main.router.go 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200
  1. package main
  2. /*
  3. ArOZ Online System Main Request Router
  4. This is used to check authentication before actually serving file to the target client
  5. This function also handle the special page (login.system and user.system) delivery
  6. */
  7. import (
  8. "net/http"
  9. "path/filepath"
  10. "strconv"
  11. "strings"
  12. fs "imuslab.com/arozos/mod/filesystem"
  13. "imuslab.com/arozos/mod/network/gzipmiddleware"
  14. "imuslab.com/arozos/mod/utils"
  15. )
  16. func mrouter(h http.Handler) http.Handler {
  17. return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
  18. /*
  19. You can also check the path for url using r.URL.Path
  20. */
  21. if r.URL.Path == "/favicon.ico" || r.URL.Path == "/manifest.webmanifest" || r.URL.Path == "/robots.txt" || r.URL.Path == "/humans.txt" {
  22. //Serving web specification files. Allow no auth access.
  23. h.ServeHTTP(w, r)
  24. } else if r.URL.Path == "/login.system" {
  25. //Login page. Require special treatment for template.
  26. //Get the redirection address from the request URL
  27. red, _ := utils.GetPara(r, "redirect")
  28. //Append the redirection addr into the template
  29. imgsrc := filepath.Join(vendorResRoot, "auth_icon.png")
  30. if !fs.FileExists(imgsrc) {
  31. imgsrc = "./web/img/public/auth_icon.png"
  32. }
  33. imageBase64, _ := utils.LoadImageAsBase64(imgsrc)
  34. parsedPage, err := utils.Templateload("web/login.system", map[string]interface{}{
  35. "redirection_addr": red,
  36. "usercount": strconv.Itoa(authAgent.GetUserCounts()),
  37. "service_logo": imageBase64,
  38. "login_addr": "system/auth/login",
  39. })
  40. if err != nil {
  41. panic("Error. Unable to parse login page. Is web directory data exists?")
  42. }
  43. w.Header().Add("Content-Type", "text/html; charset=UTF-8")
  44. w.Write([]byte(parsedPage))
  45. } else if r.URL.Path == "/reset.system" && authAgent.GetUserCounts() > 0 {
  46. //Password restart page. Allow access only when user number > 0
  47. system_resetpw_handlePasswordReset(w, r)
  48. } else if r.URL.Path == "/user.system" && authAgent.GetUserCounts() == 0 {
  49. //Serve user management page. This only allows serving of such page when the total usercount = 0 (aka System Initiation)
  50. h.ServeHTTP(w, r)
  51. } else if (len(r.URL.Path) > 11 && r.URL.Path[:11] == "/img/public") || (len(r.URL.Path) > 7 && r.URL.Path[:7] == "/script") {
  52. //Public image directory. Allow anyone to access resources inside this directory.
  53. if filepath.Ext("web"+fs.DecodeURI(r.RequestURI)) == ".js" {
  54. //Fixed serve js meme type invalid bug on Firefox
  55. w.Header().Add("Content-Type", "application/javascript; charset=UTF-8")
  56. }
  57. h.ServeHTTP(w, r)
  58. } else if len(r.URL.Path) >= len("/webdav") && r.URL.Path[:7] == "/webdav" {
  59. //WebDAV sub-router
  60. if WebDAVManager == nil {
  61. errorHandleInternalServerError(w, r)
  62. return
  63. }
  64. WebDAVManager.HandleRequest(w, r)
  65. } else if len(r.URL.Path) >= len("/share") && r.URL.Path[:6] == "/share" {
  66. //Share Manager sub-router
  67. if shareManager == nil {
  68. errorHandleInternalServerError(w, r)
  69. return
  70. }
  71. shareManager.HandleShareAccess(w, r)
  72. } else if len(r.URL.Path) >= len("/api/remote") && r.URL.Path[:11] == "/api/remote" {
  73. //Serverless sub-router
  74. if AGIGateway == nil {
  75. errorHandleInternalServerError(w, r)
  76. return
  77. }
  78. AGIGateway.ExtAPIHandler(w, r)
  79. } else if len(r.URL.Path) >= len("/fileview") && r.URL.Path[:9] == "/fileview" {
  80. //File server sub-router
  81. if DirListManager == nil {
  82. errorHandleInternalServerError(w, r)
  83. return
  84. }
  85. DirListManager.ServerWebFileRequest(w, r)
  86. } else if r.URL.Path == "/" && authAgent.CheckAuth(r) {
  87. //Use logged in and request the index. Serve the user's interface module
  88. w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")
  89. userinfo, err := userHandler.GetUserInfoFromRequest(w, r)
  90. if err != nil {
  91. //ERROR!! Server default
  92. h.ServeHTTP(w, r)
  93. } else {
  94. interfaceModule := userinfo.GetInterfaceModules()
  95. if len(interfaceModule) == 1 && interfaceModule[0] == "Desktop" {
  96. http.Redirect(w, r, "./desktop.system", http.StatusTemporaryRedirect)
  97. } else if len(interfaceModule) == 1 {
  98. //User with default interface module not desktop
  99. modileInfo := moduleHandler.GetModuleInfoByID(interfaceModule[0])
  100. if modileInfo == nil {
  101. //The module is not found or not enabled
  102. http.Redirect(w, r, "./SystemAO/boot/interface_disabled.html", http.StatusTemporaryRedirect)
  103. return
  104. }
  105. http.Redirect(w, r, modileInfo.StartDir, http.StatusTemporaryRedirect)
  106. } else if len(interfaceModule) > 1 {
  107. //Redirect to module selector
  108. http.Redirect(w, r, "./SystemAO/boot/interface_selector.html", http.StatusTemporaryRedirect)
  109. } else if len(interfaceModule) == 0 {
  110. //Redirect to error page
  111. http.Redirect(w, r, "./SystemAO/boot/no_interfaceing.html", http.StatusTemporaryRedirect)
  112. } else {
  113. //For unknown operations, send it to desktop
  114. http.Redirect(w, r, "./desktop.system", http.StatusTemporaryRedirect)
  115. }
  116. }
  117. } else if ((len(r.URL.Path) >= 5 && r.URL.Path[:5] == "/www/") || r.URL.Path == "/www") && *allow_homepage == true {
  118. //Serve the custom homepage of the user defined. Hand over to the www router
  119. userWwwHandler.RouteRequest(w, r)
  120. } else if authAgent.CheckAuth(r) {
  121. //User logged in. Continue to serve the file the client want
  122. authAgent.UpdateSessionExpireTime(w, r)
  123. if build_version == "development" {
  124. //Do something if development build
  125. }
  126. if filepath.Ext("web"+fs.DecodeURI(r.RequestURI)) == ".js" {
  127. //Fixed serve js meme type invalid bug on Firefox
  128. w.Header().Add("Content-Type", "application/javascript; charset=UTF-8")
  129. }
  130. if !*disable_subservices {
  131. //Enable subservice access
  132. //Check if this path is reverse proxy path. If yes, serve with proxyserver
  133. isRP, proxy, rewriteURL, subserviceObject := ssRouter.CheckIfReverseProxyPath(r)
  134. if isRP {
  135. //Check user permission on that module
  136. ssRouter.HandleRoutingRequest(w, r, proxy, subserviceObject, rewriteURL)
  137. return
  138. }
  139. }
  140. //Not subservice routine. Handle file server
  141. if !*enable_dir_listing {
  142. if strings.HasSuffix(r.URL.Path, "/") {
  143. //User trying to access a directory. Send NOT FOUND.
  144. if fs.FileExists("web" + r.URL.Path + "index.html") {
  145. //Index exists. Allow passthrough
  146. } else {
  147. errorHandleNotFound(w, r)
  148. return
  149. }
  150. }
  151. }
  152. if !fs.FileExists("web" + r.URL.Path) {
  153. //File not found
  154. errorHandleNotFound(w, r)
  155. return
  156. }
  157. routerStaticContentServer(h, w, r)
  158. } else {
  159. //User not logged in. Check if the path end with public/. If yes, allow public access
  160. if !fs.FileExists(filepath.Join("./web", r.URL.Path)) {
  161. //Requested file not exists on the server. Return not found
  162. errorHandleNotFound(w, r)
  163. } else if r.URL.Path[len(r.URL.Path)-1:] != "/" && filepath.Base(filepath.Dir(r.URL.Path)) == "public" {
  164. //This file path end with public/. Allow public access
  165. routerStaticContentServer(h, w, r)
  166. } else if *allow_homepage && len(r.URL.Path) >= 5 && r.URL.Path[:5] == "/www/" {
  167. //Handle public home serving if homepage mode is enabled
  168. routerStaticContentServer(h, w, r)
  169. } else {
  170. //Other paths
  171. //Rediect to login page
  172. w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")
  173. http.Redirect(w, r, utils.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect="+r.URL.String(), 307)
  174. }
  175. }
  176. })
  177. }
  178. func routerStaticContentServer(h http.Handler, w http.ResponseWriter, r *http.Request) {
  179. if *enable_gzip {
  180. gzipmiddleware.Compress(h).ServeHTTP(w, r)
  181. } else {
  182. h.ServeHTTP(w, r)
  183. }
  184. }