Update the html.

build/html/index.html

@@ -1 +1 @@
-<!DOCTYPE html><html><head><title>蓝眼云盘</title><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="user-scalable=no,width=device-width,initial-scale=1,maximum-scale=1"><meta name=msapplication-tap-highlight content=no><meta name=apple-mobile-web-app-capable content=yes><link rel="shortcut icon" href=/favicon.ico><link href=/static/css/app.bdde40e4d5688f8230e3b40d273138b8.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=/static/js/manifest.2ae2e69a05c33dfc65f8.js></script><script type=text/javascript src=/static/js/vendor.40273dbea93c564c558d.js></script><script type=text/javascript src=/static/js/app.6fb26ded78f54696e4cc.js></script></body></html>
+<!DOCTYPE html><html><head><title>蓝眼云盘</title><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="user-scalable=no,width=device-width,initial-scale=1,maximum-scale=1"><meta name=msapplication-tap-highlight content=no><meta name=apple-mobile-web-app-capable content=yes><link rel="shortcut icon" href=/favicon.ico><link href=/static/css/app.bdde40e4d5688f8230e3b40d273138b8.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=/static/js/manifest.2ae2e69a05c33dfc65f8.js></script><script type=text/javascript src=/static/js/vendor.40273dbea93c564c558d.js></script><script type=text/javascript src=/static/js/app.cc7ec6a86d763e874592.js></script></body></html>

rest/alien_controller.go

@@ -106,19 +106,27 @@ func (this *AlienController) HandleRoutes(writer http.ResponseWriter, request *h
 	return nil, false
 }
 
-//直接使用邮箱和密码获取用户
-func (this *AlienController) CheckRequestUser(email, password string) *User {
+//直接从cookie中获取用户信息，或者使用邮箱和密码获取用户
+func (this *AlienController) CheckRequestUser(writer http.ResponseWriter, request *http.Request) *User {
 
+	//根据用户登录信息取
+	user := this.findUser(writer, request)
+	if user != nil {
+		return user;
+	}
+
+	email := request.FormValue("email")
 	if email == "" {
 		panic("邮箱必填啦")
 	}
 
+	password := request.FormValue("password")
 	if password == "" {
 		panic("密码必填")
 	}
 
 	//验证用户身份合法性。
-	user := this.userDao.FindByEmail(email)
+	user = this.userDao.FindByEmail(email)
 	if user == nil {
 		panic(`邮箱或密码错误`)
 	} else {
@@ -190,7 +198,7 @@ func (this *AlienController) FetchUploadToken(writer http.ResponseWriter, reques
 	//文件夹路径，以 / 开头。
 	dir := request.FormValue("dir")
 
-	user := this.CheckRequestUser(request.FormValue("email"), request.FormValue("password"))
+	user := this.CheckRequestUser(writer, request)
 	dirUuid := this.matterService.GetDirUuid(user.Uuid, dir)
 
 	mm, _ := time.ParseDuration(fmt.Sprintf("%ds", expire))
@@ -219,7 +227,7 @@ func (this *AlienController) Confirm(writer http.ResponseWriter, request *http.R
 		panic("matterUuid必填")
 	}
 
-	user := this.CheckRequestUser(request.FormValue("email"), request.FormValue("password"))
+	user := this.CheckRequestUser(writer, request)
 
 	matter := this.matterDao.CheckByUuid(matterUuid)
 	if matter.UserUuid != user.Uuid {
@@ -346,7 +354,7 @@ func (this *AlienController) CrawlDirect(writer http.ResponseWriter, request *ht
 
 	//文件夹路径，以 / 开头。
 	dir := request.FormValue("dir")
-	user := this.CheckRequestUser(request.FormValue("email"), request.FormValue("password"))
+	user := this.CheckRequestUser(writer, request)
 	dirUuid := this.matterService.GetDirUuid(user.Uuid, dir)
 
 	matter := this.matterService.Crawl(url, filename, user, dirUuid, privacy)
@@ -362,7 +370,7 @@ func (this *AlienController) FetchDownloadToken(writer http.ResponseWriter, requ
 		panic("matterUuid必填")
 	}
 
-	user := this.CheckRequestUser(request.FormValue("email"), request.FormValue("password"))
+	user := this.CheckRequestUser(writer, request)
 
 	matter := this.matterDao.CheckByUuid(matterUuid)
 	if matter.UserUuid != user.Uuid {
@@ -401,17 +409,14 @@ func (this *AlienController) FetchDownloadToken(writer http.ResponseWriter, requ
 
 }
 
-
 //预览一个文件。既可以使用登录的方式，也可以使用授权的方式
 func (this *AlienController) Preview(writer http.ResponseWriter, request *http.Request, uuid string, filename string) {
 
-	operator := this.findUser(writer, request)
-	this.alienService.PreviewOrDownload(writer, request, uuid, filename, operator, false)
+	this.alienService.PreviewOrDownload(writer, request, uuid, filename,  false)
 }
 
-
 //下载一个文件。既可以使用登录的方式，也可以使用授权的方式
 func (this *AlienController) Download(writer http.ResponseWriter, request *http.Request, uuid string, filename string) {
-	operator := this.findUser(writer, request)
-	this.alienService.PreviewOrDownload(writer, request, uuid, filename, operator, true)
+
+	this.alienService.PreviewOrDownload(writer, request, uuid, filename,  true)
 }

rest/alien_service.go

@@ -65,7 +65,6 @@ func (this *AlienService) PreviewOrDownload(
 	request *http.Request,
 	uuid string,
 	filename string,
-	operator *User,
 	withContentDisposition bool) {
 
 	matter := this.matterDao.CheckByUuid(uuid)
@@ -100,13 +99,14 @@ func (this *AlienService) PreviewOrDownload(
 				panic(CODE_WRAPPER_UNAUTHORIZED)
 			}
 
-			//下载之后立即过期掉。
-			downloadToken.ExpireTime = time.Now().AddDate(0, 0, 1);
+			//下载之后立即过期掉。如果是分块下载的，必须以最终获取到完整的数据为准。
+			downloadToken.ExpireTime = time.Now()
 			this.downloadTokenDao.Save(downloadToken)
 
 		} else {
 
 			//判断文件的所属人是否正确
+			operator := this.findUser(writer, request)
 			if operator == nil || (operator.Role != USER_ROLE_ADMINISTRATOR && matter.UserUuid != operator.Uuid) {
 				panic(CODE_WRAPPER_UNAUTHORIZED)
 			}

rest/matter_controller.go

@@ -192,7 +192,6 @@ func (this *MatterController) Page(writer http.ResponseWriter, request *http.Req
 		extensions = strings.Split(extensionsStr, ",")
 	}
 
-
 	sortArray := []OrderPair{
 		{
 			key:   "dir",

rest/util_mime.go

@@ -458,6 +458,7 @@ var allMimeMap = map[string]string{
 	".spc":                    "application/x-pkcs7-certificates",
 	".spl":                    "application/futuresplash",
 	".spx":                    "audio/ogg",
+	".sql":                    "text/plain",
 	".src":                    "application/x-wais-source",
 	".srf":                    "text/plain",
 	".SSISDeploymentManifest": "text/xml",

rest/web_result.go

@@ -28,7 +28,7 @@ var (
 	CODE_WRAPPER_LOGIN                   = &CodeWrapper{Code: "LOGIN", HttpStatus: http.StatusUnauthorized, Description: "未登录，禁止访问"}
 	CODE_WRAPPER_LOGIN_EXPIRE            = &CodeWrapper{Code: "LOGIN_EXPIRE", HttpStatus: http.StatusUnauthorized, Description: "登录过期，请重新登录"}
 	CODE_WRAPPER_USER_DISABLED           = &CodeWrapper{Code: "USER_DISABLED", HttpStatus: http.StatusForbidden, Description: "账户被禁用，禁止访问"}
-	CODE_WRAPPER_UNAUTHORIZED            = &CodeWrapper{Code: "LOGIN", HttpStatus: http.StatusUnauthorized, Description: "没有权限，禁止访问"}
+	CODE_WRAPPER_UNAUTHORIZED            = &CodeWrapper{Code: "UNAUTHORIZED", HttpStatus: http.StatusUnauthorized, Description: "没有权限，禁止访问"}
 	CODE_WRAPPER_NOT_FOUND               = &CodeWrapper{Code: "NOT_FOUND", HttpStatus: http.StatusNotFound, Description: "内容不存在"}
 	CODE_WRAPPER_RANGE_NOT_SATISFIABLE   = &CodeWrapper{Code: "RANGE_NOT_SATISFIABLE", HttpStatus: http.StatusRequestedRangeNotSatisfiable, Description: "文件范围读取错误"}
 	CODE_WRAPPER_UNKNOWN                 = &CodeWrapper{Code: "UNKNOWN", HttpStatus: http.StatusInternalServerError, Description: "服务器未知错误"}