From 18ed9e09b1d5ee5ebbe1b7fa84267d8b8b7a4084 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E1=B4=80=E1=B4=8D=E1=B4=9B=E1=B4=8F=E1=B4=80=E1=B4=87?= =?UTF-8?q?=CA=80?= Date: Sun, 13 Jul 2025 00:28:24 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=20chromium=20?= =?UTF-8?q?=E7=B3=BB=E6=B5=8F=E8=A7=88=E5=99=A8=E5=88=9B=E5=BB=BA=20WebSoc?= =?UTF-8?q?ket=20=E5=A4=B1=E8=B4=A5=E7=9A=84=E9=97=AE=E9=A2=98=20(#395)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- crates/bili_sync/src/api/routes/mod.rs | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/crates/bili_sync/src/api/routes/mod.rs b/crates/bili_sync/src/api/routes/mod.rs index dd555b9..c3157e1 100644 --- a/crates/bili_sync/src/api/routes/mod.rs +++ b/crates/bili_sync/src/api/routes/mod.rs @@ -39,22 +39,29 @@ pub fn router() -> Router { ) } -/// 中间件:验证请求头中的 Authorization 是否与配置中的 auth_token 匹配 -pub async fn auth(headers: HeaderMap, request: Request, next: Next) -> Result { +/// 中间件:使用 auth token 对请求进行身份验证 +pub async fn auth(mut headers: HeaderMap, request: Request, next: Next) -> Result { let config = VersionedConfig::get().load(); let token = config.auth_token.as_str(); if headers .get("Authorization") .and_then(|v| v.to_str().ok()) .is_some_and(|s| s == token) - || headers - .get("Sec-WebSocket-Protocol") - .and_then(|v| v.to_str().ok()) - .and_then(|s| BASE64_URL_SAFE_NO_PAD.decode(s).ok()) - .is_some_and(|s| s == token.as_bytes()) { return Ok(next.run(request).await); } + if let Some(protocol) = headers.remove("Sec-WebSocket-Protocol") { + if protocol + .to_str() + .ok() + .and_then(|s| BASE64_URL_SAFE_NO_PAD.decode(s).ok()) + .is_some_and(|s| s == token.as_bytes()) + { + let mut resp = next.run(request).await; + resp.headers_mut().insert("Sec-WebSocket-Protocol", protocol); + return Ok(resp); + } + } Ok(ApiResponse::<()>::unauthorized("auth token does not match").into_response()) }