add pwd auth page

conf/app.php

@@ -172,6 +172,16 @@ if (file_exists($customConfigFile)) {
     }catch(Exception $e) {}
 }
 
+//密码配置支持
+$customConfigFile = __DIR__ . '/../runtime/custom_password.json';
+if (file_exists($customConfigFile)) {
+    try {
+        $json = file_get_contents($customConfigFile);
+        $customConfigs = json_decode($json, true);
+        $configs = array_merge($configs, $customConfigs);
+    }catch(Exception $e) {}
+}
+
 
 //用户管理多账号自定义配置
 $customConfigFile = __DIR__ . "/../runtime/custom_config_usermap.json";

conf/custom_password.json

@@ -0,0 +1,10 @@
+{
+	"password_auth": {
+		"enable": true,
+		"alldirs": "helloWorld",
+		"nonebutdirs": {
+			"test": "hello",
+			"邻家小妹": "world"
+		}
+	}
+}

plugins/Common.php

@@ -618,4 +618,73 @@ Class Common {
         return $date;
     }
 
+    //从session里获取密码授权身份
+    public static function getPwdAuthDirsFromSession() {
+        if(session_status() !== PHP_SESSION_ACTIVE) {
+            session_start();
+        }
+
+        return !empty($_SESSION['auth_dirs']) ? $_SESSION['auth_dirs'] : array();
+    }
+
+    //保存已通过密码授权的目录
+    public static function savePwdAuthDirToSession($dir) {
+        if(session_status() !== PHP_SESSION_ACTIVE) {
+            session_start();
+        }
+
+        $authDirs = !empty($_SESSION['auth_dirs']) ? $_SESSION['auth_dirs'] : array();
+        if (!in_array($dir, $authDirs)) {
+            array_push($authDirs, $dir);
+
+            $_SESSION['auth_dirs'] = $authDirs;
+        }
+
+        return $authDirs;
+    }
+
+    //判断当前目录是否允许访问
+    public static function isUserAllowedToDir($dir) {
+        if( empty(FSC::$app['config']['password_auth']) ) {
+            return true;
+        }
+
+        $authConfig = FSC::$app['config']['password_auth'];
+        if (empty($authConfig['enable'])) {
+            return true;
+        }
+
+        $allowed = true;
+        $authDirs = Common::getPwdAuthDirsFromSession();
+        if (!empty($authConfig['alldirs']) && empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs['alldirs'])) {
+            $allowed = false;
+        }else if (!empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs[$dir])) {
+            $allowed = false;
+        }
+
+        return $allowed;
+    }
+
+    //密码授权检查
+    public static function pwdAuthToDir($dir, $userPassword) {
+        if( empty(FSC::$app['config']['password_auth']) ) {
+            return true;
+        }
+
+        $authConfig = FSC::$app['config']['password_auth'];
+        if (empty($authConfig['enable'])) {
+            return true;
+        }
+
+        $allowed = true;
+        $authDirs = Common::getPwdAuthDirsFromSession();
+        if (!empty($authConfig['alldirs']) && empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs['alldirs'])) {
+            $allowed = false;
+        }else if (!empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs[$dir])) {
+            $allowed = false;
+        }
+
+        return $allowed;
+    }
+
 }

themes/beauty/controller/ListController.php

@@ -15,7 +15,6 @@ Class ListController extends Controller {
             throw new Exception("参数缺失！", 403);
         }
 
-
         //获取数据
         $menus = array();        //菜单，一级目录
         $htmlReadme = '';   //Readme.md 内容，底部网站详细介绍
@@ -38,6 +37,13 @@ Class ListController extends Controller {
             $currentDir = $cachedParentData;
         }
 
+        //密码授权检查
+        $isAllowed = Common::isUserAllowedToDir($currentDir['directory']);
+        if (!$isAllowed) {
+            $goUrl = "/site/pwdauth/?dir=" . urlencode($currentDir['directory']) . "&back=" . urlencode(FSC::$app['requestUrl']);
+            return $this->redirect($goUrl);
+        }
+
         $scanner->setWebRoot($this->getCurrentWebroot($currentDir['realpath']));
         $scanner->setRootDir($currentDir['realpath']);
 
@@ -45,6 +51,7 @@ Class ListController extends Controller {
         $maxScanDeep = 0;       //最大扫描目录级数
         $cacheKey = $this->getCacheKey($cateId, 'tree', $maxScanDeep);
         $cachedData = Common::getCacheFromFile($cacheKey, $cacheSeconds);
+
         if (!empty($cachedData)) {
             $dirTree = $cachedData;
             $scanner->setTreeData($cachedData);
@@ -68,11 +75,14 @@ Class ListController extends Controller {
         if (!empty($scanResults)) {
             $dirs = array();
             $files = array();
+            $dir_exts = array();
             foreach ($scanResults as $id => $item) {
                 if (!empty($item['directory'])) {
                     array_push($dirs, $item);
-                }else {
+                }else if (!empty($item['filename'])) {
                     array_push($files, $item);
+                }else {
+                    $dir_exts = array_merge($item, $dir_exts);
                 }
             }
 
@@ -83,6 +93,12 @@ Class ListController extends Controller {
             if (!empty($files)) {
                 $currentDir['files'] = $files;
             }
+
+            if (!empty($dir_exts)) {    //合并目录的说明文件
+                foreach ($dir_exts as $key => $val) {
+                    $currentDir[$key] = $val;
+                }
+            }
     
             $scanResults = array($cateId => $currentDir);       //重新组装数据
         }

themes/beauty/controller/SiteController.php

@@ -14,7 +14,7 @@ Class SiteController extends Controller {
         $htmlReadme = array();   //Readme.md 内容，底部网站详细介绍
         $htmlCateReadme = '';   //当前目录下的Readme.md 内容
         $menus_sorted = array(); //Readme_sort.txt 说明文件内容，一级目录菜单从上到下的排序
-        
+
         $scanner = new DirScanner();
         $scanner->setWebRoot(FSC::$app['config']['content_directory']);
 
@@ -45,6 +45,10 @@ Class SiteController extends Controller {
             Common::saveCacheToFile($cacheKey, $scanResults);
         }
 
+        if (!empty($scanResults) && !empty($scanResults[$defaultCateId])) {
+            //TODO: 获取根目录下的txt说明文件内容
+        }
+
         //优先从缓存获取目录数据
         $cacheKey = $this->getCacheKey('all', 'menu', $maxScanDeep);
         $menus = Common::getCacheFromFile($cacheKey);
@@ -640,4 +644,29 @@ Class SiteController extends Controller {
         return $this->renderJson(compact('code', 'msg'));
     }
 
+    //密码授权
+    public function actionPwdauth() {
+        $checkDir = $this->get('dir', '');
+        $goBackUrl = $this->get('back', '');
+        $password = '';
+
+        if (empty($checkDir) || empty($goBackUrl)) {
+            throw new Exception("缺少参数！", 403);
+        }
+
+        $post = $this->post();
+        if (!empty($post)) {
+            $password = $this->post('password', '');
+        }
+
+        $pageTitle = '密码授权';
+        $viewName = 'pwdauth';
+        $params = compact(
+            'checkDir',
+            'goBackUrl',
+            'password'
+        );
+        return $this->render($viewName, $params, $pageTitle);
+    }
+
 }

themes/beauty/views/site/pwdauth.php

@@ -0,0 +1,32 @@
+<?php
+//密码授权
+
+?><!-- 顶部导航栏模块 -->
+<nav class="navbar navbar-default navbar-fixed-top navbarJS">
+    <div class="container-fluid">
+        <!-- Brand and toggle get grouped for better mobile display navbar-inverse-->
+        <div class="navbar-header">
+            <a class="navbar-brand" href="/">
+                <span class="verMiddle"><?php echo $pageTitle; ?></span>
+            </a>
+        </div>
+    </div><!-- /.container-fluid -->
+</nav>
+
+<!-- 页面内容 -->
+<div class="container">
+	<form class="simple-form" action="" method="POST">
+		<div class="alert alert-warning">
+			<h3>当前页面需密码授权</h3>
+			<p class="mt-1">如果你不知道密码，请联系管理员索要。</p>
+		</div>
+        <div class="form-group">
+            <input name="password" placeholder="请填写密码" type="password" class="form-control">
+        </div>
+        <div class="">
+            <button class="btn btn-primary" type="submit">
+                继续访问
+            </button>
+        </div>
+    </form>
+</div>

www/css/beauty.css

@@ -147,6 +147,8 @@ a:link{text-decoration:none}
 .ml-1{margin-left:1em}
 .mb-1{margin-bottom:1em}
 
+.simple-form{max-width:480px;margin:0 auto}
+
 @media screen and (max-width: 1199px) {
     .im_item {
         height: 23vw;