Web 服务

cmd/dashboard/controller/common_page.go

@@ -0,0 +1,32 @@
+package controller
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+
+	"github.com/p14yground/nezha/model"
+	"github.com/p14yground/nezha/pkg/mygin"
+	"github.com/p14yground/nezha/service/dao"
+)
+
+type commonPage struct {
+	r *gin.Engine
+}
+
+func (cp *commonPage) serve() {
+	cr := cp.r.Group("")
+	cr.Use(mygin.Authorize(mygin.AuthorizeOption{}))
+	cr.GET("/", cp.home)
+}
+
+func (cp *commonPage) home(c *gin.Context) {
+	var admin *model.User
+	isLogin, ok := c.Get(model.CtxKeyIsUserLogin)
+	if ok && isLogin.(bool) {
+		admin = dao.Admin
+	}
+	c.HTML(http.StatusOK, "page/home", mygin.CommonEnvironment(c, gin.H{
+		"Admin": admin,
+	}))
+}

cmd/dashboard/controller/controller.go

@@ -0,0 +1,51 @@
+package controller
+
+import (
+	"fmt"
+	"html/template"
+	"time"
+
+	"github.com/gin-gonic/gin"
+
+	"github.com/p14yground/nezha/pkg/mygin"
+	"github.com/p14yground/nezha/service/dao"
+)
+
+// ServeWeb ..
+func ServeWeb() {
+	r := gin.Default()
+	r.Use(mygin.RecordPath)
+	r.SetFuncMap(template.FuncMap{
+		"tf": func(t time.Time) string {
+			return t.Format("2006年1月2号")
+		},
+		"fs": func() string {
+			if !dao.Conf.Debug {
+				return ""
+			}
+			return fmt.Sprintf("%d", time.Now().UnixNano())
+		},
+	})
+	r.Static("/static", "resource/static")
+	r.LoadHTMLGlob("resource/template/**/*")
+	routers(r)
+	r.Run()
+}
+
+func routers(r *gin.Engine) {
+	// 通用页面
+	cp := commonPage{r}
+	cp.serve()
+	// 游客页面
+	gp := guestPage{r}
+	gp.serve()
+	// 会员页面
+	mp := &memberPage{r}
+	mp.serve()
+	// API
+	api := r.Group("api")
+	{
+		ma := &memberAPI{api}
+		ma.serve()
+	}
+}

cmd/dashboard/controller/guest_page.go

@@ -0,0 +1,45 @@
+package controller
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"github.com/p14yground/nezha/pkg/mygin"
+	"github.com/p14yground/nezha/service/dao"
+	"golang.org/x/oauth2"
+	"golang.org/x/oauth2/github"
+)
+
+type guestPage struct {
+	r *gin.Engine
+}
+
+func (gp *guestPage) serve() {
+	gr := gp.r.Group("")
+	gr.Use(mygin.Authorize(mygin.AuthorizeOption{
+		Guest:    true,
+		IsPage:   true,
+		Msg:      "您已登录",
+		Btn:      "返回首页",
+		Redirect: "/",
+	}))
+
+	gr.GET("/login", gp.login)
+
+	oauth := &oauth2controller{
+		oauth2Config: &oauth2.Config{
+			ClientID:     dao.Conf.GitHub.ClientID,
+			ClientSecret: dao.Conf.GitHub.ClientSecret,
+			Scopes:       []string{},
+			Endpoint:     github.Endpoint,
+		},
+		r: gr,
+	}
+	oauth.serve()
+}
+
+func (gp *guestPage) login(c *gin.Context) {
+	c.HTML(http.StatusOK, "page/login", mygin.CommonEnvironment(c, gin.H{
+		"Title": "登录",
+	}))
+}

cmd/dashboard/controller/member_api.go

@@ -0,0 +1,57 @@
+package controller
+
+import (
+	"fmt"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+
+	"github.com/p14yground/nezha/model"
+	"github.com/p14yground/nezha/pkg/mygin"
+	"github.com/p14yground/nezha/service/dao"
+)
+
+type memberAPI struct {
+	r gin.IRouter
+}
+
+func (ma *memberAPI) serve() {
+	mr := ma.r.Group("")
+	mr.Use(mygin.Authorize(mygin.AuthorizeOption{
+		Member:   true,
+		IsPage:   false,
+		Msg:      "访问此接口需要登录",
+		Btn:      "点此登录",
+		Redirect: "/login",
+	}))
+
+	mr.POST("/logout", ma.logout)
+}
+
+type logoutForm struct {
+	ID uint64
+}
+
+func (ma *memberAPI) logout(c *gin.Context) {
+	var lf logoutForm
+	if err := c.ShouldBindJSON(&lf); err != nil {
+		c.JSON(http.StatusOK, model.Response{
+			Code:    http.StatusBadRequest,
+			Message: fmt.Sprintf("请求错误：%s", err),
+		})
+		return
+	}
+	if lf.ID != dao.Admin.ID {
+		c.JSON(http.StatusOK, model.Response{
+			Code:    http.StatusBadRequest,
+			Message: fmt.Sprintf("请求错误：%s", "用户ID不匹配"),
+		})
+		return
+	}
+	dao.Admin.Token = ""
+	dao.Admin.TokenExpired = time.Now()
+	c.JSON(http.StatusOK, model.Response{
+		Code: http.StatusOK,
+	})
+}

cmd/dashboard/controller/member_page.go

@@ -0,0 +1,21 @@
+package controller
+
+import (
+	"github.com/gin-gonic/gin"
+	"github.com/p14yground/nezha/pkg/mygin"
+)
+
+type memberPage struct {
+	r *gin.Engine
+}
+
+func (mp *memberPage) serve() {
+	mr := mp.r.Group("")
+	mr.Use(mygin.Authorize(mygin.AuthorizeOption{
+		Member:   true,
+		IsPage:   true,
+		Msg:      "此页面需要登录",
+		Btn:      "点此登录",
+		Redirect: "/login",
+	}))
+}

cmd/dashboard/controller/oauth2.go

@@ -0,0 +1,83 @@
+package controller
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+
+	"github.com/naiba/com"
+
+	"github.com/gin-gonic/gin"
+	GitHubAPI "github.com/google/go-github/v28/github"
+	"golang.org/x/oauth2"
+
+	"github.com/p14yground/nezha/model"
+	"github.com/p14yground/nezha/pkg/mygin"
+	"github.com/p14yground/nezha/service/dao"
+)
+
+type oauth2controller struct {
+	oauth2Config *oauth2.Config
+	r            gin.IRoutes
+}
+
+func (oa *oauth2controller) serve() {
+	oa.r.GET("/oauth2/login", oa.login)
+	oa.r.GET("/oauth2/callback", oa.callback)
+}
+
+func (oa *oauth2controller) login(c *gin.Context) {
+	state := com.RandomString(6)
+	dao.Cache.Set(fmt.Sprintf("%s%s", model.CtxKeyOauth2State, c.ClientIP()), state, 0)
+	url := oa.oauth2Config.AuthCodeURL(state, oauth2.AccessTypeOnline)
+	c.Redirect(http.StatusFound, url)
+}
+
+func (oa *oauth2controller) callback(c *gin.Context) {
+	// 验证登录跳转时的 State
+	state, ok := dao.Cache.Get(fmt.Sprintf("%s%s", model.CtxKeyOauth2State, c.ClientIP()))
+	if !ok || state.(string) != c.Query("state") {
+		mygin.ShowErrorPage(c, mygin.ErrInfo{
+			Code:  http.StatusBadRequest,
+			Title: "登录失败",
+			Msg:   fmt.Sprintf("错误信息：%s", "非法的登录方式"),
+		}, true)
+		return
+	}
+	// 拉取验证用户信息
+	ctx := context.Background()
+	otk, err := oa.oauth2Config.Exchange(ctx, c.Query("code"))
+	if err != nil {
+		mygin.ShowErrorPage(c, mygin.ErrInfo{
+			Code:  http.StatusBadRequest,
+			Title: "登录失败",
+			Msg:   fmt.Sprintf("错误信息：%s", err),
+		}, true)
+		return
+	}
+	oc := oa.oauth2Config.Client(ctx, otk)
+	client := GitHubAPI.NewClient(oc)
+	gu, _, err := client.Users.Get(ctx, "")
+	if err != nil {
+		mygin.ShowErrorPage(c, mygin.ErrInfo{
+			Code:  http.StatusBadRequest,
+			Title: "登录失败",
+			Msg:   fmt.Sprintf("错误信息：%s", err),
+		}, true)
+		return
+	}
+	if gu.GetLogin() != dao.Conf.GitHub.Admin {
+		mygin.ShowErrorPage(c, mygin.ErrInfo{
+			Code:  http.StatusBadRequest,
+			Title: "登录失败",
+			Msg:   fmt.Sprintf("错误信息：%s", "该用户不是本站点管理员，无法登录"),
+		}, true)
+		return
+	}
+	user := model.NewUserFromGitHub(gu)
+	dao.Admin = &user
+	dao.Admin.IssueNewToken()
+	c.SetCookie(dao.Conf.Site.CookieName, dao.Admin.Token, 60*60*24*14, "", "", false, false)
+	c.Status(http.StatusOK)
+	c.Writer.WriteString("<script>window.location.href='/'</script>")
+}