afan
/
gitea
Seguir 1
Destacar 0
Cuchillo 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Activity
gitea源码
2 Commits
2 Ramas
Árbol: f5d5e77162
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'f5d5e77162'
${ noResults }
gitea/routers/common/middleware.go

middleware.go 4.0KB
Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package common

  5. 

  6. import (

  7. 	"fmt"

  8. 	"net/http"

  9. 	"strings"

  10. 

  11. 	"code.gitea.io/gitea/modules/cache"

  12. 	"code.gitea.io/gitea/modules/gtprof"

  13. 	"code.gitea.io/gitea/modules/httplib"

  14. 	"code.gitea.io/gitea/modules/reqctx"

  15. 	"code.gitea.io/gitea/modules/setting"

  16. 	"code.gitea.io/gitea/modules/web/routing"

  17. 	"code.gitea.io/gitea/services/context"

  18. 

  19. 	"gitea.com/go-chi/session"

  20. 	"github.com/chi-middleware/proxy"

  21. 	"github.com/go-chi/chi/v5"

  22. )

  23. 

  24. // ProtocolMiddlewares returns HTTP protocol related middlewares, and it provides a global panic recovery

  25. func ProtocolMiddlewares() (handlers []any) {

  26. 	// the order is important

  27. 	handlers = append(handlers, ChiRoutePathHandler())   // make sure chi has correct paths

  28. 	handlers = append(handlers, RequestContextHandler()) //	prepare the context and panic recovery

  29. 

  30. 	if setting.ReverseProxyLimit > 0 && len(setting.ReverseProxyTrustedProxies) > 0 {

  31. 		handlers = append(handlers, ForwardedHeadersHandler(setting.ReverseProxyLimit, setting.ReverseProxyTrustedProxies))

  32. 	}

  33. 

  34. 	if setting.IsRouteLogEnabled() {

  35. 		handlers = append(handlers, routing.NewLoggerHandler())

  36. 	}

  37. 

  38. 	if setting.IsAccessLogEnabled() {

  39. 		handlers = append(handlers, context.AccessLogger())

  40. 	}

  41. 

  42. 	return handlers

  43. }

  44. 

  45. func RequestContextHandler() func(h http.Handler) http.Handler {

  46. 	return func(next http.Handler) http.Handler {

  47. 		return http.HandlerFunc(func(respOrig http.ResponseWriter, req *http.Request) {

  48. 			// this response writer might not be the same as the one in context.Base.Resp

  49. 			// because there might be a "gzip writer" in the middle, so the "written size" here is the compressed size

  50. 			respWriter := context.WrapResponseWriter(respOrig)

  51. 

  52. 			profDesc := fmt.Sprintf("HTTP: %s %s", req.Method, req.RequestURI)

  53. 			ctx, finished := reqctx.NewRequestContext(req.Context(), profDesc)

  54. 			defer finished()

  55. 

  56. 			ctx, span := gtprof.GetTracer().Start(ctx, gtprof.TraceSpanHTTP)

  57. 			req = req.WithContext(ctx)

  58. 			defer func() {

  59. 				chiCtx := chi.RouteContext(req.Context())

  60. 				span.SetAttributeString(gtprof.TraceAttrHTTPRoute, chiCtx.RoutePattern())

  61. 				span.End()

  62. 			}()

  63. 

  64. 			defer func() {

  65. 				if err := recover(); err != nil {

  66. 					RenderPanicErrorPage(respWriter, req, err) // it should never panic

  67. 				}

  68. 			}()

  69. 

  70. 			ds := reqctx.GetRequestDataStore(ctx)

  71. 			req = req.WithContext(cache.WithCacheContext(ctx))

  72. 			ds.SetContextValue(httplib.RequestContextKey, req)

  73. 			ds.AddCleanUp(func() {

  74. 				if req.MultipartForm != nil {

  75. 					_ = req.MultipartForm.RemoveAll() // remove the temp files buffered to tmp directory

  76. 				}

  77. 			})

  78. 			next.ServeHTTP(respWriter, req)

  79. 		})

  80. 	}

  81. }

  82. 

  83. func ChiRoutePathHandler() func(h http.Handler) http.Handler {

  84. 	// make sure chi uses EscapedPath(RawPath) as RoutePath, then "%2f" could be handled correctly

  85. 	return func(next http.Handler) http.Handler {

  86. 		return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {

  87. 			chiCtx := chi.RouteContext(req.Context())

  88. 			if req.URL.RawPath == "" {

  89. 				chiCtx.RoutePath = req.URL.EscapedPath()

  90. 			} else {

  91. 				chiCtx.RoutePath = req.URL.RawPath

  92. 			}

  93. 			next.ServeHTTP(resp, req)

  94. 		})

  95. 	}

  96. }

  97. 

  98. func ForwardedHeadersHandler(limit int, trustedProxies []string) func(h http.Handler) http.Handler {

  99. 	opt := proxy.NewForwardedHeadersOptions().WithForwardLimit(limit).ClearTrustedProxies()

  100. 	for _, n := range trustedProxies {

  101. 		if !strings.Contains(n, "/") {

  102. 			opt.AddTrustedProxy(n)

  103. 		} else {

  104. 			opt.AddTrustedNetwork(n)

  105. 		}

  106. 	}

  107. 	return proxy.ForwardedHeaders(opt)

  108. }

  109. 

  110. func Sessioner() func(next http.Handler) http.Handler {

  111. 	return session.Sessioner(session.Options{

  112. 		Provider:       setting.SessionConfig.Provider,

  113. 		ProviderConfig: setting.SessionConfig.ProviderConfig,

  114. 		CookieName:     setting.SessionConfig.CookieName,

  115. 		CookiePath:     setting.SessionConfig.CookiePath,

  116. 		Gclifetime:     setting.SessionConfig.Gclifetime,

  117. 		Maxlifetime:    setting.SessionConfig.Maxlifetime,

  118. 		Secure:         setting.SessionConfig.Secure,

  119. 		SameSite:       setting.SessionConfig.SameSite,

  120. 		Domain:         setting.SessionConfig.Domain,

  121. 	})

  122. }