From d8c991883cde49acd5ac181b323c01b8028edbce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=A8=E9=BB=84=E6=9E=97?= <yhl452493373@gmail.com>
Date: Tue, 12 Sep 2023 17:39:25 +0800
Subject: [PATCH] http basic auth by jq(not complete)

---
 assets/templates/login.html         | 19 ++++++++++++-------
 pkg/server/controller/controller.go | 13 +++----------
 pkg/server/controller/op.go         | 26 ++++++++++++++------------
 3 files changed, 29 insertions(+), 29 deletions(-)

diff --git a/assets/templates/login.html b/assets/templates/login.html
index 74b091d..31a4b1b 100644
--- a/assets/templates/login.html
+++ b/assets/templates/login.html
@@ -22,7 +22,7 @@
             <div class="layui-input-prefix">
                 <i class="layui-icon layui-icon-username"></i>
             </div>
-            <input type="text" name="username" value="" lay-verify="required" placeholder="用户名"
+            <input type="text" id="username" value="" lay-verify="required" placeholder="用户名"
                    lay-reqtext="请填写用户名" autocomplete="off" class="layui-input" lay-affix="clear">
         </div>
     </div>
@@ -31,7 +31,7 @@
             <div class="layui-input-prefix">
                 <i class="layui-icon layui-icon-password"></i>
             </div>
-            <input type="password" name="password" value="" lay-verify="required" placeholder="密码"
+            <input type="password" id="password" value="" lay-verify="required" placeholder="密码"
                    lay-reqtext="请填写密码" autocomplete="off" class="layui-input" lay-affix="eye">
         </div>
     </div>
@@ -46,13 +46,18 @@
     $(function () {
         $('#login').click(function () {
             $.ajax({
-                url: "/login",
-                type: "post",
-                header: {
-                    Authorization: btoa("admin" + ":" + "admin")
-                },
+                url: "/",
+                username: $('#username').val(),
+                password: $('#password').val(),
                 success: function (result) {
                     console.log(result);
+                    window.location.href = "/"
+                },
+                error: function (xhr, status, error) {
+                    if (xhr.status === 401) {
+                        layui.layer.msg('用户名或密码错误');
+                        return false;
+                    }
                 }
             });
         });
diff --git a/pkg/server/controller/controller.go b/pkg/server/controller/controller.go
index 007765e..8aed894 100644
--- a/pkg/server/controller/controller.go
+++ b/pkg/server/controller/controller.go
@@ -177,16 +177,9 @@ func (c *HandleController) MakeHandlerFunc() gin.HandlerFunc {
 
 func (c *HandleController) MakeLoginFunc() func(context *gin.Context) {
 	return func(context *gin.Context) {
-		method := context.Request.Method
-		if method == "GET" {
-			context.HTML(http.StatusOK, "login.html", gin.H{
-				"version": c.Version,
-			})
-		} else {
-			context.JSON(http.StatusOK, gin.H{
-				"Success": true,
-			})
-		}
+		context.HTML(http.StatusOK, "login.html", gin.H{
+			"version": c.Version,
+		})
 	}
 }
 
diff --git a/pkg/server/controller/op.go b/pkg/server/controller/op.go
index a471fe9..5fe4a28 100644
--- a/pkg/server/controller/op.go
+++ b/pkg/server/controller/op.go
@@ -1,7 +1,6 @@
 package controller
 
 import (
-	"encoding/base64"
 	"fmt"
 	plugin "github.com/fatedier/frp/pkg/plugin/server"
 	"github.com/gin-gonic/gin"
@@ -41,20 +40,19 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	engine.POST("/handler", c.MakeHandlerFunc())
 	engine.Static("/static", filepath.Join(assets, "static"))
 	engine.GET("/login", c.MakeLoginFunc())
+	engine.GET("/lang.json", c.MakeLangFunc())
 
 	var group *gin.RouterGroup
 	if len(c.CommonInfo.User) != 0 {
 		//group = engine.Group("/", gin.BasicAuthForRealm(gin.Accounts{
 		//	c.CommonInfo.User: c.CommonInfo.Pwd,
 		//}, "Restricted"))
-
-		group = engine.Group("/", c.Authorize())
+		group = engine.Group("/", c.BasicAuth())
 	} else {
 		group = engine.Group("/")
 	}
 	group.POST("/login", c.MakeLoginFunc())
 	group.GET("/", c.MakeIndexFunc())
-	group.GET("/lang.json", c.MakeLangFunc())
 	group.GET("/tokens", c.MakeQueryTokensFunc())
 	group.POST("/add", c.MakeAddTokenFunc())
 	group.POST("/update", c.MakeUpdateTokensFunc())
@@ -64,20 +62,24 @@ func (c *HandleController) Register(rootDir string, engine *gin.Engine) {
 	group.GET("/proxy/*serverApi", c.MakeProxyFunc())
 }
 
-func (c *HandleController) Authorize() gin.HandlerFunc {
+func (c *HandleController) BasicAuth() gin.HandlerFunc {
 	return func(context *gin.Context) {
-		authorizationFromUser := context.Request.Header.Get("Authorization")
+		username, password, _ := context.Request.BasicAuth()
 
-		userAndPwd := []byte(c.CommonInfo.User + ":" + c.CommonInfo.Pwd)
-		authorizationFromConfig := "Basic " + base64.StdEncoding.EncodeToString(userAndPwd)
+		usernameMatch := username == c.CommonInfo.User
+		passwordMatch := password == c.CommonInfo.Pwd
 
-		if authorizationFromUser == authorizationFromConfig {
+		if usernameMatch && passwordMatch {
 			context.Next()
-		} else {
-			context.Abort()
-			context.Redirect(http.StatusTemporaryRedirect, "/login")
 			return
 		}
+
+		if context.Request.RequestURI == "/" {
+			context.Header("WWW-Authenticate", `Basic realm="Restricted", charset="UTF-8"`)
+			context.AbortWithStatus(http.StatusUnauthorized)
+		} else {
+			context.Redirect(http.StatusTemporaryRedirect, "/login")
+		}
 	}
 }