add check wxmsg
This commit is contained in:
@@ -177,6 +177,7 @@ const simpleAppsPrefixs = [
|
||||
"/api/s1/",
|
||||
"/api/container/",
|
||||
"/api/resource/",
|
||||
"/api/wxmsg"
|
||||
];
|
||||
|
||||
export const handleRequest = async (req: http.IncomingMessage, res: http.ServerResponse) => {
|
||||
|
||||
@@ -13,6 +13,8 @@ import { getLoginUser } from '../modules/auth.ts';
|
||||
import { rediretHome } from '../modules/user-app/index.ts';
|
||||
import { logger } from '../modules/logger.ts';
|
||||
import { UserV1Proxy } from '../modules/ws-proxy/proxy.ts';
|
||||
import { hasBadUser, userIsBanned, appIsBanned } from '@/modules/off/index.ts';
|
||||
import { robotsTxt } from '@/modules/html/index.ts';
|
||||
const domain = config?.proxy?.domain;
|
||||
const allowedOrigins = config?.proxy?.allowedOrigin || [];
|
||||
|
||||
@@ -22,14 +24,6 @@ const notAuthPathList = [
|
||||
user: 'root',
|
||||
paths: ['center'],
|
||||
},
|
||||
{
|
||||
user: 'admin',
|
||||
paths: ['center'],
|
||||
},
|
||||
{
|
||||
user: 'user',
|
||||
paths: ['login'],
|
||||
},
|
||||
{
|
||||
user: 'public',
|
||||
paths: ['center'],
|
||||
@@ -53,6 +47,12 @@ const checkNotAuthPath = (user, app) => {
|
||||
});
|
||||
return notAuthPath;
|
||||
};
|
||||
const forBadUser = (req: http.IncomingMessage, res: http.ServerResponse) => {
|
||||
// TODO: 记录日志,封禁IP等操作
|
||||
const dns = getDNS(req);
|
||||
logger.warn(`Bad user access from IP: ${dns.ip}, Host: ${dns.hostName}, URL: ${req.url}`);
|
||||
// 这里可以添加更多的处理逻辑,比如封禁IP等
|
||||
}
|
||||
export const handleRequest = async (req: http.IncomingMessage, res: http.ServerResponse) => {
|
||||
const querySearch = new URL(req.url, `http://${req.headers.host}`).searchParams;
|
||||
const password = querySearch.get('p');
|
||||
@@ -153,6 +153,7 @@ export const handleRequest = async (req: http.IncomingMessage, res: http.ServerR
|
||||
console.error('Invalid domain: ', req.url, dns.hostName);
|
||||
res.writeHead(404, { 'Content-Type': 'text/plain' });
|
||||
res.end('Invalid domain\n');
|
||||
forBadUser(req, res);
|
||||
return res.end();
|
||||
}
|
||||
// 验证域名
|
||||
@@ -198,9 +199,18 @@ export const handleRequest = async (req: http.IncomingMessage, res: http.ServerR
|
||||
// 原始url地址
|
||||
const urls = url.split('/');
|
||||
if (urls.length < 3) {
|
||||
console.log('urls errpr', urls);
|
||||
const [_, _user] = urls;
|
||||
if (_user === 'robots.txt') {
|
||||
res.writeHead(200, { 'Content-Type': 'text/plain' });
|
||||
res.end(robotsTxt);
|
||||
return;
|
||||
}
|
||||
console.log('urls error', urls, 'originUrl:', url);
|
||||
res.writeHead(404, { 'Content-Type': 'text/html' });
|
||||
res.write('Invalid Proxy URL\n');
|
||||
if (hasBadUser(_user)) {
|
||||
forBadUser(req, res);
|
||||
}
|
||||
return res.end();
|
||||
}
|
||||
const [_, _user, _app] = urls;
|
||||
@@ -244,6 +254,10 @@ export const handleRequest = async (req: http.IncomingMessage, res: http.ServerR
|
||||
const userApp = new UserApp({ user, app });
|
||||
let isExist = await userApp.getExist();
|
||||
logger.debug('userApp', userApp, isExist);
|
||||
if (userIsBanned(user) || appIsBanned(app)) {
|
||||
forBadUser(req, res);
|
||||
return createErrorPage();
|
||||
}
|
||||
if (!isExist) {
|
||||
try {
|
||||
const { code, loading, message } = await userApp.setCacheData();
|
||||
|
||||
Reference in New Issue
Block a user