Add new settings

This commit is contained in:
2023-08-30 15:09:37 +08:00
parent faf7a9fcf2
commit 5d93f5d39f
3 changed files with 27 additions and 8 deletions

View File

@@ -24,6 +24,7 @@ export type ConfigType = {
remove_previous_gallery: boolean;
img_verify_secret?: string;
meili_hosts?: Record<string, string>;
cors_credentials_hosts: Array<string>;
};
export enum ThumbnailMethod {
@@ -149,6 +150,16 @@ export class Config {
}
return undefined;
}
get cors_credentials_hosts(): Array<string> {
if (Array.isArray(this._data.cors_credentials_hosts)) {
const hosts: Array<string> = [];
for (const i of this._data.cors_credentials_hosts) {
if (typeof i === "string") hosts.push(i);
}
return hosts;
}
return [];
}
to_json(): ConfigType {
return {
cookies: typeof this.cookies === "string",
@@ -173,6 +184,7 @@ export class Config {
remove_previous_gallery: this.remove_previous_gallery,
img_verify_secret: this.img_verify_secret,
meili_hosts: this.meili_hosts,
cors_credentials_hosts: this.cors_credentials_hosts,
};
}
}

View File

@@ -37,6 +37,7 @@ function handle_auth(req: Request, ctx: MiddlewareHandlerContext) {
}
export async function handler(req: Request, ctx: MiddlewareHandlerContext) {
const m = get_task_manager();
if (!(handle_auth(req, ctx))) {
return return_error(401, "Unauthorized");
}
@@ -47,10 +48,11 @@ export async function handler(req: Request, ctx: MiddlewareHandlerContext) {
if (allow) headers.set("Allow", allow);
const origin = req.headers.get("origin");
if (origin) {
headers.set("Access-Control-Allow-Origin", origin);
const c = m.cfg.cors_credentials_hosts.includes(origin);
headers.set("Access-Control-Allow-Origin", c ? origin : "*");
if (allow) headers.set("Access-Control-Allow-Methods", allow);
headers.set("Access-Control-Allow-Headers", "Content-Type, Range");
headers.set("Access-Control-Allow-Credentials", "true");
if (c) headers.set("Access-Control-Allow-Credentials", "true");
}
return new Response(null, { status: 204, headers });
} else {
@@ -58,8 +60,9 @@ export async function handler(req: Request, ctx: MiddlewareHandlerContext) {
const headers = new Headers(res.headers);
const origin = req.headers.get("origin");
if (origin) {
headers.set("Access-Control-Allow-Origin", origin);
headers.set("Access-Control-Allow-Credentials", "true");
const c = m.cfg.cors_credentials_hosts.includes(origin);
headers.set("Access-Control-Allow-Origin", c ? origin : "*");
if (c) headers.set("Access-Control-Allow-Credentials", "true");
}
if (ctx.state.is_from_cookie && ctx.state.token) {
const m = get_task_manager();

View File

@@ -1,17 +1,20 @@
import { MiddlewareHandlerContext } from "$fresh/server.ts";
import { get_task_manager } from "../../server.ts";
export async function handler(req: Request, ctx: MiddlewareHandlerContext) {
const res = await ctx.next();
const m = get_task_manager();
if (req.method === "OPTIONS" && res.status === 405) {
const headers = new Headers();
const allow = res.headers.get("Accept");
if (allow) headers.set("Allow", allow);
const origin = req.headers.get("origin");
if (origin) {
headers.set("Access-Control-Allow-Origin", origin);
const c = m.cfg.cors_credentials_hosts.includes(origin);
headers.set("Access-Control-Allow-Origin", c ? origin : "*");
if (allow) headers.set("Access-Control-Allow-Methods", allow);
headers.set("Access-Control-Allow-Headers", "Content-Type, Range");
headers.set("Access-Control-Allow-Credentials", "true");
if (c) headers.set("Access-Control-Allow-Credentials", "true");
}
return new Response(null, { status: 204, headers });
} else {
@@ -19,8 +22,9 @@ export async function handler(req: Request, ctx: MiddlewareHandlerContext) {
const headers = new Headers(res.headers);
const origin = req.headers.get("origin");
if (origin) {
headers.set("Access-Control-Allow-Origin", origin);
headers.set("Access-Control-Allow-Credentials", "true");
const c = m.cfg.cors_credentials_hosts.includes(origin);
headers.set("Access-Control-Allow-Origin", c ? origin : "*");
if (c) headers.set("Access-Control-Allow-Credentials", "true");
}
return new Response(res.body, {
status: res.status,