diff --git a/conf/app.php b/conf/app.php index e3d0aa5..20ad4a0 100644 --- a/conf/app.php +++ b/conf/app.php @@ -172,6 +172,16 @@ if (file_exists($customConfigFile)) { }catch(Exception $e) {} } +//密码配置支持 +$customConfigFile = __DIR__ . '/../runtime/custom_password.json'; +if (file_exists($customConfigFile)) { + try { + $json = file_get_contents($customConfigFile); + $customConfigs = json_decode($json, true); + $configs = array_merge($configs, $customConfigs); + }catch(Exception $e) {} +} + //用户管理多账号自定义配置 $customConfigFile = __DIR__ . "/../runtime/custom_config_usermap.json"; diff --git a/conf/custom_password.json b/conf/custom_password.json new file mode 100644 index 0000000..b519742 --- /dev/null +++ b/conf/custom_password.json @@ -0,0 +1,10 @@ +{ + "password_auth": { + "enable": true, + "alldirs": "helloWorld", + "nonebutdirs": { + "test": "hello", + "邻家小妹": "world" + } + } +} \ No newline at end of file diff --git a/plugins/Common.php b/plugins/Common.php index e714b87..a548d96 100644 --- a/plugins/Common.php +++ b/plugins/Common.php @@ -618,4 +618,73 @@ Class Common { return $date; } + //从session里获取密码授权身份 + public static function getPwdAuthDirsFromSession() { + if(session_status() !== PHP_SESSION_ACTIVE) { + session_start(); + } + + return !empty($_SESSION['auth_dirs']) ? $_SESSION['auth_dirs'] : array(); + } + + //保存已通过密码授权的目录 + public static function savePwdAuthDirToSession($dir) { + if(session_status() !== PHP_SESSION_ACTIVE) { + session_start(); + } + + $authDirs = !empty($_SESSION['auth_dirs']) ? $_SESSION['auth_dirs'] : array(); + if (!in_array($dir, $authDirs)) { + array_push($authDirs, $dir); + + $_SESSION['auth_dirs'] = $authDirs; + } + + return $authDirs; + } + + //判断当前目录是否允许访问 + public static function isUserAllowedToDir($dir) { + if( empty(FSC::$app['config']['password_auth']) ) { + return true; + } + + $authConfig = FSC::$app['config']['password_auth']; + if (empty($authConfig['enable'])) { + return true; + } + + $allowed = true; + $authDirs = Common::getPwdAuthDirsFromSession(); + if (!empty($authConfig['alldirs']) && empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs['alldirs'])) { + $allowed = false; + }else if (!empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs[$dir])) { + $allowed = false; + } + + return $allowed; + } + + //密码授权检查 + public static function pwdAuthToDir($dir, $userPassword) { + if( empty(FSC::$app['config']['password_auth']) ) { + return true; + } + + $authConfig = FSC::$app['config']['password_auth']; + if (empty($authConfig['enable'])) { + return true; + } + + $allowed = true; + $authDirs = Common::getPwdAuthDirsFromSession(); + if (!empty($authConfig['alldirs']) && empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs['alldirs'])) { + $allowed = false; + }else if (!empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs[$dir])) { + $allowed = false; + } + + return $allowed; + } + } \ No newline at end of file diff --git a/themes/beauty/controller/ListController.php b/themes/beauty/controller/ListController.php index 841c476..e452510 100644 --- a/themes/beauty/controller/ListController.php +++ b/themes/beauty/controller/ListController.php @@ -15,7 +15,6 @@ Class ListController extends Controller { throw new Exception("参数缺失!", 403); } - //获取数据 $menus = array(); //菜单,一级目录 $htmlReadme = ''; //Readme.md 内容,底部网站详细介绍 @@ -38,6 +37,13 @@ Class ListController extends Controller { $currentDir = $cachedParentData; } + //密码授权检查 + $isAllowed = Common::isUserAllowedToDir($currentDir['directory']); + if (!$isAllowed) { + $goUrl = "/site/pwdauth/?dir=" . urlencode($currentDir['directory']) . "&back=" . urlencode(FSC::$app['requestUrl']); + return $this->redirect($goUrl); + } + $scanner->setWebRoot($this->getCurrentWebroot($currentDir['realpath'])); $scanner->setRootDir($currentDir['realpath']); @@ -45,6 +51,7 @@ Class ListController extends Controller { $maxScanDeep = 0; //最大扫描目录级数 $cacheKey = $this->getCacheKey($cateId, 'tree', $maxScanDeep); $cachedData = Common::getCacheFromFile($cacheKey, $cacheSeconds); + if (!empty($cachedData)) { $dirTree = $cachedData; $scanner->setTreeData($cachedData); @@ -68,11 +75,14 @@ Class ListController extends Controller { if (!empty($scanResults)) { $dirs = array(); $files = array(); + $dir_exts = array(); foreach ($scanResults as $id => $item) { if (!empty($item['directory'])) { array_push($dirs, $item); - }else { + }else if (!empty($item['filename'])) { array_push($files, $item); + }else { + $dir_exts = array_merge($item, $dir_exts); } } @@ -83,6 +93,12 @@ Class ListController extends Controller { if (!empty($files)) { $currentDir['files'] = $files; } + + if (!empty($dir_exts)) { //合并目录的说明文件 + foreach ($dir_exts as $key => $val) { + $currentDir[$key] = $val; + } + } $scanResults = array($cateId => $currentDir); //重新组装数据 } diff --git a/themes/beauty/controller/SiteController.php b/themes/beauty/controller/SiteController.php index 03b6d90..fce981e 100644 --- a/themes/beauty/controller/SiteController.php +++ b/themes/beauty/controller/SiteController.php @@ -14,7 +14,7 @@ Class SiteController extends Controller { $htmlReadme = array(); //Readme.md 内容,底部网站详细介绍 $htmlCateReadme = ''; //当前目录下的Readme.md 内容 $menus_sorted = array(); //Readme_sort.txt 说明文件内容,一级目录菜单从上到下的排序 - + $scanner = new DirScanner(); $scanner->setWebRoot(FSC::$app['config']['content_directory']); @@ -45,6 +45,10 @@ Class SiteController extends Controller { Common::saveCacheToFile($cacheKey, $scanResults); } + if (!empty($scanResults) && !empty($scanResults[$defaultCateId])) { + //TODO: 获取根目录下的txt说明文件内容 + } + //优先从缓存获取目录数据 $cacheKey = $this->getCacheKey('all', 'menu', $maxScanDeep); $menus = Common::getCacheFromFile($cacheKey); @@ -640,4 +644,29 @@ Class SiteController extends Controller { return $this->renderJson(compact('code', 'msg')); } + //密码授权 + public function actionPwdauth() { + $checkDir = $this->get('dir', ''); + $goBackUrl = $this->get('back', ''); + $password = ''; + + if (empty($checkDir) || empty($goBackUrl)) { + throw new Exception("缺少参数!", 403); + } + + $post = $this->post(); + if (!empty($post)) { + $password = $this->post('password', ''); + } + + $pageTitle = '密码授权'; + $viewName = 'pwdauth'; + $params = compact( + 'checkDir', + 'goBackUrl', + 'password' + ); + return $this->render($viewName, $params, $pageTitle); + } + } diff --git a/themes/beauty/views/site/pwdauth.php b/themes/beauty/views/site/pwdauth.php new file mode 100644 index 0000000..30a6b64 --- /dev/null +++ b/themes/beauty/views/site/pwdauth.php @@ -0,0 +1,32 @@ + + + + +
+
+
+

当前页面需密码授权

+

如果你不知道密码,请联系管理员索要。

+
+
+ +
+
+ +
+
+
diff --git a/www/css/beauty.css b/www/css/beauty.css index db50bd1..fb1b21b 100644 --- a/www/css/beauty.css +++ b/www/css/beauty.css @@ -147,6 +147,8 @@ a:link{text-decoration:none} .ml-1{margin-left:1em} .mb-1{margin-bottom:1em} +.simple-form{max-width:480px;margin:0 auto} + @media screen and (max-width: 1199px) { .im_item { height: 23vw;