密码查看

2022-09-18 11:57:43 +08:00 · 2022-09-18 11:57:43 +08:00 · f21dae1058
commit f21dae1058
parent f205d83a13
4 changed files with 49 additions and 9 deletions
--- a/go.mod
+++ b/go.mod
@ -10,11 +10,15 @@ require (
 )

 require (
+	github.com/gin-contrib/sessions v0.0.5 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-playground/locales v0.14.0 // indirect
 	github.com/go-playground/universal-translator v0.18.0 // indirect
-	github.com/go-playground/validator/v10 v10.11.0 // indirect
+	github.com/go-playground/validator/v10 v10.11.1 // indirect
 	github.com/goccy/go-json v0.9.11 // indirect
+	github.com/gorilla/context v1.1.1 // indirect
+	github.com/gorilla/securecookie v1.1.1 // indirect
+	github.com/gorilla/sessions v1.2.1 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/leodido/go-urn v1.2.1 // indirect
 	github.com/mattn/go-isatty v0.0.16 // indirect
@ -24,7 +28,7 @@ require (
 	github.com/ugorji/go/codec v1.2.7 // indirect
 	golang.org/x/crypto v0.0.0-20220829220503-c86fa9a7ed90 // indirect
 	golang.org/x/net v0.0.0-20220909164309-bea034e7d591 // indirect
-	golang.org/x/sys v0.0.0-20220913175220-63ea55921009 // indirect
+	golang.org/x/sys v0.0.0-20220915200043-7b5979e65e41 // indirect
 	golang.org/x/text v0.3.7 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
 )
--- a/route/actions.go
+++ b/route/actions.go
@ -2,6 +2,7 @@ package route

 import (
 	"fmt"
+	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 	"github/fthvgb1/wp-go/helper"
 	"github/fthvgb1/wp-go/models"
@ -17,6 +18,7 @@ var PostsCache sync.Map

 type IndexHandle struct {
 	c              *gin.Context
+	session        sessions.Session
 	page           int
 	pageSize       int
 	title          string
@ -39,6 +41,7 @@ type IndexHandle struct {
 func NewIndexHandle(ctx *gin.Context) *IndexHandle {
 	return &IndexHandle{
 		c:              ctx,
+		session:        sessions.Default(ctx),
 		page:           1,
 		pageSize:       10,
 		paginationStep: 1,
@ -222,10 +225,10 @@ func index(c *gin.Context) {
 		post, _ := PostsCache.Load(v.Id)
 		pp := post.(*models.WpPosts)
 		px := *pp
-		formatTitleAndContent(&px)
+		h.formatTitleAndContent(&px)
 		postIds[i] = px
 	}
-	recent, err := recentPosts()
+	recent, err := h.recentPosts()
 	archive, err := archives()
 	categoryItems, err := categories()
 	q := c.Request.URL.Query().Encode()
@ -243,14 +246,15 @@ func index(c *gin.Context) {
 	})
 }

-func formatTitleAndContent(post *models.WpPosts) {
-	if post.PostPassword != "" {
+func (h *IndexHandle) formatTitleAndContent(post *models.WpPosts) {
+	pw := h.session.Get("post_password")
+	if post.PostPassword != "" && post.PostPassword != pw {
 		if post.PostTitle != "" {
 			post.PostTitle = fmt.Sprintf("密码保护：%s", post.PostTitle)
 		}
 		if post.PostContent != "" {
 			format := `
-<form action="/wp-login.php?action=postpass" class="post-password-form" method="post">
+<form action="/login" class="post-password-form" method="post">
 <p>此内容受密码保护。如需查阅，请在下列字段中输入您的密码。</p>
 <p><label for="pwbox-%d">密码： <input name="post_password" id="pwbox-%d" type="password" size="20"></label> <input type="submit" name="Submit" value="提交"></p>
 </form>`
@ -259,12 +263,12 @@ func formatTitleAndContent(post *models.WpPosts) {
 	}
 }

-func recentPosts() (r []models.WpPosts, err error) {
+func (h *IndexHandle) recentPosts() (r []models.WpPosts, err error) {
 	r, err = models.Find[models.WpPosts](models.SqlBuilder{{
 		"post_type", "post",
 	}, {"post_status", "publish"}}, "ID,post_title,post_password", "", models.SqlBuilder{{"post_date", "desc"}}, nil, 5)
 	for i := 0; i < len(r); i++ {
-		formatTitleAndContent(&r[i])
+		h.formatTitleAndContent(&r[i])
 	}
 	return
 }
--- a/route/login.go
+++ b/route/login.go
@ -0,0 +1,27 @@
+package route
+
+import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-gonic/gin"
+	"strings"
+)
+
+func login(c *gin.Context) {
+	password := c.PostForm("post_password")
+	ref := c.Request.Referer()
+	if ref == "" {
+		ref = "/"
+	}
+	if password == "" || strings.Replace(password, " ", "", -1) == "" {
+		c.Redirect(304, ref)
+		return
+	}
+	s := sessions.Default(c)
+	s.Set("post_password", password)
+	err := s.Save()
+	if err != nil {
+		c.Error(err)
+		return
+	}
+	c.Redirect(302, ref)
+}
--- a/route/route.go
+++ b/route/route.go
@ -1,6 +1,8 @@
 package route

 import (
+	"github.com/gin-contrib/sessions"
+	"github.com/gin-contrib/sessions/cookie"
 	"github.com/gin-gonic/gin"
 	"github/fthvgb1/wp-go/middleware"
 	"github/fthvgb1/wp-go/static"
@ -35,12 +37,15 @@ func SetupRouter() *gin.Engine {
 		FS:   static.FsEx,
 		Path: "wp-content",
 	}))
+	store := cookie.NewStore([]byte("secret"))
+	r.Use(sessions.Sessions("go-wp", store))
 	r.GET("/", index)
 	r.GET("/page/:page", index)
 	r.GET("/p/category/:category", index)
 	r.GET("/p/tag/:tag", index)
 	r.GET("/p/date/:year/:month", index)
 	r.GET("/p/date/:year/:month/page/:page", index)
+	r.POST("/login", login)

 	return r
 }