Browse Source

add pwd auth page

master
filesite 3 months ago
parent
commit
a6d919281c
  1. 10
      conf/app.php
  2. 10
      conf/custom_password.json
  3. 69
      plugins/Common.php
  4. 20
      themes/beauty/controller/ListController.php
  5. 29
      themes/beauty/controller/SiteController.php
  6. 32
      themes/beauty/views/site/pwdauth.php
  7. 2
      www/css/beauty.css

10
conf/app.php

@ -172,6 +172,16 @@ if (file_exists($customConfigFile)) {
}catch(Exception $e) {} }catch(Exception $e) {}
} }
//密码配置支持
$customConfigFile = __DIR__ . '/../runtime/custom_password.json';
if (file_exists($customConfigFile)) {
try {
$json = file_get_contents($customConfigFile);
$customConfigs = json_decode($json, true);
$configs = array_merge($configs, $customConfigs);
}catch(Exception $e) {}
}
//用户管理多账号自定义配置 //用户管理多账号自定义配置
$customConfigFile = __DIR__ . "/../runtime/custom_config_usermap.json"; $customConfigFile = __DIR__ . "/../runtime/custom_config_usermap.json";

10
conf/custom_password.json

@ -0,0 +1,10 @@
{
"password_auth": {
"enable": true,
"alldirs": "helloWorld",
"nonebutdirs": {
"test": "hello",
"邻家小妹": "world"
}
}
}

69
plugins/Common.php

@ -618,4 +618,73 @@ Class Common {
return $date; return $date;
} }
//从session里获取密码授权身份
public static function getPwdAuthDirsFromSession() {
if(session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
return !empty($_SESSION['auth_dirs']) ? $_SESSION['auth_dirs'] : array();
}
//保存已通过密码授权的目录
public static function savePwdAuthDirToSession($dir) {
if(session_status() !== PHP_SESSION_ACTIVE) {
session_start();
}
$authDirs = !empty($_SESSION['auth_dirs']) ? $_SESSION['auth_dirs'] : array();
if (!in_array($dir, $authDirs)) {
array_push($authDirs, $dir);
$_SESSION['auth_dirs'] = $authDirs;
}
return $authDirs;
}
//判断当前目录是否允许访问
public static function isUserAllowedToDir($dir) {
if( empty(FSC::$app['config']['password_auth']) ) {
return true;
}
$authConfig = FSC::$app['config']['password_auth'];
if (empty($authConfig['enable'])) {
return true;
}
$allowed = true;
$authDirs = Common::getPwdAuthDirsFromSession();
if (!empty($authConfig['alldirs']) && empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs['alldirs'])) {
$allowed = false;
}else if (!empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs[$dir])) {
$allowed = false;
}
return $allowed;
}
//密码授权检查
public static function pwdAuthToDir($dir, $userPassword) {
if( empty(FSC::$app['config']['password_auth']) ) {
return true;
}
$authConfig = FSC::$app['config']['password_auth'];
if (empty($authConfig['enable'])) {
return true;
}
$allowed = true;
$authDirs = Common::getPwdAuthDirsFromSession();
if (!empty($authConfig['alldirs']) && empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs['alldirs'])) {
$allowed = false;
}else if (!empty($authConfig['nonebutdirs'][$dir]) && empty($authDirs[$dir])) {
$allowed = false;
}
return $allowed;
}
} }

20
themes/beauty/controller/ListController.php

@ -15,7 +15,6 @@ Class ListController extends Controller {
throw new Exception("参数缺失!", 403); throw new Exception("参数缺失!", 403);
} }
//获取数据 //获取数据
$menus = array(); //菜单,一级目录 $menus = array(); //菜单,一级目录
$htmlReadme = ''; //Readme.md 内容,底部网站详细介绍 $htmlReadme = ''; //Readme.md 内容,底部网站详细介绍
@ -38,6 +37,13 @@ Class ListController extends Controller {
$currentDir = $cachedParentData; $currentDir = $cachedParentData;
} }
//密码授权检查
$isAllowed = Common::isUserAllowedToDir($currentDir['directory']);
if (!$isAllowed) {
$goUrl = "/site/pwdauth/?dir=" . urlencode($currentDir['directory']) . "&back=" . urlencode(FSC::$app['requestUrl']);
return $this->redirect($goUrl);
}
$scanner->setWebRoot($this->getCurrentWebroot($currentDir['realpath'])); $scanner->setWebRoot($this->getCurrentWebroot($currentDir['realpath']));
$scanner->setRootDir($currentDir['realpath']); $scanner->setRootDir($currentDir['realpath']);
@ -45,6 +51,7 @@ Class ListController extends Controller {
$maxScanDeep = 0; //最大扫描目录级数 $maxScanDeep = 0; //最大扫描目录级数
$cacheKey = $this->getCacheKey($cateId, 'tree', $maxScanDeep); $cacheKey = $this->getCacheKey($cateId, 'tree', $maxScanDeep);
$cachedData = Common::getCacheFromFile($cacheKey, $cacheSeconds); $cachedData = Common::getCacheFromFile($cacheKey, $cacheSeconds);
if (!empty($cachedData)) { if (!empty($cachedData)) {
$dirTree = $cachedData; $dirTree = $cachedData;
$scanner->setTreeData($cachedData); $scanner->setTreeData($cachedData);
@ -68,11 +75,14 @@ Class ListController extends Controller {
if (!empty($scanResults)) { if (!empty($scanResults)) {
$dirs = array(); $dirs = array();
$files = array(); $files = array();
$dir_exts = array();
foreach ($scanResults as $id => $item) { foreach ($scanResults as $id => $item) {
if (!empty($item['directory'])) { if (!empty($item['directory'])) {
array_push($dirs, $item); array_push($dirs, $item);
}else { }else if (!empty($item['filename'])) {
array_push($files, $item); array_push($files, $item);
}else {
$dir_exts = array_merge($item, $dir_exts);
} }
} }
@ -84,6 +94,12 @@ Class ListController extends Controller {
$currentDir['files'] = $files; $currentDir['files'] = $files;
} }
if (!empty($dir_exts)) { //合并目录的说明文件
foreach ($dir_exts as $key => $val) {
$currentDir[$key] = $val;
}
}
$scanResults = array($cateId => $currentDir); //重新组装数据 $scanResults = array($cateId => $currentDir); //重新组装数据
} }

29
themes/beauty/controller/SiteController.php

@ -45,6 +45,10 @@ Class SiteController extends Controller {
Common::saveCacheToFile($cacheKey, $scanResults); Common::saveCacheToFile($cacheKey, $scanResults);
} }
if (!empty($scanResults) && !empty($scanResults[$defaultCateId])) {
//TODO: 获取根目录下的txt说明文件内容
}
//优先从缓存获取目录数据 //优先从缓存获取目录数据
$cacheKey = $this->getCacheKey('all', 'menu', $maxScanDeep); $cacheKey = $this->getCacheKey('all', 'menu', $maxScanDeep);
$menus = Common::getCacheFromFile($cacheKey); $menus = Common::getCacheFromFile($cacheKey);
@ -640,4 +644,29 @@ Class SiteController extends Controller {
return $this->renderJson(compact('code', 'msg')); return $this->renderJson(compact('code', 'msg'));
} }
//密码授权
public function actionPwdauth() {
$checkDir = $this->get('dir', '');
$goBackUrl = $this->get('back', '');
$password = '';
if (empty($checkDir) || empty($goBackUrl)) {
throw new Exception("缺少参数!", 403);
}
$post = $this->post();
if (!empty($post)) {
$password = $this->post('password', '');
}
$pageTitle = '密码授权';
$viewName = 'pwdauth';
$params = compact(
'checkDir',
'goBackUrl',
'password'
);
return $this->render($viewName, $params, $pageTitle);
}
} }

32
themes/beauty/views/site/pwdauth.php

@ -0,0 +1,32 @@
<?php
//密码授权
?><!-- 顶部导航栏模块 -->
<nav class="navbar navbar-default navbar-fixed-top navbarJS">
<div class="container-fluid">
<!-- Brand and toggle get grouped for better mobile display navbar-inverse-->
<div class="navbar-header">
<a class="navbar-brand" href="/">
<span class="verMiddle"><?php echo $pageTitle; ?></span>
</a>
</div>
</div><!-- /.container-fluid -->
</nav>
<!-- 页面内容 -->
<div class="container">
<form class="simple-form" action="" method="POST">
<div class="alert alert-warning">
<h3>当前页面需密码授权</h3>
<p class="mt-1">如果你不知道密码,请联系管理员索要。</p>
</div>
<div class="form-group">
<input name="password" placeholder="请填写密码" type="password" class="form-control">
</div>
<div class="">
<button class="btn btn-primary" type="submit">
继续访问
</button>
</div>
</form>
</div>

2
www/css/beauty.css

@ -147,6 +147,8 @@ a:link{text-decoration:none}
.ml-1{margin-left:1em} .ml-1{margin-left:1em}
.mb-1{margin-bottom:1em} .mb-1{margin-bottom:1em}
.simple-form{max-width:480px;margin:0 auto}
@media screen and (max-width: 1199px) { @media screen and (max-width: 1199px) {
.im_item { .im_item {
height: 23vw; height: 23vw;

Loading…
Cancel
Save