feat: add Linuxdo authentication support and configuration

Author: lovebai

auth.go

@@ -0,0 +1,60 @@
+package main
+
+import (
+	"html/template"
+	"log"
+	"net/http"
+	"strings"
+)
+
+// 认证中间件
+func AuthMiddleware(next http.Handler) http.Handler {
+	if config.Secure != "false" {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			cookie, err := r.Cookie("auth")
+			// log.Printf("请求路径: %s, Cookie状态: %+v, 错误信息: %v", r.URL.Path, cookie, err)
+
+			if err != nil || !verifyCookie(cookie) {
+				// log.Printf("验证失败，跳转登录页面")
+				http.Redirect(w, r, "/login", http.StatusFound)
+				return
+			}
+			next.ServeHTTP(w, r)
+		})
+	}
+	return next
+}
+
+// 验证cookie有效性
+func verifyCookie(cookie *http.Cookie) bool {
+	return cookie != nil && strings.Contains(cookie.Value, "authenticated")
+	// return cookie != nil && cookie.Value == "authenticated"
+}
+
+// 登录处理器
+func loginHandler(w http.ResponseWriter, r *http.Request) {
+	if r.Method == http.MethodPost {
+		// 验证密码
+		log.Printf("输入密码：%s，正确密码：%s", r.FormValue("password"), config.Password)
+		if r.FormValue("password") == config.Password {
+			// 设置认证cookie（1小时有效期）
+			http.SetCookie(w, &http.Cookie{
+				Name:     "auth",
+				Value:    "authenticated",
+				MaxAge:   3600, // 使用秒数设置有效期（1小时）
+				HttpOnly: true,
+				Path:     "/",
+				Secure:   true,                 // 开发环境可设为false，生产环境必须设为true
+				SameSite: http.SameSiteLaxMode, // 添加SameSite属性
+			})
+			http.Redirect(w, r, "/", http.StatusFound)
+			return
+		}
+		http.Error(w, "密码错误", http.StatusUnauthorized)
+		return
+	}
+
+	// 显示登录表单
+	tmpl := template.Must(template.New("login").Parse(loginTemplate))
+	tmpl.Execute(w, config)
+}

config.go

@@ -0,0 +1,63 @@
+package main
+
+import "os"
+
+type Config struct {
+	ImageDir string
+	Secure   string
+	Password string
+	Port     string
+	Title    string
+	Icon     string
+	Url      string
+	Dynamic  string
+	Linuxdo  string
+}
+
+var config = Config{
+	ImageDir: "./images",
+	Password: "",
+	Port:     "8009",
+	Title:    "在线图集",
+	Icon:     "https://i.obai.cc/favicon.ico",
+	Dynamic:  "false",
+	Url:      "http://localhost:8009",
+	Secure:   "false",
+	Linuxdo:  "false",
+}
+
+var categoryCache []Category
+
+type Category struct {
+	Name        string
+	EncodedName string
+	CoverImage  string
+}
+
+var imageExtensions = map[string]bool{
+	".jpg":  true,
+	".jpeg": true,
+	".png":  true,
+	".gif":  true,
+	".webp": true,
+}
+
+func initConfig() {
+	envVars := map[string]*string{
+		"SITE_DIR":      &config.ImageDir,
+		"SITE_SECURE":   &config.Secure,
+		"SITE_PASSWORD": &config.Password,
+		"SITE_PORT":     &config.Port,
+		"SITE_TITLE":    &config.Title,
+		"SITE_ICON":     &config.Icon,
+		"SITE_DYNAMIC":  &config.Dynamic,
+		"SITE_LINUXDO":  &config.Linuxdo,
+		"SITE_URL":      &config.Url,
+	}
+
+	for env, conf := range envVars {
+		if val := os.Getenv(env); val != "" {
+			*conf = val
+		}
+	}
+}

go.mod

@@ -1,3 +1,10 @@
 module lovebai/plist
 
 go 1.24.0
+
+require (
+	github.com/go-resty/resty/v2 v2.16.5 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/sessions v1.4.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
+)

go.sum

@@ -0,0 +1,8 @@
+github.com/go-resty/resty/v2 v2.16.5 h1:hBKqmWrr7uRc3euHVqmh1HTHcKn99Smr7o5spptdhTM=
+github.com/go-resty/resty/v2 v2.16.5/go.mod h1:hkJtXbA2iKHzJheXYvQ8snQES5ZLGKMwQ07xAwp/fiA=
+github.com/gorilla/securecookie v1.1.2 h1:YCIWL56dvtr73r6715mJs5ZvhtnY73hBvEF8kXD8ePA=
+github.com/gorilla/securecookie v1.1.2/go.mod h1:NfCASbcHqRSY+3a8tlWJwsQap2VX5pwzwo4h3eOamfo=
+github.com/gorilla/sessions v1.4.0 h1:kpIYOp/oi6MG/p5PgxApU8srsSw9tuFbt46Lt7auzqQ=
+github.com/gorilla/sessions v1.4.0/go.mod h1:FLWm50oby91+hl7p/wRxDth9bWSuk0qVL2emc7lT5ik=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=

handler.go

@@ -0,0 +1,209 @@
+package main
+
+import (
+	"encoding/json"
+	"html/template"
+	"log"
+	"net/http"
+	"net/url"
+	"os"
+	"path/filepath"
+	"strconv"
+	"strings"
+	"time"
+)
+
+func loggingMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		start := time.Now()
+		next.ServeHTTP(w, r)
+		duration := time.Since(start)
+		log.Printf("Method: %s, URL: %s, Duration: %s\n", r.Method, r.URL.Path, duration)
+	})
+}
+
+func indexHandler(w http.ResponseWriter, r *http.Request) {
+	if config.Dynamic == "true" {
+		tmpl := template.Must(template.New("index").Parse(indexDynamicTemplate))
+		tmpl.Execute(w, config)
+	} else {
+		type Tmp struct {
+			Category []Category
+			Config   Config
+		}
+		var tmp = Tmp{
+			Category: categoryCache, // 使用缓存数据
+			Config:   config,
+		}
+		tmpl := template.Must(template.New("index").Parse(indexTemplate))
+		tmpl.Execute(w, tmp)
+	}
+
+}
+
+func categoryHandler(w http.ResponseWriter, r *http.Request) {
+	// category := r.URL.Path[len("/category/"):]
+	// category := filepath.FromSlash(r.URL.Path[len("/category/"):])
+	encodedCategory := filepath.FromSlash(r.URL.Path[len("/category/"):])
+	category, _ := url.PathUnescape(encodedCategory)
+	imagePath := filepath.Join(config.ImageDir, category)
+	cleanImageDir := filepath.Clean(config.ImageDir)
+	absImageDir, _ := filepath.Abs(cleanImageDir)
+	absPath, _ := filepath.Abs(imagePath)
+	if !strings.HasPrefix(absPath, absImageDir) {
+		http.Error(w, "无效路径", http.StatusBadRequest)
+		return
+	}
+	entries, err := os.ReadDir(imagePath)
+	if err != nil {
+		http.Error(w, "无法读取图片目录", http.StatusInternalServerError)
+		return
+	}
+
+	type Image struct {
+		Name string
+		Type string
+	}
+
+	var imageList []Image
+	for _, entry := range entries {
+		if entry.IsDir() {
+			continue
+		}
+		ext := strings.ToLower(filepath.Ext(entry.Name()))
+		if imageExtensions[ext] {
+			imageList = append(imageList, Image{
+				Name: entry.Name(),
+				// 添加类型字段供模板使用（可选）
+				Type: strings.TrimPrefix(ext, "."),
+			})
+		}
+	}
+
+	data := struct {
+		Category string
+		Images   []Image
+		Config   Config
+	}{
+		Category: category,
+		Images:   imageList,
+		Config:   config,
+	}
+
+	if config.Dynamic == "true" {
+		tmpl := template.Must(template.New("category").Parse(categoryDynamicTemplate))
+		tmpl.Execute(w, data)
+	} else {
+		tmpl := template.Must(template.New("category").Parse(categoryTemplate))
+		tmpl.Execute(w, data)
+
+	}
+}
+
+func indexJson(w http.ResponseWriter, r *http.Request) {
+	// 获取分页参数
+	pageStr := r.URL.Query().Get("page")
+	limitStr := r.URL.Query().Get("limit")
+	page, err := strconv.Atoi(pageStr)
+	if err != nil || page < 1 {
+		page = 1
+	}
+	limit, err := strconv.Atoi(limitStr)
+	if err != nil || limit < 1 {
+		limit = 20
+	}
+
+	// 使用缓存的分类信息
+	totalCategories := len(categoryCache)
+	totalPages := (totalCategories + limit - 1) / limit
+	start := (page - 1) * limit
+	end := start + limit
+	if start > totalCategories {
+		start = totalCategories
+	}
+	if end > totalCategories {
+		end = totalCategories
+	}
+	currentCategories := categoryCache[start:end]
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"categories": currentCategories,
+		"page":       page,
+		"limit":      limit,
+		"total":      totalCategories,
+		"pages":      totalPages,
+	})
+}
+
+func categoryJson(w http.ResponseWriter, r *http.Request) {
+	encodedCategory := filepath.FromSlash(r.URL.Path[len("/api/category/"):])
+	category, _ := url.PathUnescape(encodedCategory)
+	imagePath := filepath.Join(config.ImageDir, category)
+	cleanImageDir := filepath.Clean(config.ImageDir)
+	absImageDir, _ := filepath.Abs(cleanImageDir)
+	absPath, _ := filepath.Abs(imagePath)
+	if !strings.HasPrefix(absPath, absImageDir) {
+		http.Error(w, "无效路径", http.StatusBadRequest)
+		return
+	}
+
+	// 获取分页参数
+	pageStr := r.URL.Query().Get("page")
+	limitStr := r.URL.Query().Get("limit")
+	page, err := strconv.Atoi(pageStr)
+	if err != nil || page < 1 {
+		page = 1
+	}
+	limit, err := strconv.Atoi(limitStr)
+	if err != nil || limit < 1 {
+		limit = 20
+	}
+
+	entries, err := os.ReadDir(imagePath)
+	if err != nil {
+		http.Error(w, "无法读取图片目录", http.StatusInternalServerError)
+		return
+	}
+
+	type Image struct {
+		Name string
+		Type string
+	}
+
+	var imageList []Image
+	for _, entry := range entries {
+		if entry.IsDir() {
+			continue
+		}
+		ext := strings.ToLower(filepath.Ext(entry.Name()))
+		if imageExtensions[ext] {
+			imageList = append(imageList, Image{
+				Name: entry.Name(),
+				Type: strings.TrimPrefix(ext, "."),
+			})
+		}
+	}
+
+	totalImages := len(imageList)
+	totalPages := (totalImages + limit - 1) / limit
+	start := (page - 1) * limit
+	end := start + limit
+	if start > totalImages {
+		start = totalImages
+	}
+	if end > totalImages {
+		end = totalImages
+	}
+	currentImages := imageList[start:end]
+
+	w.Header().Set("Content-Type", "application/json")
+	json.NewEncoder(w).Encode(map[string]interface{}{
+		"category": category,
+		"images":   currentImages,
+		"page":     page,
+		"limit":    limit,
+		"total":    totalImages,
+		"pages":    totalPages,
+	})
+}