.ListReq
+}
+
 func List(c *gin.Context) {
 	var list ListReq
 	if err := c.ShouldBindJSON(&list);err!=nil {
-		c.JSON(200, metaResponse(400,"Bad Request"))
+		c.JSON(200, MetaResponse(400,"Bad Request"))
 		return
 	}
-	log.Debugf("list:%v",list)
+	log.Debugf("list:%+v",list)
 	// cache
 	cacheKey:=fmt.Sprintf("%s-%s-%s","l",list.ParentFileId,list.Password)
 	if conf.Conf.Cache.Enable {
 		files,exist:=conf.Cache.Get(cacheKey)
 		if exist {
 			log.Debugf("使用了缓存:%s",cacheKey)
-			c.JSON(200, dataResponse(files))
+			c.JSON(200, DataResponse(files))
 			return
 		}
 	}
@@ -42,21 +47,21 @@ func List(c *gin.Context) {
 		files,err=alidrive.GetList(list.ParentFileId,list.Limit,list.Marker,list.OrderBy,list.OrderDirection)
 	}
 	if err!=nil {
-		c.JSON(200, metaResponse(500,err.Error()))
+		c.JSON(200, MetaResponse(500,err.Error()))
 		return
 	}
 	password:=alidrive.HasPassword(files)
 	if password!="" && password!=list.Password {
 		if list.Password=="" {
-			c.JSON(200, metaResponse(401,"need password."))
+			c.JSON(200, MetaResponse(401,"need password."))
 			return
 		}
-		c.JSON(200, metaResponse(401,"wrong password."))
+		c.JSON(200, MetaResponse(401,"wrong password."))
 		return
 	}
 	paths,err:=alidrive.GetPaths(list.ParentFileId)
 	if err!=nil {
-		c.JSON(200, metaResponse(500,err.Error()))
+		c.JSON(200, MetaResponse(500,err.Error()))
 		return
 	}
 	files.Paths=*paths
@@ -64,5 +69,5 @@ func List(c *gin.Context) {
 	if conf.Conf.Cache.Enable {
 		conf.Cache.Set(cacheKey,files,cache.DefaultExpiration)
 	}
-	c.JSON(200, dataResponse(files))
+	c.JSON(200, DataResponse(files))
 }

server/controllers/req_bean.go

@@ -1,8 +0,0 @@
-package controllers
-
-import "github.com/Xhofe/alist/alidrive"
-
-type ListReq struct {
-	Password	string	`json:"password"`
-	alidrive.ListReq
-}

server/controllers/search.go

@@ -11,22 +11,22 @@ import (
 
 func Search(c *gin.Context) {
 	if !conf.Conf.Server.Search {
-		c.JSON(200, metaResponse(403,"Not allow search."))
+		c.JSON(200, MetaResponse(403,"Not allow search."))
 		return
 	}
 	var search alidrive.SearchReq
 	if err := c.ShouldBindJSON(&search); err != nil {
-		c.JSON(200, metaResponse(400,"Bad Request"))
+		c.JSON(200, MetaResponse(400,"Bad Request"))
 		return
 	}
-	log.Debugf("search:%v",search)
+	log.Debugf("search:%+v",search)
 	// cache
 	cacheKey:=fmt.Sprintf("%s-%s","s",search.Query)
 	if conf.Conf.Cache.Enable {
 		files,exist:=conf.Cache.Get(cacheKey)
 		if exist {
 			log.Debugf("使用了缓存:%s",cacheKey)
-			c.JSON(200, dataResponse(files))
+			c.JSON(200, DataResponse(files))
 			return
 		}
 	}
@@ -39,11 +39,11 @@ func Search(c *gin.Context) {
 	//}
 	files,err:=alidrive.Search(search.Query,search.Limit,search.OrderBy)
 	if err != nil {
-		c.JSON(200, metaResponse(500,err.Error()))
+		c.JSON(200, MetaResponse(500,err.Error()))
 		return
 	}
 	if conf.Conf.Cache.Enable {
 		conf.Cache.Set(cacheKey,files,cache.DefaultExpiration)
 	}
-	c.JSON(200, dataResponse(files))
+	c.JSON(200, DataResponse(files))
 }

server/controllers/utils.go

@@ -6,7 +6,7 @@ import (
 )
 
 func Info(c *gin.Context) {
-	c.JSON(200, dataResponse(conf.Conf.Info))
+	c.JSON(200, DataResponse(conf.Conf.Info))
 }
 
 func RefreshCache(c *gin.Context) {
@@ -14,12 +14,12 @@ func RefreshCache(c *gin.Context) {
 	if conf.Conf.Cache.Enable {
 		if password == conf.Conf.Cache.RefreshPassword {
 			conf.Cache.Flush()
-			c.JSON(200,metaResponse(200,"flush success."))
+			c.JSON(200, MetaResponse(200,"flush success."))
 			return
 		}
-		c.JSON(200,metaResponse(401,"wrong password."))
+		c.JSON(200, MetaResponse(401,"wrong password."))
 		return
 	}
-	c.JSON(200,metaResponse(400,"disabled cache."))
+	c.JSON(200, MetaResponse(400,"disabled cache."))
 	return
 }

server/middlewares.go

@@ -2,26 +2,34 @@ package server
 
 import (
 	"github.com/Xhofe/alist/conf"
+	"github.com/Xhofe/alist/server/controllers"
+	"github.com/Xhofe/alist/utils"
 	"github.com/gin-gonic/gin"
-	"net/http"
 )
 
 func CrosHandler() gin.HandlerFunc {
 	return func(context *gin.Context) {
-		method := context.Request.Method
-		context.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		context.Header("Access-Control-Allow-Origin", conf.Conf.Info.SiteUrl) // 设置允许访问所有域
-		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
-		context.Header("Access-Control-Allow-Headers", "Authorization, Content-Length, X-CSRF-Token, Token,session,X_Requested_With,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language,DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Pragma,token,openid,opentoken")
-		context.Header("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified,Pragma,FooBar")
-		context.Header("Access-Control-Max-Age", "172800")
-		context.Header("Access-Control-Allow-Credentials", "true")
-		//context.Set("content-type", "application/json")  //设置返回格式是json
-
-		if method == "OPTIONS" {
-			context.JSON(http.StatusOK, gin.H{})
+		origin:=context.GetHeader("Origin")
+		// 同源
+		if origin == "" {
+			context.Next()
+			return
+		}
+		method := context.Request.Method
+		// 设置跨域
+		context.Header("Access-Control-Allow-Origin",origin)
+		context.Header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE,UPDATE")
+		context.Header("Access-Control-Allow-Headers", "Content-Length,session,Accept, Origin, Host, Connection, Accept-Encoding, Accept-Language, Keep-Alive, User-Agent, Cache-Control, Content-Type")
+		context.Header("Access-Control-Expose-Headers", "Content-Length,Cache-Control,Content-Language,Content-Type,Expires,Last-Modified")
+		context.Header("Access-Control-Max-Age", "172800")
+		// 信任域名
+		if conf.Conf.Server.SiteUrl!="*"&&utils.ContainsString(conf.Origins,context.GetHeader("Origin"))==-1 {
+			context.JSON(200,controllers.MetaResponse(413,"The origin is not in the site_url list, please configure it correctly."))
+			context.Abort()
+		}
+		if method == "OPTIONS" {
+			context.AbortWithStatus(204)
 		}
-
 		//处理请求
 		context.Next()
 	}

utils/check.go

@@ -3,6 +3,8 @@ package utils
 import (
 	log "github.com/sirupsen/logrus"
 	"net/url"
+	"strconv"
+	"strings"
 )
 
 func GetCode(rawUrl string) string {
@@ -13,4 +15,41 @@ func GetCode(rawUrl string) string {
 	}
 	code:=u.Query().Get("code")
 	return code
+}
+
+func ContainsString(array []string, val string) (index int) {
+	index = -1
+	for i := 0; i < len(array); i++ {
+		if array[i] == val {
+			index = i
+			return
+		}
+	}
+	return
+}
+
+func VersionCompare(version1, version2 string) int {
+	a := strings.Split(version1, ".")
+	b := strings.Split(version2, ".")
+	flag := 1
+	if len(a) > len(b) {
+		a, b = b, a
+		flag = -1
+	}
+	for i := range a {
+		x, _ := strconv.Atoi(a[i])
+		y, _ := strconv.Atoi(b[i])
+		if x < y {
+			return -1 * flag
+		} else if x > y {
+			return 1 * flag
+		}
+	}
+	for _, v:= range b[len(a):] {
+		y, _ := strconv.Atoi(v)
+		if y > 0 {
+			return -1 * flag
+		}
+	}
+	return 0
 }