feat(auth): use 'Token' as authentication header

2025-01-29 18:46:50 +08:00 · 2025-01-29 18:46:50 +08:00 · a257b2ed4e
parent f88fd83d4a
commit a257b2ed4e
6 changed files with 7 additions and 6 deletions
--- a/cmd/user.go
+++ b/cmd/user.go
@ -33,7 +33,7 @@ func DelUserCacheOnline(username string) {
 		}
 		u = fmt.Sprintf("https://localhost:%d/api/admin/user/del_cache", conf.Conf.Scheme.HttpsPort)
 	}
-	res, err := client.R().SetHeader("Authorization", token).SetQueryParam("username", username).Post(u)
+	res, err := client.R().SetHeader("Token", token).SetQueryParam("username", username).Post(u)
 	if err != nil {
 		utils.Log.Warnf("[del_user_cache_online] failed: %+v", err)
 		return
--- a/drivers/alist_v3/driver.go
+++ b/drivers/alist_v3/driver.go
@ -186,7 +186,7 @@ func (d *AListV3) Put(ctx context.Context, dstDir model.Obj, stream model.FileSt
 	if err != nil {
 		return err
 	}
-	req.Header.Set("Authorization", d.Token)
+	req.Header.Set(d.Addition.AuthHeader, d.Token)
 	req.Header.Set("File-Path", path.Join(dstDir.GetPath(), stream.GetName()))
 	req.Header.Set("Password", d.MetaPassword)
 	if md5 := stream.GetHash().GetHash(utils.MD5); len(md5) > 0 {
--- a/drivers/alist_v3/meta.go
+++ b/drivers/alist_v3/meta.go
@ -8,6 +8,7 @@ import (
 type Addition struct {
 	driver.RootPath
 	Address         string `json:"url" required:"true"`
+	AuthHeader      string `json:"auth_header" type:"select" options:"Authorization,Token" default:"Token"`
 	MetaPassword    string `json:"meta_password"`
 	Username        string `json:"username"`
 	Password        string `json:"password"`
--- a/drivers/alist_v3/util.go
+++ b/drivers/alist_v3/util.go
@ -34,7 +34,7 @@ func (d *AListV3) login() error {
 func (d *AListV3) request(api, method string, callback base.ReqCallback, retry ...bool) ([]byte, error) {
 	url := d.Address + "/api" + api
 	req := base.RestyClient.R()
-	req.SetHeader("Authorization", d.Token)
+	req.SetHeader(d.Addition.AuthHeader, d.Token)
 	if callback != nil {
 		callback(req)
 	}
--- a/server/handles/auth.go
+++ b/server/handles/auth.go
@ -183,7 +183,7 @@ func Verify2FA(c *gin.Context) {
 }

 func LogOut(c *gin.Context) {
-	err := common.InvalidateToken(c.GetHeader("Authorization"))
+	err := common.InvalidateToken(c.GetHeader("Token"))
 	if err != nil {
 		common.ErrorResp(c, err, 500)
 	} else {
--- a/server/middlewares/auth.go
+++ b/server/middlewares/auth.go
@ -15,7 +15,7 @@ import (
 // Auth is a middleware that checks if the user is logged in.
 // if token is empty, set user to guest
 func Auth(c *gin.Context) {
-	token := c.GetHeader("Authorization")
+	token := c.GetHeader("Token")
 	if subtle.ConstantTimeCompare([]byte(token), []byte(setting.GetStr(conf.Token))) == 1 {
 		admin, err := op.GetAdmin()
 		if err != nil {
@ -74,7 +74,7 @@ func Auth(c *gin.Context) {
 }

 func Authn(c *gin.Context) {
-	token := c.GetHeader("Authorization")
+	token := c.GetHeader("Token")
 	if subtle.ConstantTimeCompare([]byte(token), []byte(setting.GetStr(conf.Token))) == 1 {
 		admin, err := op.GetAdmin()
 		if err != nil {