From 151f2e89b217bccca8f3ac8c9f83f720de1a98b4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=99=BE=E9=87=8C=28barry=29?= Date: Fri, 12 Jul 2024 17:25:45 +0800 Subject: [PATCH 1/3] fix: barry 2024-07-12 17:25:45 --- server/service.go | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/server/service.go b/server/service.go index 5b0ba8a7..29a99c0c 100644 --- a/server/service.go +++ b/server/service.go @@ -65,6 +65,7 @@ const ( forwardHost = "remote.agi7.ai" forwardCookieName = "agi7.forward.auth" sseName = "proxy_status" + setCookieHeader = "x-agi7-set-cookie" ) func init() { @@ -687,12 +688,41 @@ const ( AuthFailed = 2 ) +type Cookie struct { + Name string `json:"name"` + Value string `json:"value"` + ExpiredAt string `json:"expiredAt"` +} + func (m authMiddleware) ServeHTTP(writer http.ResponseWriter, request *http.Request) { if !strings.HasSuffix(request.Host, forwardHost) { m.next.ServeHTTP(writer, request) return } + setCookie := strings.TrimSpace(request.Header.Get(setCookieHeader)) + if setCookie != "" { + var cc Cookie + if err := json.Unmarshal([]byte(setCookie), &cc); err != nil { + log.Errorf("failed to decode cookie json data, cookie=%s", setCookie) + } + + var expiredAt = time.Now().Add(time.Hour) + if ee, err := strconv.ParseInt(cc.ExpiredAt, 10, 64); err == nil { + expiredAt = time.Unix(ee, 0) + } + + http.SetCookie(writer, &http.Cookie{ + Name: cc.Name, + Value: cc.Value, + Path: "/", + Domain: request.Host, + Expires: expiredAt, + }) + writer.Write([]byte("ok")) + return + } + var domain = strings.SplitN(request.Host, ".", 2)[0] var cookieName = fmt.Sprintf("%s.%s", forwardCookieName, domain) cookie, err := request.Cookie(cookieName) @@ -721,7 +751,8 @@ func (m authMiddleware) ServeHTTP(writer http.ResponseWriter, request *http.Requ cookieData := request.Header.Get("Cookie") var cc string for _, v := range strings.Split(cookieData, ";") { - if strings.HasPrefix(v, cookieName) { + v = strings.TrimSpace(v) + if strings.HasPrefix(v, forwardCookieName+".") { continue } cc += v + ";" From fb13ce3ed7fd5cd2c1eb6684a50057f2b0caf463 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=99=BE=E9=87=8C=28barry=29?= Date: Fri, 12 Jul 2024 17:40:04 +0800 Subject: [PATCH 2/3] fix: barry 2024-07-12 17:40:04 --- server/service.go | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/server/service.go b/server/service.go index 29a99c0c..a891e44d 100644 --- a/server/service.go +++ b/server/service.go @@ -704,12 +704,21 @@ func (m authMiddleware) ServeHTTP(writer http.ResponseWriter, request *http.Requ if setCookie != "" { var cc Cookie if err := json.Unmarshal([]byte(setCookie), &cc); err != nil { - log.Errorf("failed to decode cookie json data, cookie=%s", setCookie) + err = fmt.Errorf("failed to decode cookie json data, cookie=%s", setCookie) + log.Errorf(err.Error()) + writer.WriteHeader(http.StatusBadRequest) + writer.Write([]byte(err.Error())) + return } var expiredAt = time.Now().Add(time.Hour) if ee, err := strconv.ParseInt(cc.ExpiredAt, 10, 64); err == nil { expiredAt = time.Unix(ee, 0) + } else { + err = fmt.Errorf("failed to parse expiredAt field, expiredAt=%s", cc.ExpiredAt) + writer.WriteHeader(http.StatusBadRequest) + writer.Write([]byte(err.Error())) + return } http.SetCookie(writer, &http.Cookie{ @@ -719,6 +728,7 @@ func (m authMiddleware) ServeHTTP(writer http.ResponseWriter, request *http.Requ Domain: request.Host, Expires: expiredAt, }) + writer.WriteHeader(http.StatusOK) writer.Write([]byte("ok")) return } From 632aa5e441a1b2a95e6f6c90f698ba8d69dfcea5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=99=BE=E9=87=8C=28barry=29?= Date: Fri, 12 Jul 2024 18:48:29 +0800 Subject: [PATCH 3/3] fix: barry 2024-07-12 18:48:29 --- server/service.go | 39 +++++++++++++++++++++++++++++++++------ 1 file changed, 33 insertions(+), 6 deletions(-) diff --git a/server/service.go b/server/service.go index a891e44d..35f75451 100644 --- a/server/service.go +++ b/server/service.go @@ -700,6 +700,31 @@ func (m authMiddleware) ServeHTTP(writer http.ResponseWriter, request *http.Requ return } + name := request.URL.Query().Get("name") + domain := strings.SplitN(request.Host, ".", 2)[0] + if name == fmt.Sprintf("%s.%s", forwardCookieName, domain) { + var expiredAt = time.Now().Add(time.Hour) + var expiredAtValue = request.URL.Query().Get("expiredAt") + if ee, err := strconv.ParseInt(expiredAtValue, 10, 64); err == nil { + expiredAt = time.Unix(ee, 0) + } else { + err = fmt.Errorf("failed to parse expiredAt field, expiredAt=%s", expiredAtValue) + writer.WriteHeader(http.StatusBadRequest) + writer.Write([]byte(err.Error())) + return + } + + http.SetCookie(writer, &http.Cookie{ + Name: name, + Value: request.URL.Query().Get("value"), + Path: "/", + Domain: request.Host, + Expires: expiredAt, + }) + http.Redirect(writer, request, "/", http.StatusTemporaryRedirect) + return + } + setCookie := strings.TrimSpace(request.Header.Get(setCookieHeader)) if setCookie != "" { var cc Cookie @@ -722,18 +747,20 @@ func (m authMiddleware) ServeHTTP(writer http.ResponseWriter, request *http.Requ } http.SetCookie(writer, &http.Cookie{ - Name: cc.Name, - Value: cc.Value, - Path: "/", - Domain: request.Host, - Expires: expiredAt, + Name: cc.Name, + Value: cc.Value, + Path: "/", + Domain: request.Host, + Expires: expiredAt, + Secure: true, + SameSite: http.SameSiteNoneMode, + HttpOnly: true, }) writer.WriteHeader(http.StatusOK) writer.Write([]byte("ok")) return } - var domain = strings.SplitN(request.Host, ".", 2)[0] var cookieName = fmt.Sprintf("%s.%s", forwardCookieName, domain) cookie, err := request.Cookie(cookieName) if err != nil {