cdrop — 跨 OS 剪贴板与文件传输服务
Commilitia Drop:自托管的跨设备剪贴板同步与点对点文件传输。 - 后端 Go(chi / SQLite WAL / SSE Hub / WebRTC signaling + 状态机 / Relay ring buffer),编译进单个 distroless 镜像(前端 go:embed)。 - 前端 React + TanStack Router + Zustand,自实现 SSE + WebRTC P2P,NAT 受阻时回退服务端中继;聚珍(Juzhen)CJK 综合排版。 - 桌面端 Wails v2(macOS / Windows),瘦客户端复用 web。 - 鉴权 OIDC PKCE(自建 Casdoor 等),refresh_token 信封加密存系统密钥库;iOS Shortcut 用 HS256 scoped token。 架构文档与变更记录见 docs 分支(PROJECT_BRIEF / FRONTEND_DESIGN / CHANGELOG)。 本次为公开发布初始提交:完整开发历史(含部署细节)留存于私有归档,公开仓库自此干净起步。
This commit is contained in:
@@ -0,0 +1,82 @@
|
||||
package httpapi
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"net/http"
|
||||
"time"
|
||||
|
||||
"commilitia.net/cdrop/internal/hub"
|
||||
"commilitia.net/cdrop/internal/jwtauth"
|
||||
)
|
||||
|
||||
// 4 KB caps DoS-via-paste; longer payloads should use file transfer instead.
|
||||
const maxMessageBytes = 4 * 1024
|
||||
|
||||
// maxMessageBodyBytes bounds the raw request body BEFORE decode (R5): the 4 KB
|
||||
// limit above checks the decoded Go string, so on its own the whole body is
|
||||
// still read into memory first. The wire form can be larger than the decoded
|
||||
// text — JSON escaping inflates quotes/control chars (worst case ~6×) — so the
|
||||
// body cap is the content cap with headroom, not equal to it, to avoid falsely
|
||||
// rejecting a legitimate 4 KB message while still bounding memory per request.
|
||||
const maxMessageBodyBytes = maxMessageBytes * 8
|
||||
|
||||
type messageReq struct {
|
||||
To string `json:"to"`
|
||||
Text string `json:"text"`
|
||||
}
|
||||
|
||||
// handleMessage forwards a one-shot text payload to a peer device. Reuses the
|
||||
// SSE Hub the same way /api/hub/signal does — no DB row, no transfer state
|
||||
// machine. Receiver sees a `message` event; the frontend keeps it in memory
|
||||
// only until the tab closes (per user spec).
|
||||
//
|
||||
// 204 if delivered, 410 if peer offline, 413 if oversized.
|
||||
func (s *Server) handleMessage(w http.ResponseWriter, r *http.Request) {
|
||||
claims, _ := jwtauth.ClaimsFromContext(r.Context())
|
||||
from, _ := jwtauth.DeviceNameFromContext(r.Context())
|
||||
|
||||
r.Body = http.MaxBytesReader(w, r.Body, maxMessageBodyBytes)
|
||||
var req messageReq
|
||||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||||
var mbe *http.MaxBytesError
|
||||
if errors.As(err, &mbe) {
|
||||
writeJSON(w, http.StatusRequestEntityTooLarge,
|
||||
map[string]string{"error": "message exceeds 4 KB"})
|
||||
return
|
||||
}
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "invalid json"})
|
||||
return
|
||||
}
|
||||
if req.To == "" {
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "missing 'to'"})
|
||||
return
|
||||
}
|
||||
if req.Text == "" {
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "empty text"})
|
||||
return
|
||||
}
|
||||
if len(req.Text) > maxMessageBytes {
|
||||
writeJSON(w, http.StatusRequestEntityTooLarge,
|
||||
map[string]string{"error": "message exceeds 4 KB"})
|
||||
return
|
||||
}
|
||||
if req.To == from {
|
||||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "cannot send to self"})
|
||||
return
|
||||
}
|
||||
|
||||
delivered := s.hub.SendTo(claims.UserID, req.To, hub.Event{
|
||||
Type: "message",
|
||||
Data: map[string]any{
|
||||
"from": from,
|
||||
"text": req.Text,
|
||||
"sent_at": time.Now().Unix(),
|
||||
},
|
||||
})
|
||||
if !delivered {
|
||||
writeJSON(w, http.StatusGone, map[string]string{"error": "peer offline"})
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusNoContent)
|
||||
}
|
||||
Reference in New Issue
Block a user