Skip to content

Commit

Permalink
update: login for upload and delete
Browse files Browse the repository at this point in the history
  • Loading branch information
@iineva
iineva committed Sep 8, 2024
1 parent 769d89e commit 6ad03fc
Show file tree
Hide file tree
Showing 10 changed files with 76 additions and 54 deletions.
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
VERSION := 2.4
VERSION := 2.5
DOCKER_IMAGE := ineva/ipa-server
DOCKER_TARGET := $(DOCKER_IMAGE):$(VERSION)

Expand Down
3 changes: 3 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,9 @@ services:
- DELETE_ENABLED="false"
# meta data filter, string list, comma separated
- META_DATA_FILTER="key1,key2"
# If set, login user for upload and delete Apps.
- LOGIN_USER=
- LOGIN_PASS=
volumes:
- "/docker/data/ipa-server:/app/upload"
caddy:
Expand Down
3 changes: 3 additions & 0 deletions README_zh.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,6 +75,9 @@ services:
- DELETE_ENABLED="false"
# meta data 过滤显示, string list, 使用逗号分隔
- META_DATA_FILTER="key1,key2"
# 如果设置了,使用此用户名密码来上传和删除App
- LOGIN_USER=
- LOGIN_PASS=
volumes:
- "/docker/data/ipa-server:/app/upload"
caddy:
Expand Down
20 changes: 16 additions & 4 deletions cmd/ipasd/ipasd.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ func main() {
addr := flag.String("addr", "0.0.0.0", "bind addr")
port := flag.String("port", "8080", "bind port")
debug := flag.Bool("d", false, "enable debug logging")
user := flag.String("user", "", "basic auth username")
pass := flag.String("pass", "", "basic auth password")
storageDir := flag.String("dir", "upload", "upload data storage dir")
publicURL := flag.String("public-url", "", "server public url")
metadataPath := flag.String("meta-path", "appList.json", "metadata storage path, use random secret path to keep your metadata safer")
Expand Down Expand Up @@ -91,25 +93,35 @@ func main() {
}

srv := service.New(store, *publicURL, *metadataPath)
basicAuth := service.BasicAuthMiddleware(*user, *pass, "My Realm")
listHandler := httptransport.NewServer(
service.LoggingMiddleware(logger, "/api/list", *debug)(service.MakeListEndpoint(srv)),
basicAuth(service.LoggingMiddleware(logger, "/api/list", *debug)(service.MakeListEndpoint(srv))),
service.DecodeListRequest,
service.EncodeJsonResponse,
httptransport.ServerBefore(httptransport.PopulateRequestContext),
)
findHandler := httptransport.NewServer(
service.LoggingMiddleware(logger, "/api/info", *debug)(service.MakeFindEndpoint(srv)),
service.DecodeFindRequest,
service.EncodeJsonResponse,
)
addHandler := httptransport.NewServer(
service.LoggingMiddleware(logger, "/api/upload", *debug)(service.MakeAddEndpoint(srv)),
basicAuth(service.LoggingMiddleware(logger, "/api/upload", *debug)(service.MakeAddEndpoint(srv))),
service.DecodeAddRequest,
service.EncodeJsonResponse,
httptransport.ServerBefore(httptransport.PopulateRequestContext),
)
deleteHandler := httptransport.NewServer(
service.LoggingMiddleware(logger, "/api/delete", *debug)(service.MakeDeleteEndpoint(srv, *enabledDelete)),
basicAuth(service.LoggingMiddleware(logger, "/api/delete", *debug)(service.MakeDeleteEndpoint(srv, *enabledDelete))),
service.DecodeDeleteRequest,
service.EncodeJsonResponse,
httptransport.ServerBefore(httptransport.PopulateRequestContext),
)
deleteGetHandler := httptransport.NewServer(
service.LoggingMiddleware(logger, "/api/delete/get", *debug)(service.MakeGetDeleteEndpoint(srv, *enabledDelete)),
service.DecodeDeleteRequest,
service.EncodeJsonResponse,
httptransport.ServerBefore(httptransport.PopulateRequestContext),
)
plistHandler := httptransport.NewServer(
service.LoggingMiddleware(logger, "/plist", *debug)(service.MakePlistEndpoint(srv)),
Expand All @@ -122,6 +134,7 @@ func main() {
serve.Handle("/api/info/", findHandler)
serve.Handle("/api/upload", addHandler)
serve.Handle("/api/delete", deleteHandler)
serve.Handle("/api/delete/get", deleteGetHandler)
serve.Handle("/plist/", plistHandler)

// static files
Expand All @@ -131,7 +144,6 @@ func main() {
httpfs.NewAferoFS(uploadFS),
)
serve.Handle("/", redirect(map[string]string{
"/key": "/key.html",
// random path to block local metadata
fmt.Sprintf("/%s", *metadataPath): fmt.Sprintf("/%s", uuid.NewString()),
}, http.FileServer(staticFS)))
Expand Down
12 changes: 12 additions & 0 deletions cmd/ipasd/service/middleware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,10 @@ package service
import (
"context"
"fmt"
stdLog "log"
"time"

basic "github.com/go-kit/kit/auth/basic"
"github.com/go-kit/kit/endpoint"
"github.com/go-kit/kit/log"
"github.com/go-kit/kit/log/level"
Expand Down Expand Up @@ -51,3 +53,13 @@ func LoggingMiddleware(logger log.Logger, name string, debug bool) endpoint.Midd
}
}
}

func BasicAuthMiddleware(user, pass, realm string) endpoint.Middleware {
if user == "" {
return func(e endpoint.Endpoint) endpoint.Endpoint {
return e
}
}
stdLog.Println(user, pass, realm)
return basic.AuthMiddleware(user, pass, realm)
}
14 changes: 8 additions & 6 deletions cmd/ipasd/service/transport.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,16 +83,11 @@ func MakeAddEndpoint(srv Service) endpoint.Endpoint {

func MakeDeleteEndpoint(srv Service, enabledDelete bool) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
p := request.(delParam)
if p.get {
// check is delete enabled
return map[string]interface{}{"delete": enabledDelete}, nil
}

if !enabledDelete {
return nil, errors.New("no permission to delete")
}

p := request.(delParam)
err := srv.Delete(p.id)
if err != nil {
return nil, err
Expand All @@ -101,6 +96,13 @@ func MakeDeleteEndpoint(srv Service, enabledDelete bool) endpoint.Endpoint {
}
}

func MakeGetDeleteEndpoint(srv Service, enabledDelete bool) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
// check is delete enabled
return map[string]interface{}{"delete": enabledDelete}, nil
}
}

func MakePlistEndpoint(srv Service) endpoint.Endpoint {
return func(ctx context.Context, request interface{}) (interface{}, error) {
p := request.(param)
Expand Down
8 changes: 8 additions & 0 deletions docker-entrypoint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,12 @@ if [ -n "$META_PATH" ];then
ipasd_args=$ipasd_args"-meta-path $META_PATH "
fi

if [ -n "$LOGIN_USER" ];then
ipasd_args=$ipasd_args"-user $LOGIN_USER "
fi

if [ -n "$LOGIN_PASS" ];then
ipasd_args=$ipasd_args"-user $LOGIN_PASS "
fi

/app/ipasd $ipasd_args
6 changes: 4 additions & 2 deletions public/app/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@
const filter = (row.metaDataFilter || []).map(r => `${r}`.toLowerCase())
const meta = Object.keys(row.metaData || {})
.map(k => ({ name: k, value: (row.metaData || {})[k] }))
.filter(r => r.value && filter.indexOf(r.name.toLocaleLowerCase()) !== -1)
.filter(r => r.value && (filter.length === 0 || filter.indexOf(r.name.toLocaleLowerCase()) !== -1))
document.querySelector('#info').innerHTML = `
<img class="icon" src="${row.webIcon}" alt="">
<div class="name">${row.name}</div>
Expand All @@ -150,8 +150,10 @@
})
}
function onWindowsLoad() {
IPA.fetch(`/api/delete?v=${parseInt(new Date().getTime() / 1000)}`).then(d => {
IPA.fetch(`/api/delete/get?v=${parseInt(new Date().getTime() / 1000)}`).then(d => {
loadInfo(d.delete)
}).catch(e => {
loadInfo(false)
})
}

Expand Down
34 changes: 21 additions & 13 deletions public/js/core.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,29 @@
// fetch with progress
function fetch(url, opts = {}, onProgress) {
return new Promise((res, rej) => {
var xhr = new XMLHttpRequest()
xhr.open(opts.method || 'get', url)
for (var k in opts.headers || {})
xhr.setRequestHeader(k, opts.headers[k])
xhr.onload = e => res(JSON.parse(e.target.responseText))
xhr.onerror = rej
if (xhr.upload && onProgress)
xhr.upload.onprogress = onProgress
xhr.send(opts.body)
try {
var xhr = new XMLHttpRequest()
xhr.open(opts.method || 'get', url)
for (var k in opts.headers || {})
xhr.setRequestHeader(k, opts.headers[k])
xhr.onload = e => {
try {
res(JSON.parse(e.target.responseText))
} catch (e) {
rej(e)
}
}
xhr.onerror = rej
if (xhr.upload && onProgress)
xhr.upload.onprogress = onProgress
xhr.send(opts.body)
} catch (e) {
rej(e)
}
});
}

function getApiUrl(path) {
if (window.localStorage.getItem('ACCESS_KEY')) {
return path + '?key=' + window.localStorage.getItem('ACCESS_KEY') + `&v=${parseInt(new Date().getTime() / 1000)}`
}
return path
}

Expand Down Expand Up @@ -111,6 +118,7 @@

window.goToLink = function(event, link) {
event && event.stopPropagation()
if (!link) return
window.location.href = link
}

Expand Down Expand Up @@ -143,7 +151,7 @@
});
icons.sort().reverse()
return `
<a class='row' onclick="${`goToLink(event, '/app?id=${row.id}')`}">
<a class='row' onclick="${row.current ? '' : `goToLink(event, '/app?id=${row.id}')`}">
<img data-normal="${row.webIcon}" alt="">
<div class="center">
<div class="name">
Expand Down
28 changes: 0 additions & 28 deletions public/key.html
View file

This file was deleted.

0 comments on commit 6ad03fc

Please sign in to comment.