open-source/qinglong
1
0
Fork 0
mirror of https://github.com/whyour/qinglong.git synced 2025-12-23 15:50:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Apply code review suggestions: improve clarity and simplify logic

Browse Source 
Co-authored-by: whyour <22700758+whyour@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot] 2025-12-22 14:57:49 +00:00
parent 60aab8f95d
commit e56bdc8e81
2 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
back/loaders/express.ts
View File

@ -22,21 +22,22 @@ export default ({ app }: { app: Application }) => {
app.use(bodyParser.urlencoded({ limit: '50mb', extended: true })); app.use(bodyParser.urlencoded({ limit: '50mb', extended: true }));
const frontendPath = path.join(config.rootPath, 'static/dist'); const frontendPath = path.join(config.rootPath, 'static/dist');
if (config.baseUrl) { // Serve frontend static files at baseUrl (or root if baseUrl is empty)
app.use(config.baseUrl, express.static(frontendPath)); app.use(config.baseUrl || '/', express.static(frontendPath));
} else {
app.use(express.static(frontendPath));
}
// Create base-URL-aware whitelist for JWT // Create base-URL-aware whitelist for JWT
// When baseUrl is empty, paths remain as-is (e.g., '/api/user/login') // When baseUrl is empty, paths remain as-is (e.g., '/api/user/login')
// When baseUrl is set, paths are prefixed (e.g., '/qinglong/api/user/login') // When baseUrl is set, paths are prefixed (e.g., '/qinglong/api/user/login')
const jwtWhitelist = config.apiWhiteList.map(path => `${config.baseUrl}${path}`); const jwtWhitelist = config.apiWhiteList.map(path => `${config.baseUrl}${path}`);
// Helper to escape special regex characters
const escapeRegex = (str: string) => str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
// Exclude non-API/non-open paths from JWT requirement // Exclude non-API/non-open paths from JWT requirement
// When baseUrl is set: exclude paths that don't start with baseUrl/api/ or baseUrl/open/ // When baseUrl is set: exclude paths that don't start with baseUrl/api/ or baseUrl/open/
// When baseUrl is empty: exclude paths that don't start with /api/ or /open/ // When baseUrl is empty: exclude paths that don't start with /api/ or /open/
const jwtExcludePattern = config.baseUrl const jwtExcludePattern = config.baseUrl
? `^(?!${config.baseUrl.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')}/(api|open)/)` ? `^(?!${escapeRegex(config.baseUrl)}/(api|open)/)`
: '^(?!/(api|open)/)'; : '^(?!/(api|open)/)';
const jwtExcludeRegex = new RegExp(jwtExcludePattern); const jwtExcludeRegex = new RegExp(jwtExcludePattern);
@ -87,7 +88,9 @@ export default ({ app }: { app: Application }) => {
} }
// req.path already includes the full path with baseUrl // req.path already includes the full path with baseUrl
// e.g., when baseUrl=/qinglong and request is /qinglong/api/user/login, req.path=/qinglong/api/user/login // Previous logic used req.baseUrl (Express mount path) which is empty in our case
// since middleware is not mounted on a sub-router
// e.g., when request is /qinglong/api/user/login, req.path=/qinglong/api/user/login
const originPath = req.path; const originPath = req.path;
if ( if (
!headerToken && !headerToken &&

3
src/utils/http.tsx
View File

@ -93,7 +93,8 @@ const apiWhiteListBase = [
]; ];
// Only modify paths if baseUrl is set and not the default '/' // Only modify paths if baseUrl is set and not the default '/'
// Frontend baseUrl always ends with '/', so we remove leading '/' from paths // Note: Frontend baseUrl always ends with '/' (from serverEnv.ts normalization)
// so we remove the leading '/' from paths before concatenation
const apiWhiteList = config.baseUrl && config.baseUrl !== '/' const apiWhiteList = config.baseUrl && config.baseUrl !== '/'
? apiWhiteListBase.map(path => `${config.baseUrl}${path.substring(1)}`) ? apiWhiteListBase.map(path => `${config.baseUrl}${path.substring(1)}`)
: apiWhiteListBase; : apiWhiteListBase;