chore: sync local changes (2026-03-12)

2026-03-12 18:56:35 +08:00
parent f27996dde0
commit ec28b7bceb
5 changed files with 410 additions and 192 deletions
--- a/mengyaconnect-backend/config.go
+++ b/mengyaconnect-backend/config.go
@@ -1,78 +1,78 @@
-package main
-
-import (
-	"errors"
-	"net/http"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/gin-gonic/gin"
-)
-
-// 数据目录辅助
-func dataBasePath() string { return getEnv("DATA_DIR", "data") }
-func sshDir() string       { return filepath.Join(dataBasePath(), "ssh") }
-func cmdFilePath() string  { return filepath.Join(dataBasePath(), "command", "command.json") }
-func scriptDir() string    { return filepath.Join(dataBasePath(), "script") }
-
-// sanitizeName 防止路径穿越攻击
-func sanitizeName(name string) (string, error) {
-	base := filepath.Base(name)
-	if base == "" || base == "." || base == ".." {
-		return "", errors.New("invalid name")
-	}
-	return base, nil
-}
-
-func corsMiddleware() gin.HandlerFunc {
-	return func(c *gin.Context) {
-		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
-		c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS")
-		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
-		if c.Request.Method == http.MethodOptions {
-			c.AbortWithStatus(http.StatusNoContent)
-			return
-		}
-		c.Next()
-	}
-}
-
-func isOriginAllowed(origin string, allowed []string) bool {
-	if origin == "" {
-		return true
-	}
-	if len(allowed) == 0 {
-		return true
-	}
-	for _, item := range allowed {
-		if item == "*" || strings.EqualFold(strings.TrimSpace(item), origin) {
-			return true
-		}
-	}
-	return false
-}
-
-func parseListEnv(name string) []string {
-	raw := strings.TrimSpace(os.Getenv(name))
-	if raw == "" {
-		return nil
-	}
-	parts := strings.Split(raw, ",")
-	out := make([]string, 0, len(parts))
-	for _, part := range parts {
-		part = strings.TrimSpace(part)
-		if part != "" {
-			out = append(out, part)
-		}
-	}
-	return out
-}
-
-func getEnv(key, fallback string) string {
-	if val := strings.TrimSpace(os.Getenv(key)); val != "" {
-		return val
-	}
-	return fallback
-}
-
+package main
+
+import (
+	"errors"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+// 数据目录辅助
+func dataBasePath() string { return getEnv("DATA_DIR", "data") }
+func sshDir() string       { return filepath.Join(dataBasePath(), "ssh") }
+func cmdFilePath() string  { return filepath.Join(dataBasePath(), "command", "command.json") }
+func scriptDir() string    { return filepath.Join(dataBasePath(), "script") }
+
+// sanitizeName 防止路径穿越攻击
+func sanitizeName(name string) (string, error) {
+	base := filepath.Base(name)
+	if base == "" || base == "." || base == ".." {
+		return "", errors.New("invalid name")
+	}
+	return base, nil
+}
+
+func corsMiddleware() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
+		c.Writer.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE, OPTIONS")
+		c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Authorization")
+		if c.Request.Method == http.MethodOptions {
+			c.AbortWithStatus(http.StatusNoContent)
+			return
+		}
+		c.Next()
+	}
+}
+
+func isOriginAllowed(origin string, allowed []string) bool {
+	if origin == "" {
+		return true
+	}
+	if len(allowed) == 0 {
+		return true
+	}
+	for _, item := range allowed {
+		if item == "*" || strings.EqualFold(strings.TrimSpace(item), origin) {
+			return true
+		}
+	}
+	return false
+}
+
+func parseListEnv(name string) []string {
+	raw := strings.TrimSpace(os.Getenv(name))
+	if raw == "" {
+		return nil
+	}
+	parts := strings.Split(raw, ",")
+	out := make([]string, 0, len(parts))
+	for _, part := range parts {
+		part = strings.TrimSpace(part)
+		if part != "" {
+			out = append(out, part)
+		}
+	}
+	return out
+}
+
+func getEnv(key, fallback string) string {
+	if val := strings.TrimSpace(os.Getenv(key)); val != "" {
+		return val
+	}
+	return fallback
+}
+