f21fa5b5e8
Commilitia Drop:自托管的跨设备剪贴板同步与点对点文件传输。 - 后端 Go(chi / SQLite WAL / SSE Hub / WebRTC signaling + 状态机 / Relay ring buffer),编译进单个 distroless 镜像(前端 go:embed)。 - 前端 React + TanStack Router + Zustand,自实现 SSE + WebRTC P2P,NAT 受阻时回退服务端中继;聚珍(Juzhen)CJK 综合排版。 - 桌面端 Wails v2(macOS / Windows),瘦客户端复用 web。 - 鉴权 OIDC PKCE(自建 Casdoor 等),refresh_token 信封加密存系统密钥库;iOS Shortcut 用 HS256 scoped token。 架构文档与变更记录见 docs 分支(PROJECT_BRIEF / FRONTEND_DESIGN / CHANGELOG)。 本次为公开发布初始提交:完整开发历史(含部署细节)留存于私有归档,公开仓库自此干净起步。
83 lines
2.6 KiB
Go
83 lines
2.6 KiB
Go
package httpapi
|
||
|
||
import (
|
||
"encoding/json"
|
||
"errors"
|
||
"net/http"
|
||
"time"
|
||
|
||
"commilitia.net/cdrop/internal/hub"
|
||
"commilitia.net/cdrop/internal/jwtauth"
|
||
)
|
||
|
||
// 4 KB caps DoS-via-paste; longer payloads should use file transfer instead.
|
||
const maxMessageBytes = 4 * 1024
|
||
|
||
// maxMessageBodyBytes bounds the raw request body BEFORE decode (R5): the 4 KB
|
||
// limit above checks the decoded Go string, so on its own the whole body is
|
||
// still read into memory first. The wire form can be larger than the decoded
|
||
// text — JSON escaping inflates quotes/control chars (worst case ~6×) — so the
|
||
// body cap is the content cap with headroom, not equal to it, to avoid falsely
|
||
// rejecting a legitimate 4 KB message while still bounding memory per request.
|
||
const maxMessageBodyBytes = maxMessageBytes * 8
|
||
|
||
type messageReq struct {
|
||
To string `json:"to"`
|
||
Text string `json:"text"`
|
||
}
|
||
|
||
// handleMessage forwards a one-shot text payload to a peer device. Reuses the
|
||
// SSE Hub the same way /api/hub/signal does — no DB row, no transfer state
|
||
// machine. Receiver sees a `message` event; the frontend keeps it in memory
|
||
// only until the tab closes (per user spec).
|
||
//
|
||
// 204 if delivered, 410 if peer offline, 413 if oversized.
|
||
func (s *Server) handleMessage(w http.ResponseWriter, r *http.Request) {
|
||
claims, _ := jwtauth.ClaimsFromContext(r.Context())
|
||
from, _ := jwtauth.DeviceNameFromContext(r.Context())
|
||
|
||
r.Body = http.MaxBytesReader(w, r.Body, maxMessageBodyBytes)
|
||
var req messageReq
|
||
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
|
||
var mbe *http.MaxBytesError
|
||
if errors.As(err, &mbe) {
|
||
writeJSON(w, http.StatusRequestEntityTooLarge,
|
||
map[string]string{"error": "message exceeds 4 KB"})
|
||
return
|
||
}
|
||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "invalid json"})
|
||
return
|
||
}
|
||
if req.To == "" {
|
||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "missing 'to'"})
|
||
return
|
||
}
|
||
if req.Text == "" {
|
||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "empty text"})
|
||
return
|
||
}
|
||
if len(req.Text) > maxMessageBytes {
|
||
writeJSON(w, http.StatusRequestEntityTooLarge,
|
||
map[string]string{"error": "message exceeds 4 KB"})
|
||
return
|
||
}
|
||
if req.To == from {
|
||
writeJSON(w, http.StatusBadRequest, map[string]string{"error": "cannot send to self"})
|
||
return
|
||
}
|
||
|
||
delivered := s.hub.SendTo(claims.UserID, req.To, hub.Event{
|
||
Type: "message",
|
||
Data: map[string]any{
|
||
"from": from,
|
||
"text": req.Text,
|
||
"sent_at": time.Now().Unix(),
|
||
},
|
||
})
|
||
if !delivered {
|
||
writeJSON(w, http.StatusGone, map[string]string{"error": "peer offline"})
|
||
return
|
||
}
|
||
w.WriteHeader(http.StatusNoContent)
|
||
}
|