添加通道创建权限检查和ISP类型映射

README.md

@@ -14,10 +14,10 @@
 - [x] 选择套餐
   - [ ] 对接接口
   - [ ] 提取记录
-- [ ] 提取 IP
+- [x] 提取 IP
   - [ ] 长效提取
   - [ ] 使用记录
-- [ ] 连接
+- [x] 连接
 
 中间件：
 

web/handlers/channel.go

@@ -4,6 +4,7 @@ import (
 	"errors"
 	"fmt"
 	"log/slog"
+	"platform/web/auth"
 	q "platform/web/queries"
 	"platform/web/services"
 	"strconv"
@@ -25,27 +26,46 @@ type CreateChannelReq struct {
 }
 
 func CreateChannel(c *fiber.Ctx) error {
+	// 检查权限
+	authContext, err := auth.Protect(c, []services.PayloadType{services.PayloadUser}, []string{})
+	if err != nil {
+		return err
+	}
+	count, err := q.Whitelist.Where(
+		q.Whitelist.UserID.Eq(authContext.Payload.Id),
+		q.Whitelist.Host.Eq(c.IP()),
+	).Count()
+	if err != nil {
+		return err
+	}
+	if count == 0 {
+		return fiber.NewError(fiber.StatusForbidden, fmt.Sprintf("forbidden %s", c.IP()))
+	}
 
 	req := new(CreateChannelReq)
 	if err := c.BodyParser(req); err != nil {
 		return err
 	}
 
-	// 建立连接通道
+	var isp string
-	auth, ok := c.Locals("auth").(*services.AuthContext)
+	switch req.Isp {
-	if !ok {
+	case "1":
-		return errors.New("user not found")
+		isp = "电信"
+	case "2":
+		isp = "联通"
+	case "3":
+		isp = "移动"
 	}
 
 	result, err := services.Channel.CreateChannel(
 		c.Context(),
-		auth,
+		authContext,
 		req.ResourceId,
 		req.Protocol,
 		req.AuthType,
 		req.Count,
 		services.NodeFilterConfig{
-			Isp:  req.Isp,
+			Isp:  isp,
 			Prov: req.Prov,
 			City: req.City,
 		},

web/router.go

@@ -18,7 +18,7 @@ func ApplyRouters(app *fiber.App) {
 
 	// 通道
 	channel := api.Group("/channel")
-	channel.Post("/create", auth2.PermitAll(), handlers.CreateChannel)
+	channel.Post("/create", handlers.CreateChannel)
 	channel.Post("/remove", auth2.PermitAll(), handlers.RemoveChannels)
 
 	// 白名单