修改获取文件链接

handler/file.go

@@ -16,7 +16,7 @@ func SetUpFileGroup(router *gin.Engine) {
 	fileGroup.POST("/config_update", UpdateConfigFile)
 	fileGroup.POST("/config_search", SearchConfigFile)
 	fileGroup.POST("/upload", UploadFileV2)
-	fileGroup.GET("/general/:filename", GetFile)
+	fileGroup.GET("/general/:filename", GetFileV2)
 	fileGroup.POST("/file_list", GetUserFileList)
 	fileGroup.POST("/file_delete", DeleteUserFile)
 	fileGroup.POST("/file_update", UpdateUserFile)
@@ -33,6 +33,55 @@ type GetUserFileListReq struct {
 	Type     string `json:"type" form:"type"`           // all,search
 }
 
+func GetFileV2(c *gin.Context) {
+	//先查看是否有权限
+	filename := c.Param("filename")
+	var resp proto.FileContentResp
+	var req proto.GetFileRequest
+	err := c.ShouldBindQuery(&req)
+
+	if err != nil || filename == "" {
+		resp.Code = proto.ParameterError
+		resp.Message = "upload form parameter decode error:" + err.Error()
+		c.JSON(http.StatusOK, resp)
+		return
+	} else {
+		//查询文件信息
+		file := dao.FindFileByName(filename)
+		if file.ID == 0 {
+			resp.Code = proto.FileNotFound
+			resp.Message = "file not found"
+			c.JSON(http.StatusOK, resp)
+			return
+		}
+		//下载文件
+		if file.NeedAuth == false {
+			c.Header("Content-Disposition", "attachment; filename="+file.FileName)
+			c.File(file.FilePath + "/" + file.FileStoreName)
+		} else {
+			if req.Token == "" {
+				resp.Code = proto.TokenIsNull
+				resp.Message = "token is null"
+				c.JSON(http.StatusOK, resp)
+			} else {
+				user, err2 := service.GetUserInfoByToken(req.Token)
+				if err2 != nil {
+					resp.Code = proto.TokenInvalid
+					resp.Message = "token error"
+					c.JSON(http.StatusOK, resp)
+				} else if int(user.ID) != file.AuthID {
+					resp.Code = proto.PermissionDenied
+					resp.Message = "permission denied"
+					c.JSON(http.StatusOK, resp)
+				} else {
+					c.Header("Content-Disposition", "attachment; filename="+file.FileName)
+					c.File(file.FilePath + "/" + file.FileStoreName)
+				}
+			}
+		}
+	}
+}
+
 func GetUserFileList(c *gin.Context) {
 	id, _ := c.Get("id")
 	userId := int(id.(float64))

handler/tool.go

@@ -229,6 +229,7 @@ func GetFile(c *gin.Context) {
 	}
 	//下载文件
 	if file.NeedAuth == false {
+		c.Header("Content-Disposition", "attachment; filename="+file.FileName)
 		c.File(file.FilePath + "/" + file.FileStoreName)
 	} else {
 		c.JSON(http.StatusOK, gin.H{"code": proto.SuccessCode, "message": "file must auth", "data": "file must auth"})

proto/tool.go

@@ -37,6 +37,10 @@ type FileContentReq struct {
 	FileContent string `json:"file_content" form:"file_content"` // 文件内容
 }
 
+type GetFileRequest struct {
+	Token string `json:"token" form:"token"` // token
+}
+
 type FileContentResp struct {
 	Code    int    `json:"code"`
 	Message string `json:"message"`

service/userService.go

@@ -436,3 +436,24 @@ func CalculateUserTokenAndSetCache(user dao.User) (string, error) {
 
 	return tokenString, err
 }
+
+func GetUserInfoByToken(token string) (dao.User, error) {
+	//解析token
+	claims := jwt.MapClaims{}
+	var user dao.User
+	tkn, err := jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (interface{}, error) {
+		return proto.SigningKey, nil
+	})
+	if err != nil {
+		return user, err
+	}
+	if !tkn.Valid {
+		return user, errors.New("token is invalid")
+	}
+	id := int(claims["id"].(float64))
+	user = GetUserByIDWithCache(id)
+	if user.ID == 0 {
+		return user, errors.New("user not found")
+	}
+	return user, nil
+}