CN-JS-HuiBai/UserOnlineStatus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
CN-JS-HuiBai
2026-04-07 16:54:24 +08:00
commit 2c6a38c80d
399 changed files with 42205 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
Xboard/app/Http/Middleware/Admin.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Http\Middleware;
use App\Exceptions\ApiException;
use Illuminate\Support\Facades\Auth;
use Closure;
use App\Models\User;
class Admin
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
/** @var User|null $user */
$user = Auth::guard('sanctum')->user();
if (!$user || !$user->is_admin) {
return response()->json(['message' => 'Unauthorized'], 403);
}
return $next($request);
}
}

25
Xboard/app/Http/Middleware/ApplyRuntimeSettings.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\URL;
class ApplyRuntimeSettings
{
public function handle(Request $request, Closure $next)
{
$appUrl = admin_setting('app_url');
if (is_string($appUrl) && $appUrl !== '') {
URL::forceRootUrl($appUrl);
}
if ((bool) admin_setting('force_https', false)) {
URL::forceScheme('https');
}
return $next($request);
}
}

17
Xboard/app/Http/Middleware/Authenticate.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Auth\Middleware\Authenticate as Middleware;
use Illuminate\Http\Request;
class Authenticate extends Middleware
{
/**
* Get the path the user should be redirected to when they are not authenticated.
*/
protected function redirectTo(Request $request): ?string
{
return $request->expectsJson() ? null : null;
}
}

18
Xboard/app/Http/Middleware/CheckForMaintenanceMode.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\PreventRequestsDuringMaintenance;
class CheckForMaintenanceMode extends PreventRequestsDuringMaintenance
{
/**
* 维护模式白名单URI
* @var array<int, string>
*/
protected $except = [
// 示例:
// '/api/health-check',
// '/status'
];
}

33
Xboard/app/Http/Middleware/Client.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
namespace App\Http\Middleware;
use App\Exceptions\ApiException;
use Closure;
use App\Models\User;
use Illuminate\Support\Facades\Auth;
class Client
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$token = $request->input('token', $request->route('token'));
if (empty($token)) {
throw new ApiException('token is null',403);
}
$user = User::where('token', $token)->first();
if (!$user) {
throw new ApiException('token is error',403);
}
Auth::setUser($user);
return $next($request);
}
}

16
Xboard/app/Http/Middleware/EncryptCookies.php Normal file
View File

@@ -0,0 +1,16 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Cookie\Middleware\EncryptCookies as Middleware;
class EncryptCookies extends Middleware
{
/**
* 不需要加密的Cookie名称列表
* @var array<int, string>
*/
protected $except = [
//
];
}

29
Xboard/app/Http/Middleware/EnsureTransactionState.php Normal file
View File

@@ -0,0 +1,29 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
use Symfony\Component\HttpFoundation\Response;
class EnsureTransactionState
{
/**
* Handle an incoming request.
*
* @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
try {
return $next($request);
} finally {
// Rollback any stale transactions to ensure a clean state for the next request.
// This is crucial for long-running processes like Octane.
while (DB::transactionLevel() > 0) {
DB::rollBack();
}
}
}
}

22
Xboard/app/Http/Middleware/ForceJson.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace App\Http\Middleware;
use Closure;
class ForceJson
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
$request->headers->set('accept', 'application/json');
return $next($request);
}
}

37
Xboard/app/Http/Middleware/InitializePlugins.php Normal file
View File

@@ -0,0 +1,37 @@
<?php
namespace App\Http\Middleware;
use App\Services\Plugin\PluginManager;
use Closure;
use Illuminate\Http\Request;
/**
* Middleware to initialize all enabled plugins at the beginning of a request.
* It ensures that all plugin hooks, routes, and services are ready.
*/
class InitializePlugins
{
protected PluginManager $pluginManager;
public function __construct(PluginManager $pluginManager)
{
$this->pluginManager = $pluginManager;
}
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
// This single method call handles loading and booting all enabled plugins.
// It's safe to call multiple times, as it will only run once per request.
$this->pluginManager->initializeEnabledPlugins();
return $next($request);
}
}

17
Xboard/app/Http/Middleware/Language.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\App;
class Language
{
public function handle($request, Closure $next)
{
if ($request->header('content-language')) {
App::setLocale($request->header('content-language'));
}
return $next($request);
}
}

26
Xboard/app/Http/Middleware/RedirectIfAuthenticated.php Normal file
View File

@@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
class RedirectIfAuthenticated
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string|null $guard
* @return mixed
*/
public function handle($request, Closure $next, $guard = null)
{
if (Auth::guard($guard)->check()) {
return redirect('/home');
}
return $next($request);
}
}

60
Xboard/app/Http/Middleware/RequestLog.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
namespace App\Http\Middleware;
use App\Models\AdminAuditLog;
use Closure;
class RequestLog
{
private const SENSITIVE_KEYS = ['password', 'token', 'secret', 'key', 'api_key'];
public function handle($request, Closure $next)
{
if ($request->method() !== 'POST') {
return $next($request);
}
$response = $next($request);
try {
$admin = $request->user();
if (!$admin || !$admin->is_admin) {
return $response;
}
$action = $this->resolveAction($request->path());
$data = collect($request->all())->except(self::SENSITIVE_KEYS)->toArray();
AdminAuditLog::insert([
'admin_id' => $admin->id,
'action' => $action,
'method' => $request->method(),
'uri' => $request->getRequestUri(),
'request_data' => json_encode($data, JSON_UNESCAPED_UNICODE),
'ip' => $request->getClientIp(),
'created_at' => time(),
'updated_at' => time(),
]);
} catch (\Throwable $e) {
\Log::warning('Audit log write failed: ' . $e->getMessage());
}
return $response;
}
private function resolveAction(string $path): string
{
// api/v2/{secure_path}/user/update → user.update
$path = preg_replace('#^api/v[12]/[^/]+/#', '', $path);
// gift-card/create-template → gift_card.create_template
$path = str_replace('-', '_', $path);
// user/update → user.update, server/manage/sort → server_manage.sort
$segments = explode('/', $path);
$method = array_pop($segments);
$resource = implode('_', $segments);
return $resource . '.' . $method;
}
}

59
Xboard/app/Http/Middleware/Server.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
namespace App\Http\Middleware;
use App\Exceptions\ApiException;
use App\Models\Server as ServerModel;
use App\Services\ServerService;
use Closure;
use Illuminate\Http\Request;
class Server
{
public function handle(Request $request, Closure $next, ?string $nodeType = null)
{
$this->validateRequest($request);
$nodeType = $request->input('node_type', $nodeType);
$normalizedNodeType = ServerModel::normalizeType($nodeType);
$serverInfo = ServerService::getServer(
$request->input('node_id'),
$normalizedNodeType
);
if (!$serverInfo) {
throw new ApiException('Server does not exist');
}
$request->attributes->set('node_info', $serverInfo);
return $next($request);
}
private function validateRequest(Request $request): void
{
$request->validate([
'token' => [
'string',
'required',
function ($attribute, $value, $fail) {
if ($value !== admin_setting('server_token')) {
$fail("Invalid {$attribute}");
}
},
],
'node_id' => 'required',
'node_type' => [
'nullable',
function ($attribute, $value, $fail) use ($request) {
if ($value === "v2node") {
$value = null;
}
if (!ServerModel::isValidType($value)) {
$fail("Invalid node type specified");
return;
}
$request->merge([$attribute => ServerModel::normalizeType($value)]);
},
]
]);
}
}

30
Xboard/app/Http/Middleware/Staff.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
namespace App\Http\Middleware;
use App\Exceptions\ApiException;
use App\Services\AuthService;
use Closure;
class Staff
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$authorization = $request->input('auth_data') ?? $request->header('authorization');
if (!$authorization) throw new ApiException( '未登录或登陆已过期', 403);
$user = AuthService::decryptAuthData($authorization);
if (!$user || !$user['is_staff']) throw new ApiException('未登录或登陆已过期', 403);
$request->merge([
'user' => $user
]);
return $next($request);
}
}

19
Xboard/app/Http/Middleware/TrimStrings.php Normal file
View File

@@ -0,0 +1,19 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\TrimStrings as Middleware;
class TrimStrings extends Middleware
{
/**
* 不需要去除前后空格的字段名
* @var array<int, string>
*/
protected $except = [
'password',
'password_confirmation',
'encrypted_data',
'signature'
];
}

47
Xboard/app/Http/Middleware/TrustProxies.php Normal file
View File

@@ -0,0 +1,47 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Http\Middleware\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
/**
* 可信代理列表
* @var array<int, string>|string|null
*/
protected $proxies = [
"173.245.48.0/20",
"103.21.244.0/22",
"103.22.200.0/22",
"103.31.4.0/22",
"141.101.64.0/18",
"108.162.192.0/18",
"190.93.240.0/20",
"188.114.96.0/20",
"197.234.240.0/22",
"198.41.128.0/17",
"162.158.0.0/15",
"104.16.0.0/13",
"104.24.0.0/14",
"172.64.0.0/13",
"131.0.72.0/22",
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16",
"169.254.0.0/16",
"127.0.0.0/8",
];
/**
* 代理头映射
* @var int
*/
protected $headers =
Request::HEADER_X_FORWARDED_FOR |
Request::HEADER_X_FORWARDED_HOST |
Request::HEADER_X_FORWARDED_PORT |
Request::HEADER_X_FORWARDED_PROTO |
Request::HEADER_X_FORWARDED_AWS_ELB;
}

27
Xboard/app/Http/Middleware/User.php Normal file
View File

@@ -0,0 +1,27 @@
<?php
namespace App\Http\Middleware;
use App\Exceptions\ApiException;
use App\Services\AuthService;
use Auth;
use Closure;
use Illuminate\Support\Facades\Cache;
class User
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
if (!Auth::guard('sanctum')->check()) {
throw new ApiException('未登录或登陆已过期', 403);
}
return $next($request);
}
}

22
Xboard/app/Http/Middleware/VerifyCsrfToken.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
namespace App\Http\Middleware;
use Illuminate\Foundation\Http\Middleware\VerifyCsrfToken as Middleware;
class VerifyCsrfToken extends Middleware
{
/**
* 是否在响应中设置XSRF-TOKEN cookie
* @var bool
*/
protected $addHttpCookie = true;
/**
* 不需要CSRF验证的URI列表
* @var array<int, string>
*/
protected $except = [
//
];
}