-
Notifications
You must be signed in to change notification settings - Fork 181
/
alist-proxy.js
152 lines (147 loc) · 3.97 KB
/
alist-proxy.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
// src/const.ts
var ADDRESS = "YOUR_ADDRESS";
var TOKEN = "YOUR_TOKEN";
var WORKER_ADDRESS = "YOUR_WORKER_ADDRESS";
// src/verify.ts
var verify = async (data, _sign) => {
const signSlice = _sign.split(":");
if (!signSlice[signSlice.length - 1]) {
return "expire missing";
}
const expire = parseInt(signSlice[signSlice.length - 1]);
if (isNaN(expire)) {
return "expire invalid";
}
if (expire < Date.now() / 1e3 && expire > 0) {
return "expire expired";
}
const right = await hmacSha256Sign(data, expire);
if (_sign !== right) {
return "sign mismatch";
}
return "";
};
var hmacSha256Sign = async (data, expire) => {
const key = await crypto.subtle.importKey(
"raw",
new TextEncoder().encode(TOKEN),
{ name: "HMAC", hash: "SHA-256" },
false,
["sign", "verify"]
);
const buf = await crypto.subtle.sign(
{
name: "HMAC",
hash: "SHA-256"
},
key,
new TextEncoder().encode(`${data}:${expire}`)
);
return btoa(String.fromCharCode(...new Uint8Array(buf))).replace(/\+/g, "-").replace(/\//g, "_") + ":" + expire;
};
// src/handleDownload.ts
async function handleDownload(request) {
const origin = request.headers.get("origin") ?? "*";
const url = new URL(request.url);
const path = decodeURIComponent(url.pathname);
const sign = url.searchParams.get("sign") ?? "";
const verifyResult = await verify(path, sign);
if (verifyResult !== "") {
const resp2 = new Response(
JSON.stringify({
code: 401,
message: verifyResult
}),
{
headers: {
"content-type": "application/json;charset=UTF-8"
}
}
);
resp2.headers.set("Access-Control-Allow-Origin", origin);
return resp2;
}
let resp = await fetch(`${ADDRESS}/api/fs/link`, {
method: "POST",
headers: {
"content-type": "application/json;charset=UTF-8",
Authorization: TOKEN
},
body: JSON.stringify({
path
})
});
let res = await resp.json();
if (res.code !== 200) {
return new Response(JSON.stringify(res));
}
request = new Request(res.data.url, request);
if (res.data.header) {
for (const k in res.data.header) {
for (const v of res.data.header[k]) {
request.headers.set(k, v);
}
}
}
let response = await fetch(request);
while (response.status >= 300 && response.status < 400) {
const location = response.headers.get("Location");
if (location) {
if (location.startsWith(`${WORKER_ADDRESS}/`)) {
request = new Request(location, request);
return await handleRequest(request);
} else {
request = new Request(location, request);
response = await fetch(request);
}
} else {
break;
}
}
response = new Response(response.body, response);
response.headers.delete("set-cookie");
response.headers.set("Access-Control-Allow-Origin", origin);
response.headers.append("Vary", "Origin");
return response;
}
// src/handleOptions.ts
function handleOptions(request) {
const corsHeaders = {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET,HEAD,POST,OPTIONS",
"Access-Control-Max-Age": "86400"
};
let headers = request.headers;
if (headers.get("Origin") !== null && headers.get("Access-Control-Request-Method") !== null) {
let respHeaders = {
...corsHeaders,
"Access-Control-Allow-Headers": request.headers.get("Access-Control-Request-Headers") || ""
};
return new Response(null, {
headers: respHeaders
});
} else {
return new Response(null, {
headers: {
Allow: "GET, HEAD, POST, OPTIONS"
}
});
}
}
// src/handleRequest.ts
async function handleRequest(request) {
if (request.method === "OPTIONS") {
return handleOptions(request);
}
return await handleDownload(request);
}
// src/index.ts
var src_default = {
async fetch(request, env, ctx) {
return await handleRequest(request);
}
};
export {
src_default as default
};
//# sourceMappingURL=index.js.map