Merge pull request #198 from huankong233/dev

Dev
HkList · Nov 23, 2024 · a9c28dd · a9c28dd
2 parents 06d87c9 + 866825f
commit a9c28dd
Show file tree

Hide file tree

Showing 104 changed files with 237 additions and 137 deletions.
diff --git a/.env.example b/.env.example
@@ -23,7 +23,7 @@ MAIL_FROM_NAME=Example
 MAIL_TO_ADDRESS=[email protected]
 MAIL_TO_NAME=Example
 
-_94LIST_VERSION=1.3.41
+_94LIST_VERSION=1.3.45
 _94LIST_SLEEP=3
 _94LIST_MAX_ONCE=20
 _94LIST_PASSWORD=""
@@ -47,3 +47,23 @@ _94LIST_SHOW_LOGIN_BUTTON=true
 _94LIST_TOKEN_BIND_IP=false
 HKLIST_PROXY_SERVER=
 HKLIST_PROXY_PASSWORD=
+
+# 企业版CK
+HKLIST_DOWNLOAD_TICKET_COOKIE=""
+# 企业版CID
+# 进入企业版网页 地址栏里有
+HKLIST_DOWNLOAD_TICKET_CID=""
+# 企业版 BDSTOKEN
+# 获取链接: https://pan.baidu.com/api/gettemplatevariable?fields=[%22bdstoken%22]
+HKLIST_DOWNLOAD_TICKET_BDSTOKEN=""
+# 存盘路径
+# 注意: 以/打头,结尾不需要/,注意这个文件夹需要手动先创建好,下面的分享链接需要是设定的这个文件夹
+HKLIST_DOWNLOAD_TICKET_PATH="/helloworld"
+
+# 记得填充下载卷(自行购买)
+# 企业版分享链接下载链接
+# https://pan.baidu.com/s/123456
+# 下面填 123456
+HKLIST_DOWNLOAD_TICKET_SURL=""
+# 企业版分享链接下载密码
+HKLIST_DOWNLOAD_TICKET_PWD=""
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,15 @@
 
 ## 2024
 
+### 11-23 v1.3.45
+
+- [+] 增加下载卷模式
+
+### 11-10 v1.3.42
+
+- [+] 增加防止同浏览器非同ip请求
+- [*] 切换本地ip库
+
 ### 09-09 v1.3.41
 
 - [+] 增加新解析模式

diff --git a/app/Http/Controllers/AccountController.php b/app/Http/Controllers/AccountController.php
@@ -381,7 +381,7 @@ public function getAccountsBan(Request $request)
         $http = new Client([
             "headers" => [
                 "User-Agent" => config("94list.fake_user_agent"),
-                "cookie" => $account["account_type"] === "cookie" ? $account["cookie"] : ""
+                "cookie" => $account["account_type"] === "cookie" || $account["account_type"] === "enterprise" ? $account["cookie"] : ""
             ]
         ]);
 
@@ -392,7 +392,7 @@ public function getAccountsBan(Request $request)
                     "channel" => "Windows%5f10%2e0%2e19045%5fUniyunguanjia%5fnetdisk%5f00000000000000000000000000000002",
                     "version" => "4.32.1",
                     "devuid" => "",
-                    "access_token" => $account["account_type"] === "cookie" ? "" : $account["access_token"]
+                    "access_token" => $account["account_type"] === "cookie" || $account["account_type"] === "enterprise" ? "" : $account["access_token"]
                 ]
             ]);
             $response = JSON::decode($res->getBody()->getContents());

diff --git a/app/Http/Controllers/ParseController.php b/app/Http/Controllers/ParseController.php
@@ -20,6 +20,7 @@
 use Illuminate\Support\Facades\DB;
 use Illuminate\Support\Facades\Validator;
 use Illuminate\Validation\Rule;
+use XdbSearcher;
 
 class ParseController extends Controller
 {
@@ -29,7 +30,7 @@ public function getConfig(Request $request)
 
         $parse_mode = $config["parse_mode"];
         $account_type = ["超级会员"];
-        if ($parse_mode === 11) {
+        if ($parse_mode === 11 || $parse_mode === 13) {
             $account_type = ["超级会员", "普通会员", "普通用户"];
         } else if ($parse_mode === 12) {
             $account_type = ["普通用户"];
@@ -56,67 +57,6 @@ public function getConfig(Request $request)
         ]);
     }
 
-    public function _getProvinceFromIP($ip): string|null|false
-    {
-        if ($ip === "0.0.0.0") return "上海市";
-
-        $http = new Client([
-            "headers" => [
-                "User-Agent" => "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Edg/125.0.0.0"
-            ]
-        ]);
-
-        try {
-            $res = $http->get("https://api.qjqq.cn/api/district", ["query" => ["ip" => $ip]]);
-            $response = JSON::decode($res->getBody()->getContents());
-
-            if (isset($response["code"]) && $response["code"] === 200 && isset($response["data"]["country"]) && isset($response["data"]["prov"])) {
-                if (config("94list.limit_cn")) {
-                    if ($response["data"]["country"] !== "中国") {
-                        return false;
-                    }
-                }
-
-                return $response["data"]["prov"] !== "" ? $response["data"]["prov"] : null;
-            }
-        } catch (Exception $e) {
-        }
-
-        try {
-            $res = $http->get("https://www.ip.cn/api/index", ["query" => ["ip" => $ip, "type" => 1]]);
-            $response = JSON::decode($res->getBody()->getContents());
-
-            if (isset($response["rs"]) && $response["rs"] !== 1 && isset($response["address"])) {
-                if (config("94list.limit_cn")) {
-                    if (str_contains($response["address"], "中国")) {
-                        return false;
-                    }
-                }
-
-                return $response["address"] !== "" ? $response["address"] : null;
-            }
-        } catch (Exception $e) {
-        }
-
-        try {
-            $res = $http->get("https://qifu.baidu.com/ip/geo/v1/district", ["query" => ["ip" => $ip]]);
-            $response = JSON::decode($res->getBody()->getContents());
-
-            if (isset($response["code"]) && $response["code"] === "Success" && isset($response["data"]["country"]) && isset($response["data"]["prov"])) {
-                if (config("94list.limit_cn")) {
-                    if ($response["data"]["country"] !== "中国") {
-                        return false;
-                    }
-                }
-
-                return $response["data"]["prov"] !== "" ? $response["data"]["prov"] : null;
-            }
-        } catch (Exception $e) {
-        }
-
-        return null;
-    }
-
     // 省份标准名称映射表
     const provinces = [
         "北京" => "北京市",
@@ -155,17 +95,28 @@ public function _getProvinceFromIP($ip): string|null|false
         "台湾" => "台湾省"
     ];
 
+    private static ?XdbSearcher $ip2region = null;
+
     public function getProvinceFromIP($ip)
     {
-        $prov = self::_getProvinceFromIP($ip);
-        if ($prov === null || $prov === false) return $prov;
+        if (!self::$ip2region) self::$ip2region = new XdbSearcher();
 
-        // 去除多余的空白字符
-        $name = trim($prov);
+        try {
+            $result = self::$ip2region->search($ip);
+            if (!$result) {
+                return "上海市";
+            } else {
+                if (config("94list.limit_cn") && !str_contains($result, "中国")) return false;
+                $arr = explode("|", $result);
+                $prov = $arr[2];
+            }
+        } catch (Exception $exception) {
+            return "上海市";
+        }
 
         // 匹配并返回标准省份名称
         foreach (self::provinces as $key => $standardName) {
-            if (str_contains($name, $key)) return $standardName;
+            if (str_contains($prov, $key)) return $standardName;
         }
 
         // 无匹配
@@ -642,7 +593,7 @@ public function getDownloadLinks(Request $request)
         } else {
             for ($i = 0; $i < count($request["fs_ids"]); $i++) {
                 $account_type = ["超级会员"];
-                if ($parse_mode === 11) {
+                if ($parse_mode === 11 || $parse_mode === 13) {
                     $account_type = ["超级会员", "普通会员", "普通用户"];
                 } else if ($parse_mode === 12) {
                     $account_type = ["普通用户"];
@@ -663,7 +614,9 @@ public function getDownloadLinks(Request $request)
             }
         }
 
-        $start = microtime(true);
+        if ($parse_mode === 13) {
+            $json["download_ticket"] = config("94list.download_ticket");
+        }
 
         try {
             $http = new Client();
@@ -726,7 +679,7 @@ public function getDownloadLinks(Request $request)
             $account = Account::query()->find($ck_id);
 
             if (isset($responseDatum["msg"]) && $responseDatum["msg"] === "获取成功") {
-                if (str_contains($url, "qdall01")) {
+                if (str_contains($url, "tsl=1")) {
                     $res["url"] = "账号被限速";
 
                     $account->update([

diff --git a/app/Http/Controllers/config/MainConfigController.php b/app/Http/Controllers/config/MainConfigController.php
@@ -25,7 +25,6 @@ public function getConfig(Request $request)
     public function updateConfig(Request $request)
     {
         $validator = Validator::make($request->all(), [
-            "sleep"               => "required|numeric",
             "max_once"            => "required|numeric",
             "password"            => "string",
             "announce"            => "string",
@@ -56,7 +55,6 @@ public function updateConfig(Request $request)
 
         $update = [];
 
-        $update["_94LIST_SLEEP"]               = $request["sleep"];
         $update["_94LIST_MAX_ONCE"]            = $request["max_once"];
         $update["_94LIST_PASSWORD"]            = '"' . $request["password"] . '"';
         $update["_94LIST_ANNOUNCE"]            = '"' . htmlspecialchars(str_replace("\n", "[NextLine]", $request["announce"]), ENT_QUOTES) . '"';

diff --git a/app/Http/Middleware/ParamCheck.php b/app/Http/Middleware/ParamCheck.php
@@ -0,0 +1,49 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Http\Controllers\ResponseController;
+use App\Http\Controllers\UtilsController;
+use App\Models\Ip;
+use Closure;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Cache;
+use Symfony\Component\HttpFoundation\Response;
+
+class ParamCheck
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        // 查询指纹是否存在
+        if (!$request["print"] || !$request["rand"]) return ResponseController::paramsError();
+
+        $print = Cache::get($request["print"]);
+        $rand = $request["rand"];
+        $temp = $request->method() === "GET" ? $request->query() : $request->post();
+        unset($temp["rand"]);
+
+        // 校验哈希
+        if ($rand !== sha1(json_encode($temp, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE))) return ResponseController::paramsError();
+
+        if (!$print) {
+            Cache::put($request["print"], [UtilsController::getIp()]);
+            return $next($request);
+        }
+
+        if (!in_array(UtilsController::getIp(), $print)) {
+            if (count($print) > 3) {
+                return ResponseController::inBlackList();
+            } else {
+                $print[] = UtilsController::getIp();
+                Cache::put($request["print"], $print);
+            }
+        }
+
+        return $next($request);
+    }
+}
diff --git a/bootstrap/app.php b/bootstrap/app.php
@@ -4,6 +4,7 @@
 use App\Http\Middleware\IpFilter;
 use App\Http\Middleware\NeedInstall;
 use App\Http\Middleware\NeedPassword;
+use App\Http\Middleware\ParamCheck;
 use App\Http\Middleware\RoleFilter;
 use Illuminate\Foundation\Application;
 use Illuminate\Foundation\Configuration\Exceptions;
@@ -25,6 +26,7 @@
                           'NeedInstall'  => NeedInstall::class,
                           'NeedPassword' => NeedPassword::class,
                           'AutoUpdate'   => AutoUpdate::class,
+                          'ParamCheck'   => ParamCheck::class
                       ]);
 
                       $middleware->web(remove: [
@@ -34,6 +36,8 @@
                       $middleware->use([
                           StartSession::class
                       ]);
+
+                      $middleware->trustProxies("*");
                   })
                   ->withExceptions(function (Exceptions $exceptions) {
                       //

diff --git a/composer.json b/composer.json
@@ -8,7 +8,8 @@
         "php": "^8.2",
         "laravel/framework": "^11.0",
         "laravel/sanctum": "^4.0",
-        "laravel/tinker": "^2.9"
+        "laravel/tinker": "^2.9",
+        "zoujingli/ip2region": "^2.0"
     },
     "require-dev": {
         "fakerphp/faker": "^1.23",

diff --git a/composer.lock b/composer.lock