0ct0pu5/siyuan
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

🐛 Authentication middleware compatible (#9720)

Browse source
This commit is contained in:
Yingyi / 颖逸 2023-11-22 16:55:44 +08:00 committed by GitHub
parent 1e9a00a039
commit f38c52292b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 25 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
kernel/model/session.go
View file

@ -162,6 +162,12 @@ func CheckAuth(c *gin.Context) {
// 未设置访问授权码
if "" == Conf.AccessAuthCode {
// Skip the empty access authorization code check https://github.com/siyuan-note/siyuan/issues/9709
if util.SIYUAN_ACCESS_AUTH_CODE_BYPASS {
c.Next()
return
}
// Authenticate requests with the Origin header other than 127.0.0.1 https://github.com/siyuan-note/siyuan/issues/9180
clientIP := c.ClientIP()
host := c.GetHeader("Host")

24
kernel/util/working.go
View file

@ -46,6 +46,21 @@ const (
IsInsider = false
)
var (
RUN_IN_CONTAINER = false // 是否运行在容器中
SIYUAN_ACCESS_AUTH_CODE_BYPASS = false // 是否跳过空访问授权码检查
)
func initEnvVars() {
var err error
RUN_IN_CONTAINER = isRunningInDockerContainer()
if SIYUAN_ACCESS_AUTH_CODE_BYPASS, err = strconv.ParseBool(os.Getenv("SIYUAN_ACCESS_AUTH_CODE_BYPASS")); nil != err {
SIYUAN_ACCESS_AUTH_CODE_BYPASS = false
}
}
var (
bootProgress float64 // 启动进度,从 0 到 100
bootDetails string // 启动细节描述
@ -53,6 +68,7 @@ var (
)
func Boot() {
initEnvVars()
IncBootProgress(3, "Booting kernel...")
rand.Seed(time.Now().UTC().UnixNano())
initMime()
@ -79,15 +95,13 @@ func Boot() {
ReadOnly, _ = strconv.ParseBool(*readOnly)
AccessAuthCode = *accessAuthCode
Container = ContainerStd
if isRunningInDockerContainer() {
if RUN_IN_CONTAINER {
Container = ContainerDocker
if "" == AccessAuthCode {
interruptBoot := true
// Set the env `SIYUAN_ACCESS_AUTH_CODE_BYPASS=true` to skip checking access auth code when deploying Docker https://github.com/siyuan-note/siyuan/issues/9709
byPassEnv := os.Getenv("SIYUAN_ACCESS_AUTH_CODE_BYPASS")
bypass, parseErr := strconv.ParseBool(byPassEnv)
if nil == parseErr && bypass {
// Set the env `SIYUAN_ACCESS_AUTH_CODE_BYPASS=true` to skip checking empty access auth code https://github.com/siyuan-note/siyuan/issues/9709
if SIYUAN_ACCESS_AUTH_CODE_BYPASS {
interruptBoot = false
fmt.Println("bypass access auth code check since the env [SIYUAN_ACCESS_AUTH_CODE_BYPASS] is set to [true]")
}