TC
/
arozos-mirror
zrcadlo https://github.com/tobychui/arozos


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220
							package main

/*
	ArOZ Online System Main Request Router

	This is used to check authentication before actually serving file to the target client
	This function also handle the special page (login.html and user.html) delivery
*/

import (
	"net/http"
	"path/filepath"
	"strconv"
	"strings"

	fs "imuslab.com/arozos/mod/filesystem"
	"imuslab.com/arozos/mod/network/gzipmiddleware"
	"imuslab.com/arozos/mod/utils"
)

func mrouter(h http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		/*
			You can also check the path for url using r.URL.Path
		*/

		if r.URL.Path == "/favicon.ico" || r.URL.Path == "/manifest.webmanifest" || r.URL.Path == "/robots.txt" || r.URL.Path == "/humans.txt" {
			//Serving web specification files. Allow no auth access.
			h.ServeHTTP(w, r)
		} else if r.URL.Path == "/login.html" {
			//Login page. Require special treatment for template.
			//Get the redirection address from the request URL
			red, _ := utils.GetPara(r, "redirect")

			//Append the redirection addr into the template
			imgsrc := filepath.Join(vendorResRoot, "auth_icon.png")
			if !fs.FileExists(imgsrc) {
				imgsrc = "./web/img/public/auth_icon.png"
			}
			imageBase64, _ := utils.LoadImageAsBase64(imgsrc)
			parsedPage, err := utils.Templateload("web/login.html", map[string]string{
				"redirection_addr": red,
				"usercount":        strconv.Itoa(authAgent.GetUserCounts()),
				"service_logo":     imageBase64,
				"login_addr":       "system/auth/login",
			})
			if err != nil {
				panic("Error. Unable to parse login page. Is web directory data exists?")
			}
			w.Header().Add("Content-Type", "text/html; charset=UTF-8")
			w.Write([]byte(parsedPage))
		} else if r.URL.Path == "/reset.html" && authAgent.GetUserCounts() > 0 {
			//Password restart page. Allow access only when user number > 0
			system_resetpw_handlePasswordReset(w, r)
		} else if r.URL.Path == "/user.html" && authAgent.GetUserCounts() == 0 {
			//Serve user management page. This only allows serving of such page when the total usercount = 0 (aka System Initiation)
			h.ServeHTTP(w, r)

		} else if (len(r.URL.Path) > 11 && r.URL.Path[:11] == "/img/public") || (len(r.URL.Path) > 7 && r.URL.Path[:7] == "/script") {
			//Public image directory. Allow anyone to access resources inside this directory.
			if filepath.Ext("web"+fs.DecodeURI(r.RequestURI)) == ".js" {
				//Fixed serve js meme type invalid bug on Firefox
				w.Header().Add("Content-Type", "application/javascript; charset=UTF-8")
			}
			h.ServeHTTP(w, r)

		} else if len(r.URL.Path) >= len("/caldav") && r.URL.Path[:7] == "/caldav" {
			//CalDAV sub-router (bidirectional calendar sync for iOS)
			if CalDAVHandler == nil {
				errorHandleInternalServerError(w, r)
				return
			}
			CalDAVHandler.ServeHTTP(w, r)
		} else if r.URL.Path == "/.well-known/caldav" {
			//CalDAV service discovery redirect (RFC 6764)
			http.Redirect(w, r, "/caldav/", http.StatusMovedPermanently)
		} else if len(r.URL.Path) >= len("/webdav") && r.URL.Path[:7] == "/webdav" {
			//WebDAV sub-router
			if WebDAVManager == nil {
				errorHandleInternalServerError(w, r)
				return
			}
			WebDAVManager.HandleRequest(w, r)
		} else if len(r.URL.Path) >= len("/share") && r.URL.Path[:6] == "/share" {
			//Share Manager sub-router
			if shareManager == nil {
				errorHandleInternalServerError(w, r)
				return
			}
			shareManager.HandleShareAccess(w, r)
		} else if len(r.URL.Path) >= len("/api/remote") && r.URL.Path[:11] == "/api/remote" {
			//Serverless sub-router
			if AGIGateway == nil {
				errorHandleInternalServerError(w, r)
				return
			}
			AGIGateway.ExtAPIHandler(w, r)
		} else if len(r.URL.Path) >= len("/fileview") && r.URL.Path[:9] == "/fileview" {
			//File server sub-router
			if DirListManager == nil {
				errorHandleInternalServerError(w, r)
				return
			}
			DirListManager.ServerWebFileRequest(w, r)
		} else if r.URL.Path == "/" && authAgent.CheckAuth(r) {
			//Use logged in and request the index. Serve the user's interface module
			w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")
			userinfo, err := userHandler.GetUserInfoFromRequest(w, r)
			if err != nil {
				//ERROR!! Server default
				h.ServeHTTP(w, r)
			} else {
				interfaceModule := userinfo.GetInterfaceModules()
				if len(interfaceModule) == 1 && interfaceModule[0] == "Desktop" {
					http.Redirect(w, r, "./desktop.html", http.StatusTemporaryRedirect)
				} else if len(interfaceModule) == 1 {
					//User with default interface module not desktop
					modileInfo := moduleHandler.GetModuleInfoByID(interfaceModule[0])
					if modileInfo == nil {
						//The module is not found or not enabled
						http.Redirect(w, r, "./SystemAO/boot/interface_disabled.html", http.StatusTemporaryRedirect)
						return
					}
					http.Redirect(w, r, modileInfo.StartDir, http.StatusTemporaryRedirect)
				} else if len(interfaceModule) > 1 {
					//Redirect to module selector
					http.Redirect(w, r, "./SystemAO/boot/interface_selector.html", http.StatusTemporaryRedirect)
				} else if len(interfaceModule) == 0 {
					//Redirect to error page
					http.Redirect(w, r, "./SystemAO/boot/no_interfaceing.html", http.StatusTemporaryRedirect)
				} else {
					//For unknown operations, send it to desktop
					http.Redirect(w, r, "./desktop.html", http.StatusTemporaryRedirect)
				}
			}
		} else if ((len(r.URL.Path) >= 5 && r.URL.Path[:5] == "/www/") || r.URL.Path == "/www") && *allow_homepage {
			//Serve the custom homepage of the user defined. Hand over to the www router
			userWwwHandler.RouteRequest(w, r)
		} else if authAgent.CheckAuth(r) {
			//User logged in. Continue to serve the file the client want
			authAgent.UpdateSessionExpireTime(w, r)
			if build_version == "development" {
				//Do something if development build
				//w.Header().Add("Cross-Origin-Opener-Policy", "same-origin")
				//w.Header().Add("Cross-Origin-Embedder-Policy", "require-corp")
			}
			if filepath.Ext("web"+fs.DecodeURI(r.RequestURI)) == ".js" {
				//Fixed serve js meme type invalid bug on Firefox
				w.Header().Add("Content-Type", "application/javascript; charset=UTF-8")
			}

			if !*disable_subservices {
				//Enable subservice access
				//Check if this path is reverse proxy path. If yes, serve with proxyserver
				isRP, proxy, rewriteURL, subserviceObject := ssRouter.CheckIfReverseProxyPath(r)
				if isRP {
					//Check user permission on that module
					ssRouter.HandleRoutingRequest(w, r, proxy, subserviceObject, rewriteURL)
					return
				}
			}

			//Not subservice routine. Handle file server
			if !*enable_dir_listing {
				if strings.HasSuffix(r.URL.Path, "/") {
					//User trying to access a directory. Send NOT FOUND.
					if fileExistsInWebOrVendor(r.URL.Path + "index.html") {
						//Index exists. Allow passthrough

					} else {
						errorHandleNotFound(w, r)
						return
					}
				}
			}
			if !fileExistsInWebOrVendor(r.URL.Path) {
				//File not found
				errorHandleNotFound(w, r)
				return
			}
			routerStaticContentServer(h, w, r)
		} else {
			//User not logged in. Check if the path end with public/. If yes, allow public access
			if !fileExistsInWebOrVendor(r.URL.Path) {
				//Requested file not exists on the server. Return not found
				errorHandleNotFound(w, r)
			} else if r.URL.Path[len(r.URL.Path)-1:] != "/" && filepath.Base(filepath.Dir(r.URL.Path)) == "public" {
				//This file path end with public/. Allow public access
				routerStaticContentServer(h, w, r)
			} else if *allow_homepage && len(r.URL.Path) >= 5 && r.URL.Path[:5] == "/www/" {
				//Handle public home serving if homepage mode is enabled
				routerStaticContentServer(h, w, r)
			} else {
				//Other paths
				//Rediect to login page
				w.Header().Set("Cache-Control", "no-cache, no-store, no-transform, must-revalidate, private, max-age=0")
				http.Redirect(w, r, utils.ConstructRelativePathFromRequestURL(r.RequestURI, "login.html")+"?redirect="+r.URL.String(), 307)
			}

		}

	})
}

// fileExistsInWebOrVendor reports whether a URL path resolves to a file in
// either the standard ./web directory or the vendorResRoot/web/ overlay.
func fileExistsInWebOrVendor(urlPath string) bool {
	if fs.FileExists("web" + urlPath) {
		return true
	}
	return fs.FileExists(filepath.Join(vendorResRoot, "web", urlPath))
}

func routerStaticContentServer(h http.Handler, w http.ResponseWriter, r *http.Request) {
	if *enable_gzip {
		gzipmiddleware.Compress(h).ServeHTTP(w, r)
	} else {
		h.ServeHTTP(w, r)
	}
}