[update] add AuthDecorator

pkg/cctx/context.go

@@ -18,6 +18,7 @@ var (
 	ContextKeySystemUser = &contextKey{"systemUser"}
 	ContextKeySSHSession = &contextKey{"sshSession"}
 	ContextKeyLocalAddr  = &contextKey{"localAddr"}
+	ContextKeyRemoteAddr = &contextKey{"RemoteAddr"}
 	ContextKeySSHCtx     = &contextKey{"sshCtx"}
 	ContextKeySeed       = &contextKey{"seed"}
 	ContextKeyToken      = &contextKey{"token"}

pkg/httpd/elfhandler.go

 package httpd
 
 import (
+	"context"
+	"fmt"
 	"html/template"
 	"log"
 	"net/http"
+	"strings"
 
 	"github.com/LeeEirc/elfinder"
 	socketio "github.com/googollee/go-socket.io"
 	"github.com/gorilla/mux"
+
+	"cocogo/pkg/cctx"
+	"cocogo/pkg/logger"
+	"cocogo/pkg/model"
+	"cocogo/pkg/service"
 )
 
+func AuthDecorator(handler http.HandlerFunc) http.HandlerFunc {
+	return func(responseWriter http.ResponseWriter, request *http.Request) {
+		cookies := strings.Split(request.Header.Get("Cookie"), ";")
+		var csrfToken string
+		var sessionid string
+		var remoteIP string
+		for _, line := range cookies {
+			if strings.Contains(line, "csrftoken") {
+				csrfToken = strings.Split(line, "=")[1]
+			}
+			if strings.Contains(line, "sessionid") {
+				sessionid = strings.Split(line, "=")[1]
+			}
+		}
+		user, err := service.CheckUserCookie(sessionid, csrfToken)
+		if err != nil {
+			loginUrl := fmt.Sprintf("/users/login/?next=%s", request.URL.Path)
+			http.Redirect(responseWriter, request, loginUrl, http.StatusFound)
+			return
+		}
+		xForwardFors := strings.Split(request.Header.Get("X-Forwarded-For"), ",")
+		if len(xForwardFors) >= 1 {
+			remoteIP = xForwardFors[0]
+		} else {
+			remoteIP = strings.Split(request.RemoteAddr, ":")[0]
+		}
+		ctx := context.WithValue(request.Context(), cctx.ContextKeyUser, user)
+		ctx = context.WithValue(ctx, cctx.ContextKeyRemoteAddr, remoteIP)
+		handler(responseWriter, request.WithContext(ctx))
+	}
+}
+
 func OnElfinderConnect(s socketio.Conn) error {
 	u := s.URL()
 	sid := u.Query().Get("sid")
@@ -38,6 +78,9 @@ func sftpFinder(wr http.ResponseWriter, req *http.Request) {
 }
 
 func sftpHostConnectorView(wr http.ResponseWriter, req *http.Request) {
+	user := req.Context().Value(cctx.ContextKeyUser).(*model.User)
+	remoteIP := req.Context().Value(cctx.ContextKeyRemoteAddr).(string)
+	logger.Debugf("user: %s; remote ip: %s; create connector", user.Name, remoteIP)
 	con := elfinder.NewElFinderConnector([]elfinder.Volume{&elfinder.DefaultVolume})
 	con.ServeHTTP(wr, req)
 }

pkg/httpd/handler.go

@@ -4,38 +4,17 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"net/http"
 	"strings"
 
 	"github.com/gliderlabs/ssh"
-	"github.com/googollee/go-socket.io"
-	"github.com/satori/go.uuid"
+	socketio "github.com/googollee/go-socket.io"
+	uuid "github.com/satori/go.uuid"
 
 	"cocogo/pkg/logger"
 	"cocogo/pkg/proxy"
 	"cocogo/pkg/service"
 )
 
-func AuthDecorator(handler http.HandlerFunc) http.HandlerFunc {
-	return func(responseWriter http.ResponseWriter, request *http.Request) {
-		cookies := strings.Split(request.Header.Get("Cookie"), ";")
-		var csrfToken string
-		var sessionid string
-		for _, line := range cookies {
-			if strings.Contains(line, "csrftoken") {
-				csrfToken = strings.Split(line, "=")[1]
-			}
-			if strings.Contains(line, "sessionid") {
-				sessionid = strings.Split(line, "=")[1]
-			}
-		}
-		_, err := service.CheckUserCookie(sessionid, csrfToken)
-		if err != nil {
-			http.Redirect(responseWriter, request, "", http.StatusFound)
-		}
-	}
-}
-
 // OnConnectHandler 当websocket连接后触发
 func OnConnectHandler(s socketio.Conn) error {
 	// 首次连接 1.获取当前用户的信息

pkg/httpd/server.go

@@ -42,10 +42,10 @@ func StartHTTPServer() {
 	router.PathPrefix("/static/").Handler(http.StripPrefix("/static/", fs))
 
 	router.Handle("/socket.io/", server)
-	router.HandleFunc("/coco/elfinder/sftp/{host}/", sftpHostFinder)
-	router.HandleFunc("/coco/elfinder/sftp/", sftpFinder)
+	router.HandleFunc("/coco/elfinder/sftp/{host}/", AuthDecorator(sftpHostFinder))
+	router.HandleFunc("/coco/elfinder/sftp/", AuthDecorator(sftpFinder))
 	router.HandleFunc("/coco/elfinder/sftp/connector/{host}/",
-		sftpHostConnectorView).Methods("GET", "POST")
+		AuthDecorator(sftpHostConnectorView)).Methods("GET", "POST")
 
 	addr := net.JoinHostPort(conf.BindHost, conf.HTTPPort)
 	logger.Debug("Start HTTP server at ", addr)