ScuroNeko/H2Node
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1.1

Browse Source
This commit is contained in:
ScuroNeko
2026-02-27 14:08:10 +03:00
parent 3701af1fd7
commit b81df5866b
3 changed files with 22 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/api.go
View File

@@ -57,3 +57,10 @@ func ReadBody[T any](r *http.Request) (T, error) {
err := json.NewDecoder(r.Body).Decode(dst) err := json.NewDecoder(r.Body).Decode(dst)
return *dst, err return *dst, err
} }
func CheckToken(r *http.Request) bool {
auth := r.Header.Get("Authorization")
if auth != cfg.JWTSecret {
return false
}
return true
}

38
app/routes.go
View File

@@ -7,11 +7,9 @@ import (
"io" "io"
"log" "log"
"net/http" "net/http"
"strconv"
) )
type AddUserReq struct { type AddUserReq struct {
Token string `json:"token"`
Username string `json:"username"` Username string `json:"username"`
Password string `json:"password"` Password string `json:"password"`
} }
@@ -28,7 +26,7 @@ func AddUser(w http.ResponseWriter, r *http.Request) {
return return
} }
if req.Token != cfg.JWTSecret { if !CheckToken(r) {
WriteError(w, errors.New("token required")) WriteError(w, errors.New("token required"))
return return
} }
@@ -57,20 +55,20 @@ func AddUser(w http.ResponseWriter, r *http.Request) {
} }
type DeleteUserReq struct { type DeleteUserReq struct {
Token string `json:"token"` ID int `json:"id"`
ID int `json:"id"`
} }
func DeleteUser(w http.ResponseWriter, r *http.Request) { func DeleteUser(w http.ResponseWriter, r *http.Request) {
if !CheckToken(r) {
WriteError(w, errors.New("token required"))
return
}
req, err := ReadBody[DeleteUserReq](r) req, err := ReadBody[DeleteUserReq](r)
if err != nil { if err != nil {
WriteError(w, err) WriteError(w, err)
return return
} }
if req.Token != cfg.JWTSecret {
WriteError(w, errors.New("invalid token"))
return
}
provider, err := LoadProvider() provider, err := LoadProvider()
if err != nil { if err != nil {
WriteError(w, err) WriteError(w, err)
@@ -89,19 +87,9 @@ func DeleteUser(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusNoContent) w.WriteHeader(http.StatusNoContent)
} }
type AllUserReq struct {
Token string `json:"token"`
}
func AllUsers(w http.ResponseWriter, r *http.Request) { func AllUsers(w http.ResponseWriter, r *http.Request) {
fmt.Println("AllUsers called") fmt.Println("AllUsers called")
req, err := ReadBody[AllUserReq](r) if !CheckToken(r) {
if err != nil {
WriteError(w, err)
return
}
if req.Token != cfg.JWTSecret {
WriteError(w, errors.New("invalid token")) WriteError(w, errors.New("invalid token"))
return return
} }
@@ -120,9 +108,7 @@ type GetConnectURLReq struct {
} }
func GetUserURL(w http.ResponseWriter, r *http.Request) { func GetUserURL(w http.ResponseWriter, r *http.Request) {
vars := r.URL.Query() req, err := ReadBody[GetConnectURLReq](r)
idS := vars.Get("id")
id, err := strconv.Atoi(idS)
if err != nil { if err != nil {
WriteError(w, err) WriteError(w, err)
return return
@@ -133,11 +119,15 @@ func GetUserURL(w http.ResponseWriter, r *http.Request) {
WriteError(w, err) WriteError(w, err)
return return
} }
user, err := provider.GetById(id) user, err := provider.GetById(req.ID)
if err != nil { if err != nil {
WriteError(w, err) WriteError(w, err)
return return
} }
if user.Password != req.Pass {
WriteError(w, errors.New("invalid password"))
return
}
urlTemplate := "hysteria2://%s@%s:%s?obfs=salamander&obfs-password=%s&type=hysteria&mport&security=tls&sni=%s&alpn=h3&fp=chrome&allowInsecure=0#%s" urlTemplate := "hysteria2://%s@%s:%s?obfs=salamander&obfs-password=%s&type=hysteria&mport&security=tls&sni=%s&alpn=h3&fp=chrome&allowInsecure=0#%s"
authString := encodeURL(user) authString := encodeURL(user)

2
main.go
View File

@@ -19,7 +19,7 @@ func main() {
r.HandleFunc("/delete", app.DeleteUser) r.HandleFunc("/delete", app.DeleteUser)
r.HandleFunc("/users", app.AllUsers) r.HandleFunc("/users", app.AllUsers)
r.HandleFunc("/connect_url", app.GetUserURL) r.HandleFunc("/connect", app.GetUserURL)
r.HandleFunc("/auth", app.DoAuth) r.HandleFunc("/auth", app.DoAuth)