feat(wopi): implement required rest api as a WOPI host

middleware/wopi.go

@@ -0,0 +1,70 @@
+package middleware
+
+import (
+	model "github.com/cloudreve/Cloudreve/v3/models"
+	"github.com/cloudreve/Cloudreve/v3/pkg/cache"
+	"github.com/cloudreve/Cloudreve/v3/pkg/wopi"
+	"github.com/gin-gonic/gin"
+	"net/http"
+	"strings"
+)
+
+const (
+	WopiSessionCtx = "wopi_session"
+)
+
+// WopiWriteAccess validates if write access is obtained.
+func WopiWriteAccess() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		session := c.MustGet(WopiSessionCtx).(*wopi.SessionCache)
+		if session.Action != wopi.ActionEdit {
+			c.Status(http.StatusNotFound)
+			c.Header(wopi.ServerErrorHeader, "read-only access")
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}
+
+func WopiAccessValidation(w wopi.Client, store cache.Driver) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		accessToken := strings.Split(c.Query(wopi.AccessTokenQuery), ".")
+		if len(accessToken) != 2 {
+			c.Status(http.StatusForbidden)
+			c.Header(wopi.ServerErrorHeader, "malformed access token")
+			c.Abort()
+			return
+		}
+
+		sessionRaw, exist := store.Get(wopi.SessionCachePrefix + accessToken[0])
+		if !exist {
+			c.Status(http.StatusForbidden)
+			c.Header(wopi.ServerErrorHeader, "invalid access token")
+			c.Abort()
+			return
+		}
+
+		session := sessionRaw.(wopi.SessionCache)
+		user, err := model.GetActiveUserByID(session.UserID)
+		if err != nil {
+			c.Status(http.StatusInternalServerError)
+			c.Header(wopi.ServerErrorHeader, "user not found")
+			c.Abort()
+			return
+		}
+
+		fileID := c.MustGet("object_id").(uint)
+		if fileID != session.FileID {
+			c.Status(http.StatusInternalServerError)
+			c.Header(wopi.ServerErrorHeader, "file not found")
+			c.Abort()
+			return
+		}
+
+		c.Set("user", &user)
+		c.Set(WopiSessionCtx, &session)
+		c.Next()
+	}
+}