main.router.go 6.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
  1. package main
  2. /*
  3. ArOZ Online System Main Request Router
  4. This is used to check authentication before actually serving file to the target client
  5. This function also handle the special page (login.system and user.system) delivery
  6. */
  7. import (
  8. "net/http"
  9. "path/filepath"
  10. "strconv"
  11. "strings"
  12. "imuslab.com/arozos/mod/common"
  13. fs "imuslab.com/arozos/mod/filesystem"
  14. )
  15. func mrouter(h http.Handler) http.Handler {
  16. return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
  17. /*
  18. You can also check the path for url using r.URL.Path
  19. */
  20. if r.URL.Path == "/favicon.ico" || r.URL.Path == "/manifest.webmanifest" || r.URL.Path == "/robots.txt" || r.URL.Path == "/humans.txt" {
  21. //Serving web specification files. Allow no auth access.
  22. h.ServeHTTP(w, r)
  23. } else if r.URL.Path == "/login.system" {
  24. //Login page. Require special treatment for template.
  25. //Get the redirection address from the request URL
  26. red, _ := mv(r, "redirect", false)
  27. //Append the redirection addr into the template
  28. imgsrc := "./web/" + iconSystem
  29. if !fileExists(imgsrc) {
  30. imgsrc = "./web/img/public/auth_icon.png"
  31. }
  32. imageBase64, _ := LoadImageAsBase64(imgsrc)
  33. parsedPage, err := template_load("web/login.system", map[string]interface{}{
  34. "redirection_addr": red,
  35. "usercount": strconv.Itoa(authAgent.GetUserCounts()),
  36. "service_logo": imageBase64,
  37. })
  38. if err != nil {
  39. panic("Error. Unable to parse login page. Is web directory data exists?")
  40. }
  41. w.Write([]byte(parsedPage))
  42. } else if r.URL.Path == "/reset.system" && authAgent.GetUserCounts() > 0 {
  43. //Password restart page. Allow access only when user number > 0
  44. system_resetpw_handlePasswordReset(w, r)
  45. } else if r.URL.Path == "/user.system" && authAgent.GetUserCounts() == 0 {
  46. //Serve user management page. This only allows serving of such page when the total usercount = 0 (aka System Initiation)
  47. h.ServeHTTP(w, r)
  48. } else if (len(r.URL.Path) > 11 && r.URL.Path[:11] == "/img/public") || (len(r.URL.Path) > 7 && r.URL.Path[:7] == "/script") {
  49. //Public image directory. Allow anyone to access resources inside this directory.
  50. if filepath.Ext("web"+fs.DecodeURI(r.RequestURI)) == ".js" {
  51. //Fixed serve js meme type invalid bug on Firefox
  52. w.Header().Add("Content-Type", "application/javascript; charset=UTF-8")
  53. }
  54. h.ServeHTTP(w, r)
  55. } else if len(r.URL.Path) >= len("/webdav") && r.URL.Path[:7] == "/webdav" {
  56. //WebDAV special handler
  57. WebDavHandler.HandleRequest(w, r)
  58. } else if len(r.URL.Path) >= len("/share") && r.URL.Path[:6] == "/share" {
  59. shareManager.HandleShareAccess(w, r)
  60. } else if r.URL.Path == "/" && authAgent.CheckAuth(r) {
  61. //Use logged in and request the index. Serve the user's interface module
  62. w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")
  63. userinfo, err := userHandler.GetUserInfoFromRequest(w, r)
  64. if err != nil {
  65. //ERROR!! Server default
  66. h.ServeHTTP(w, r)
  67. } else {
  68. interfaceModule := userinfo.GetInterfaceModules()
  69. if len(interfaceModule) == 1 && interfaceModule[0] == "Desktop" {
  70. http.Redirect(w, r, "./desktop.system", http.StatusTemporaryRedirect)
  71. } else if len(interfaceModule) == 1 {
  72. //User with default interface module not desktop
  73. modileInfo := moduleHandler.GetModuleInfoByID(interfaceModule[0])
  74. if modileInfo == nil {
  75. //The module is not found or not enabled
  76. http.Redirect(w, r, "./SystemAO/boot/interface_disabled.html", http.StatusTemporaryRedirect)
  77. return
  78. }
  79. http.Redirect(w, r, modileInfo.StartDir, http.StatusTemporaryRedirect)
  80. } else if len(interfaceModule) > 1 {
  81. //Redirect to module selector
  82. http.Redirect(w, r, "./SystemAO/boot/interface_selector.html", http.StatusTemporaryRedirect)
  83. } else if len(interfaceModule) == 0 {
  84. //Redirect to error page
  85. http.Redirect(w, r, "./SystemAO/boot/no_interfaceing.html", http.StatusTemporaryRedirect)
  86. } else {
  87. //For unknown operations, send it to desktop
  88. http.Redirect(w, r, "./desktop.system", http.StatusTemporaryRedirect)
  89. }
  90. }
  91. } else if ((len(r.URL.Path) >= 5 && r.URL.Path[:5] == "/www/") || r.URL.Path == "/www") && *allow_homepage == true {
  92. //Serve the custom homepage of the user defined. Hand over to the www router
  93. userWwwHandler.RouteRequest(w, r)
  94. } else if authAgent.CheckAuth(r) {
  95. //User logged in. Continue to serve the file the client want
  96. authAgent.UpdateSessionExpireTime(w, r)
  97. if build_version == "development" {
  98. //Do something if development build
  99. }
  100. if filepath.Ext("web"+fs.DecodeURI(r.RequestURI)) == ".js" {
  101. //Fixed serve js meme type invalid bug on Firefox
  102. w.Header().Add("Content-Type", "application/javascript; charset=UTF-8")
  103. }
  104. if !*disable_subservices {
  105. //Enable subservice access
  106. //Check if this path is reverse proxy path. If yes, serve with proxyserver
  107. isRP, proxy, rewriteURL, subserviceObject := ssRouter.CheckIfReverseProxyPath(r)
  108. if isRP {
  109. //Check user permission on that module
  110. ssRouter.HandleRoutingRequest(w, r, proxy, subserviceObject, rewriteURL)
  111. return
  112. }
  113. }
  114. //Not subservice routine. Handle file server
  115. if !*enable_dir_listing {
  116. if strings.HasSuffix(r.URL.Path, "/") {
  117. //User trying to access a directory. Send NOT FOUND.
  118. if fileExists("web" + r.URL.Path + "index.html") {
  119. //Index exists. Allow passthrough
  120. } else {
  121. errorHandleNotFound(w, r)
  122. return
  123. }
  124. }
  125. }
  126. if !fileExists("web" + r.URL.Path) {
  127. //File not found
  128. errorHandleNotFound(w, r)
  129. return
  130. }
  131. h.ServeHTTP(w, r)
  132. } else {
  133. //User not logged in. Check if the path end with public/. If yes, allow public access
  134. if !fs.FileExists(filepath.Join("./web", r.URL.Path)) {
  135. //Requested file not exists on the server. Return not found
  136. errorHandleNotFound(w, r)
  137. } else if r.URL.Path[len(r.URL.Path)-1:] != "/" && filepath.Base(filepath.Dir(r.URL.Path)) == "public" {
  138. //This file path end with public/. Allow public access
  139. h.ServeHTTP(w, r)
  140. } else if *allow_homepage == true && len(r.URL.Path) >= 5 && r.URL.Path[:5] == "/www/" {
  141. //Handle public home serving if homepage mode is enabled
  142. h.ServeHTTP(w, r)
  143. } else {
  144. //Other paths
  145. //Rediect to login page
  146. w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")
  147. http.Redirect(w, r, common.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect="+r.URL.Path, 307)
  148. }
  149. }
  150. })
  151. }