shkong/go-cqhttp
1
0
Fork 0
mirror of https://github.com/Mrs4s/go-cqhttp.git synced 2025-05-06 12:03:50 +08:00
Code Issues Projects Releases Wiki Activity

fix #251.

Browse Source
This commit is contained in:
Mrs4s 2020-09-09 08:44:47 +08:00
parent eca396afb3
commit 86da65771d
1 changed files with 9 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
server/websocket.go
View File

@ -222,20 +222,12 @@ func (c *websocketClient) onBotPushEvent(m coolq.MSG) {
func (s *websocketServer) event(w http.ResponseWriter, r *http.Request) { func (s *websocketServer) event(w http.ResponseWriter, r *http.Request) {
if s.token != "" { if s.token != "" {
if auth := r.URL.Query().Get("access_token"); auth != s.token && auth != "" { if auth := r.URL.Query().Get("access_token"); auth != s.token {
log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr) if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) != 2 || auth[1] != s.token {
w.WriteHeader(401) log.Warnf("已拒绝 %v 的 Websocket 请求: Token鉴权失败", r.RemoteAddr)
return
} else if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) == 2 {
if auth[1] != s.token {
log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
w.WriteHeader(401) w.WriteHeader(401)
return return
} }
} else {
log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token或传入格式错误", r.RemoteAddr)
w.WriteHeader(401)
return
} }
} }
c, err := upgrader.Upgrade(w, r, nil) c, err := upgrader.Upgrade(w, r, nil)
@ -261,20 +253,12 @@ func (s *websocketServer) event(w http.ResponseWriter, r *http.Request) {
func (s *websocketServer) api(w http.ResponseWriter, r *http.Request) { func (s *websocketServer) api(w http.ResponseWriter, r *http.Request) {
if s.token != "" { if s.token != "" {
if auth := r.URL.Query().Get("access_token"); auth != s.token && auth != "" { if auth := r.URL.Query().Get("access_token"); auth != s.token {
log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr) if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) != 2 || auth[1] != s.token {
w.WriteHeader(401) log.Warnf("已拒绝 %v 的 Websocket 请求: Token鉴权失败", r.RemoteAddr)
return
} else if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) == 2 {
if auth[1] != s.token {
log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
w.WriteHeader(401) w.WriteHeader(401)
return return
} }
} else {
log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token或传入格式错误", r.RemoteAddr)
w.WriteHeader(401)
return
} }
} }
c, err := upgrader.Upgrade(w, r, nil) c, err := upgrader.Upgrade(w, r, nil)
@ -289,20 +273,12 @@ func (s *websocketServer) api(w http.ResponseWriter, r *http.Request) {
func (s *websocketServer) any(w http.ResponseWriter, r *http.Request) { func (s *websocketServer) any(w http.ResponseWriter, r *http.Request) {
if s.token != "" { if s.token != "" {
if auth := r.URL.Query().Get("access_token"); auth != s.token && auth != "" { if auth := r.URL.Query().Get("access_token"); auth != s.token {
log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr) if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) != 2 || auth[1] != s.token {
w.WriteHeader(401) log.Warnf("已拒绝 %v 的 Websocket 请求: Token鉴权失败", r.RemoteAddr)
return
} else if auth := strings.SplitN(r.Header.Get("Authorization"), " ", 2); len(auth) == 2 {
if auth[1] != s.token {
log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
w.WriteHeader(401) w.WriteHeader(401)
return return
} }
} else {
log.Warnf("已拒绝 %v 的 Websocket 请求: 空Token或传入格式错误", r.RemoteAddr)
w.WriteHeader(401)
return
} }
} }
c, err := upgrader.Upgrade(w, r, nil) c, err := upgrader.Upgrade(w, r, nil)
@ -316,7 +292,6 @@ func (s *websocketServer) any(w http.ResponseWriter, r *http.Request) {
c.Close() c.Close()
return return
} }
log.Infof("接受 Websocket 连接: %v (/)", r.RemoteAddr) log.Infof("接受 Websocket 连接: %v (/)", r.RemoteAddr)
conn := &websocketConn{Conn: c} conn := &websocketConn{Conn: c}
s.eventConn = append(s.eventConn, conn) s.eventConn = append(s.eventConn, conn)