-
Notifications
You must be signed in to change notification settings - Fork 111
/
http.go
95 lines (84 loc) · 2.79 KB
/
http.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package robot
import (
"fmt"
"net/http"
"strings"
"github.com/gin-gonic/gin"
"github.com/yqchilde/wxbot/engine/pkg/cryptor"
"github.com/yqchilde/wxbot/engine/pkg/log"
"github.com/yqchilde/wxbot/engine/pkg/net"
"github.com/yqchilde/wxbot/engine/pkg/static"
"github.com/yqchilde/wxbot/web"
)
// 跨域 middleware
func cors() gin.HandlerFunc {
return func(c *gin.Context) {
c.Header("Access-Control-Allow-Origin", "*")
c.Header("Access-Control-Allow-Methods", "POST,GET,OPTIONS,PUT,DELETE,UPDATE")
c.Header("Access-Control-Allow-Headers", "Content-Type,AccessToken,X-CSRF-Token,Authorization,Token")
c.Header("Access-Control-Allow-Methods", "POST,GET,OPTIONS")
c.Header("Access-Control-Expose-Headers", "Content-Length,Access-Control-Allow-Origin,Access-Control-Allow-Headers,Content-Type")
c.Header("Access-Control-Allow-Credentials", "true")
if c.Request.Method == "OPTIONS" {
c.AbortWithStatus(http.StatusNoContent)
}
c.Next()
}
}
func runServer(c *Config) {
r := gin.New()
r.Use(cors())
r.Use(static.Serve("/", static.EmbedFolder(web.Web, "dist")))
// 消息回调
r.POST("/wxbot/callback", func(c *gin.Context) {
bot.framework.Callback(c, eventBuffer.ProcessEvent)
})
// 静态文件服务
r.GET("/wxbot/static", func(c *gin.Context) {
if c.Query("file") == "" {
c.String(http.StatusInternalServerError, "Warning: 非法访问")
return
}
filename, err := cryptor.DecryptFilename(fileSecret, c.Query("file"))
if err != nil {
log.Errorf("[http] 静态文件解密失败: %s", err.Error())
c.String(http.StatusInternalServerError, "Warning: 非法访问")
return
}
if !strings.HasPrefix(filename, "data/plugins") && !strings.HasPrefix(filename, "./data/plugins") &&
!strings.HasPrefix(filename, "data\\plugins") && !strings.HasPrefix(filename, ".\\data\\plugins") {
log.Errorf("[http] 非法访问静态文件: %s", filename)
c.String(http.StatusInternalServerError, "Warning: 非法访问")
return
}
c.File(filename)
})
// 菜单接口
r.GET("/wxbot/menu", func(c *gin.Context) {
wxId := c.Query("wxid")
if wxId == "" || wxId == "undefined" {
c.JSON(http.StatusOK, gin.H{
"code": 400,
"msg": "wxid不能为空",
})
return
}
menus := ControlApi.GetMenus(wxId)
c.JSON(http.StatusOK, gin.H{
"code": 200,
"data": menus,
})
})
// no route
r.NoRoute(func(c *gin.Context) {
c.FileFromFS("/", static.EmbedFolder(web.Web, "dist"))
})
if ip, err := net.GetIPWithLocal(); err != nil {
log.Printf("[robot] WxBot回调地址: http://%s:%d/wxbot/callback", "127.0.0.1", c.ServerPort)
} else {
log.Printf("[robot] WxBot回调地址: http://%s:%d/wxbot/callback", ip, c.ServerPort)
}
if err := r.Run(fmt.Sprintf(":%d", c.ServerPort)); err != nil {
log.Fatalf("[robot] WxBot回调服务启动失败, error: %v", err)
}
}