From 8b3abb719e470a06fc4c712151b637c36120998a Mon Sep 17 00:00:00 2001 From: EpicMo <1982742309@qq.com> Date: Wed, 1 May 2024 20:36:25 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=B1=8F=E8=94=BD=E4=B8=80=E4=BA=9B?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend-api/proxybackendapi.go | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/backend-api/proxybackendapi.go b/backend-api/proxybackendapi.go index fb2e232..7354649 100644 --- a/backend-api/proxybackendapi.go +++ b/backend-api/proxybackendapi.go @@ -9,6 +9,7 @@ import ( "io" "net/http" "net/http/httputil" + "strings" "github.com/gogf/gf/v2/encoding/gjson" "github.com/gogf/gf/v2/frame/g" @@ -22,7 +23,24 @@ func ProxyBackendApi(r *ghttp.Request) { r.Response.Status = 401 r.Response.WriteJson(g.Map{"detail": "Unauthorized"}) } + + // 屏蔽一些接口 path := r.RequestURI + if strings.Contains(path, "invite") || + strings.HasPrefix(path, "/backend-api/share/create") || + strings.HasPrefix(path, "/backend-api/shared_conversations") || + (strings.HasPrefix(path, "/backend-api/accounts") && r.Request.Method == "DELETE") || + strings.HasPrefix(path, "/backend-api/aip/p/") || + strings.HasPrefix(path, "/backend-api/gizmo_creator_profile") || + strings.HasPrefix(path, "/backend-api/payments/checkout") || + strings.HasPrefix(path, "/backend-api/payments/customer_portal") || + strings.HasPrefix(path, "/backend-api/user_system_messages") || + strings.HasPrefix(path, "/backend-api/accounts/deactivate") { + r.Response.Status = 401 + r.Response.WriteJson(g.Map{"detail": "你无权进行此操作。"}) + return + } + // g.Log().Info(ctx, "ProxyBackendApi:", path) proxy := &httputil.ReverseProxy{} @@ -31,7 +49,7 @@ func ProxyBackendApi(r *ghttp.Request) { TLSClientConfig: &tls.Config{ InsecureSkipVerify: true, }, - ForceAttemptHTTP2: true, } + ForceAttemptHTTP2: true} proxy.Rewrite = func(proxyRequest *httputil.ProxyRequest) { proxyRequest.SetURL(config.OPENAIURL)