feat: backend share link password check

pull/2493/head
wintbit 2025-06-15 22:02:53 +08:00
parent 17fa44c290
commit 22c7bb0b35
1 changed files with 19 additions and 0 deletions

View File

@ -2,6 +2,7 @@ package share
import (
"context"
"regexp"
"time"
"github.com/cloudreve/Cloudreve/v4/application/dependency"
@ -28,6 +29,14 @@ type (
ShareCreateParamCtx struct{}
)
const (
PasswordMaxLength = 32 // 分享密码最大长度
)
var (
PasswordRegexp = regexp.MustCompile("^[a-zA-Z0-9]*$")
)
// Upsert 创建或更新分享
func (service *ShareCreateService) Upsert(c *gin.Context, existed int) (string, error) {
dep := dependency.FromContext(c)
@ -51,6 +60,16 @@ func (service *ShareCreateService) Upsert(c *gin.Context, existed int) (string,
*expires = time.Now().Add(time.Duration(service.Expire) * time.Second)
}
// Validate password if provided
if service.Password != "" {
if len(service.Password) > PasswordMaxLength {
return "", serializer.NewError(serializer.CodeParamErr, "Password too long", nil)
}
if !PasswordRegexp.MatchString(service.Password) {
return "", serializer.NewError(serializer.CodeParamErr, "Invalid password format", nil)
}
}
share, err := m.CreateOrUpdateShare(c, uri, &manager.CreateShareArgs{
IsPrivate: service.IsPrivate,
Password: service.Password,