controller.go 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466
  1. package sub
  2. import (
  3. "bytes"
  4. "encoding/base64"
  5. "encoding/json"
  6. "fmt"
  7. "html/template"
  8. "net/http"
  9. "net/url"
  10. "os"
  11. "path/filepath"
  12. "strconv"
  13. "strings"
  14. "sync"
  15. "time"
  16. "github.com/gin-gonic/gin"
  17. "github.com/mhsanaei/3x-ui/v3/internal/logger"
  18. "github.com/mhsanaei/3x-ui/v3/internal/web/service"
  19. )
  20. // writeSubError translates a service-layer result into an HTTP response.
  21. // A nil error with no rows means the subId doesn't match anything (deleted
  22. // client, never-existed id) and becomes 404. A real error becomes 500. No
  23. // body — VPN clients only look at the status.
  24. func writeSubError(c *gin.Context, err error) {
  25. if err == nil {
  26. c.Status(http.StatusNotFound)
  27. return
  28. }
  29. c.Status(http.StatusInternalServerError)
  30. }
  31. // cachedSubTemplate holds a parsed custom subscription template together with
  32. // the modification time of the file it was parsed from, so the cache can be
  33. // invalidated when an admin edits the template on disk.
  34. type cachedSubTemplate struct {
  35. tmpl *template.Template
  36. modTime time.Time
  37. }
  38. // SUBController handles HTTP requests for subscription links and JSON configurations.
  39. type SUBController struct {
  40. subTitle string
  41. subSupportUrl string
  42. subProfileUrl string
  43. subAnnounce string
  44. subEnableRouting bool
  45. subRoutingRules string
  46. subHideSettings bool
  47. subIncyEnableRouting bool
  48. subIncyRoutingRules string
  49. subPath string
  50. subJsonPath string
  51. subClashPath string
  52. jsonEnabled bool
  53. clashEnabled bool
  54. subEncrypt bool
  55. updateInterval string
  56. subService *SubService
  57. subJsonService *SubJsonService
  58. subClashService *SubClashService
  59. settingService service.SettingService
  60. subTemplateMu sync.RWMutex
  61. subTemplateCache map[string]*cachedSubTemplate
  62. }
  63. // NewSUBController creates a new subscription controller with the given configuration.
  64. func NewSUBController(
  65. g *gin.RouterGroup,
  66. subPath string,
  67. jsonPath string,
  68. clashPath string,
  69. jsonEnabled bool,
  70. clashEnabled bool,
  71. encrypt bool,
  72. remarkTemplate string,
  73. update string,
  74. jsonMux string,
  75. jsonRules string,
  76. jsonFinalMask string,
  77. clashEnableRouting bool,
  78. clashRules string,
  79. subTitle string,
  80. subSupportUrl string,
  81. subProfileUrl string,
  82. subAnnounce string,
  83. subEnableRouting bool,
  84. subRoutingRules string,
  85. subHideSettings bool,
  86. subIncyEnableRouting bool,
  87. subIncyRoutingRules string,
  88. ) *SUBController {
  89. sub := NewSubService(remarkTemplate)
  90. a := &SUBController{
  91. subTitle: subTitle,
  92. subSupportUrl: subSupportUrl,
  93. subProfileUrl: subProfileUrl,
  94. subAnnounce: subAnnounce,
  95. subEnableRouting: subEnableRouting,
  96. subRoutingRules: subRoutingRules,
  97. subHideSettings: subHideSettings,
  98. subIncyEnableRouting: subIncyEnableRouting,
  99. subIncyRoutingRules: subIncyRoutingRules,
  100. subPath: subPath,
  101. subJsonPath: jsonPath,
  102. subClashPath: clashPath,
  103. jsonEnabled: jsonEnabled,
  104. clashEnabled: clashEnabled,
  105. subEncrypt: encrypt,
  106. updateInterval: update,
  107. subService: sub,
  108. subJsonService: NewSubJsonService(jsonMux, jsonRules, jsonFinalMask, sub),
  109. subClashService: NewSubClashService(clashEnableRouting, clashRules, sub),
  110. subTemplateCache: map[string]*cachedSubTemplate{},
  111. }
  112. a.initRouter(g)
  113. return a
  114. }
  115. // initRouter registers HTTP routes for subscription links and JSON endpoints
  116. // on the provided router group.
  117. func (a *SUBController) initRouter(g *gin.RouterGroup) {
  118. gLink := g.Group(a.subPath)
  119. gLink.GET(":subid", a.subs)
  120. gLink.HEAD(":subid", a.subs)
  121. if a.jsonEnabled {
  122. gJson := g.Group(a.subJsonPath)
  123. gJson.GET(":subid", a.subJsons)
  124. gJson.HEAD(":subid", a.subJsons)
  125. }
  126. if a.clashEnabled {
  127. gClash := g.Group(a.subClashPath)
  128. gClash.GET(":subid", a.subClashs)
  129. gClash.HEAD(":subid", a.subClashs)
  130. }
  131. }
  132. // maybeServeSubPage renders the HTML info page when the request comes from a
  133. // browser (Accept: text/html) or explicitly asks for it (?html=1 or ?view=html).
  134. // It reports whether the request was handled. The remark template's per-client
  135. // info is for the content a client app imports — the raw subscription body. A
  136. // browser viewing the HTML info page gets clean, name-only remarks (usage is
  137. // shown in the page summary).
  138. func (a *SUBController) maybeServeSubPage(c *gin.Context) bool {
  139. accept := c.GetHeader("Accept")
  140. wantsHTML := strings.Contains(strings.ToLower(accept), "text/html") || c.Query("html") == "1" || strings.EqualFold(c.Query("view"), "html")
  141. if !wantsHTML {
  142. return false
  143. }
  144. subId := c.Param("subid")
  145. _, host, _, hostHeader := a.subService.ResolveRequest(c)
  146. subReq := a.subService.ForRequest(host)
  147. subReq.subscriptionBody = false
  148. subs, emails, lastOnline, traffic, err := subReq.getSubs(subId)
  149. if err != nil || len(subs) == 0 {
  150. writeSubError(c, err)
  151. return true
  152. }
  153. subURL, subJsonURL, subClashURL := subReq.BuildURLs(a.subPath, a.subJsonPath, a.subClashPath, subId)
  154. if !a.jsonEnabled {
  155. subJsonURL = ""
  156. }
  157. if !a.clashEnabled {
  158. subClashURL = ""
  159. }
  160. basePath, exists := c.Get("base_path")
  161. if !exists {
  162. basePath = "/"
  163. }
  164. basePathStr := basePath.(string)
  165. page := subReq.BuildPageData(subId, hostHeader, traffic, lastOnline, subs, emails, subURL, subJsonURL, subClashURL, basePathStr, a.subTitle, a.subSupportUrl)
  166. a.serveSubPage(c, basePathStr, page)
  167. return true
  168. }
  169. // subs handles HTTP requests for subscription links, returning either HTML page or base64-encoded subscription data.
  170. func (a *SUBController) subs(c *gin.Context) {
  171. if a.maybeServeSubPage(c) {
  172. return
  173. }
  174. subId := c.Param("subid")
  175. scheme, host, hostWithPort, _ := a.subService.ResolveRequest(c)
  176. subReq := a.subService.ForRequest(host)
  177. subReq.subscriptionBody = true
  178. subs, _, _, traffic, err := subReq.getSubs(subId)
  179. if err != nil || len(subs) == 0 {
  180. writeSubError(c, err)
  181. } else {
  182. var result strings.Builder
  183. for _, sub := range subs {
  184. result.WriteString(sub)
  185. result.WriteString("\n")
  186. }
  187. // Add headers
  188. header := fmt.Sprintf("upload=%d; download=%d; total=%d; expire=%d", traffic.Up, traffic.Down, traffic.Total, traffic.ExpiryTime/1000)
  189. profileUrl := a.subProfileUrl
  190. if profileUrl == "" {
  191. profileUrl = fmt.Sprintf("%s://%s%s", scheme, hostWithPort, c.Request.RequestURI)
  192. }
  193. a.ApplyCommonHeaders(c, header, a.updateInterval, a.subTitle, a.subSupportUrl, profileUrl, a.subAnnounce, a.subEnableRouting, a.subRoutingRules, a.subHideSettings)
  194. if a.subIncyEnableRouting && a.subIncyRoutingRules != "" {
  195. result.WriteString(a.subIncyRoutingRules)
  196. result.WriteString("\n")
  197. }
  198. if a.subEncrypt {
  199. c.String(200, base64.StdEncoding.EncodeToString([]byte(result.String())))
  200. } else {
  201. c.String(200, result.String())
  202. }
  203. }
  204. }
  205. // serveSubPage renders internal/web/dist/subpage.html for the current subscription
  206. // request. The Vite-built SPA reads window.__SUB_PAGE_DATA__ on mount —
  207. // we inject that here, along with window.X_UI_BASE_PATH so the
  208. // page's static asset references resolve correctly when the panel runs
  209. // behind a URL prefix.
  210. func (a *SUBController) serveSubPage(c *gin.Context, basePath string, page PageData) {
  211. var body []byte
  212. if diskBody, diskErr := os.ReadFile("internal/web/dist/subpage.html"); diskErr == nil {
  213. body = diskBody
  214. } else {
  215. readBody, err := distFS.ReadFile("dist/subpage.html")
  216. if err != nil {
  217. c.String(http.StatusInternalServerError, "missing embedded subpage")
  218. return
  219. }
  220. body = readBody
  221. }
  222. // Vite emits absolute asset URLs (`/assets/...`); when the panel is
  223. // installed under a custom URL prefix, rewrite them so the bundle
  224. // loads from `<basePath>assets/...` where the static handler is
  225. // actually mounted.
  226. if basePath != "/" && basePath != "" {
  227. body = bytes.ReplaceAll(body, []byte(`src="/assets/`), []byte(`src="`+basePath+`assets/`))
  228. body = bytes.ReplaceAll(body, []byte(`href="/assets/`), []byte(`href="`+basePath+`assets/`))
  229. }
  230. // JSON-marshal the view-model so the SPA can read it as a plain
  231. // The panel's "Calendar Type" setting decides whether the SubPage
  232. // renders dates in Gregorian or Jalali — surface it here so the SPA
  233. // can match the rest of the panel without a round-trip.
  234. datepicker, _ := a.settingService.GetDatepicker()
  235. if datepicker == "" {
  236. datepicker = "gregorian"
  237. }
  238. subData := map[string]any{
  239. "sId": page.SId,
  240. "enabled": page.Enabled,
  241. "download": page.Download,
  242. "upload": page.Upload,
  243. "total": page.Total,
  244. "used": page.Used,
  245. "remained": page.Remained,
  246. "expire": page.Expire,
  247. "lastOnline": page.LastOnline,
  248. "downloadByte": page.DownloadByte,
  249. "uploadByte": page.UploadByte,
  250. "totalByte": page.TotalByte,
  251. "subUrl": page.SubUrl,
  252. "subJsonUrl": page.SubJsonUrl,
  253. "subClashUrl": page.SubClashUrl,
  254. "subTitle": page.SubTitle,
  255. "subSupportUrl": page.SubSupportUrl,
  256. "links": page.Result,
  257. "emails": page.Emails,
  258. "datepicker": datepicker,
  259. }
  260. // When an admin has configured a custom subscription theme, render it
  261. // instead of the default SPA. We render into a buffer first so a template
  262. // that fails mid-execution can't leave a partially-written (corrupt)
  263. // response — on any error we log and fall through to the default page.
  264. if themeDir, _ := a.settingService.GetSubThemeDir(); themeDir != "" {
  265. if tmpl, err := a.loadSubTemplate(themeDir); err != nil {
  266. logger.Error("sub: custom template parse failed, using default page:", err)
  267. } else if tmpl == nil {
  268. logger.Warning("sub: subThemeDir set but no usable template found, using default page:", themeDir)
  269. } else {
  270. var buf bytes.Buffer
  271. if execErr := tmpl.Execute(&buf, subData); execErr != nil {
  272. logger.Error("sub: custom template execution failed, using default page:", execErr)
  273. } else {
  274. setNoCacheHeaders(c)
  275. c.Data(http.StatusOK, "text/html; charset=utf-8", buf.Bytes())
  276. return
  277. }
  278. }
  279. }
  280. subDataJSON, err := json.Marshal(subData)
  281. if err != nil {
  282. subDataJSON = []byte("{}")
  283. }
  284. // Defense-in-depth string-escape for the basePath embed — admin-
  285. // controlled but cheap to harden.
  286. jsEscape := strings.NewReplacer(
  287. `\`, `\\`,
  288. `"`, `\"`,
  289. "\n", `\n`,
  290. "\r", `\r`,
  291. "<", `<`,
  292. ">", `>`,
  293. "&", `&`,
  294. )
  295. escapedBase := jsEscape.Replace(basePath)
  296. inject := []byte(`<script>window.X_UI_BASE_PATH="` + escapedBase + `";` +
  297. `window.__SUB_PAGE_DATA__=` + string(subDataJSON) + `;</script></head>`)
  298. out := bytes.Replace(body, []byte("</head>"), inject, 1)
  299. setNoCacheHeaders(c)
  300. c.Data(http.StatusOK, "text/html; charset=utf-8", out)
  301. }
  302. // setNoCacheHeaders marks a subscription page response as non-cacheable so VPN
  303. // clients and browsers always fetch fresh traffic/expiry data.
  304. func setNoCacheHeaders(c *gin.Context) {
  305. c.Header("Cache-Control", "no-cache, no-store, must-revalidate")
  306. c.Header("Pragma", "no-cache")
  307. c.Header("Expires", "0")
  308. }
  309. // loadSubTemplate returns the parsed custom subscription template located in
  310. // themeDir, preferring sub.html over index.html. Parsed templates are cached and
  311. // only re-parsed when the underlying file's modification time changes, so admin
  312. // edits are picked up without paying a disk read + HTML parse on every request.
  313. //
  314. // It returns (nil, nil) when themeDir is not a usable directory or contains no
  315. // template file — the caller should fall back to the default page. A non-nil
  316. // error means a template file exists but failed to parse.
  317. func (a *SUBController) loadSubTemplate(themeDir string) (*template.Template, error) {
  318. info, err := os.Stat(themeDir)
  319. if err != nil || !info.IsDir() {
  320. return nil, nil
  321. }
  322. templatePath := filepath.Join(themeDir, "index.html")
  323. if _, err := os.Stat(filepath.Join(themeDir, "sub.html")); err == nil {
  324. templatePath = filepath.Join(themeDir, "sub.html")
  325. }
  326. fi, err := os.Stat(templatePath)
  327. if err != nil {
  328. return nil, nil
  329. }
  330. modTime := fi.ModTime()
  331. a.subTemplateMu.RLock()
  332. cached := a.subTemplateCache[templatePath]
  333. a.subTemplateMu.RUnlock()
  334. if cached != nil && cached.modTime.Equal(modTime) {
  335. return cached.tmpl, nil
  336. }
  337. tmpl, err := template.ParseFiles(templatePath)
  338. if err != nil {
  339. return nil, err
  340. }
  341. a.subTemplateMu.Lock()
  342. a.subTemplateCache[templatePath] = &cachedSubTemplate{tmpl: tmpl, modTime: modTime}
  343. a.subTemplateMu.Unlock()
  344. return tmpl, nil
  345. }
  346. // subJsons handles HTTP requests for JSON subscription configurations.
  347. func (a *SUBController) subJsons(c *gin.Context) {
  348. if a.maybeServeSubPage(c) {
  349. return
  350. }
  351. subId := c.Param("subid")
  352. scheme, host, hostWithPort, _ := a.subService.ResolveRequest(c)
  353. jsonSub, header, err := a.subJsonService.GetJson(subId, host)
  354. if err != nil || len(jsonSub) == 0 {
  355. writeSubError(c, err)
  356. } else {
  357. profileUrl := a.subProfileUrl
  358. if profileUrl == "" {
  359. profileUrl = fmt.Sprintf("%s://%s%s", scheme, hostWithPort, c.Request.RequestURI)
  360. }
  361. a.ApplyCommonHeaders(c, header, a.updateInterval, a.subTitle, a.subSupportUrl, profileUrl, a.subAnnounce, a.subEnableRouting, a.subRoutingRules, a.subHideSettings)
  362. c.String(200, jsonSub)
  363. }
  364. }
  365. func (a *SUBController) subClashs(c *gin.Context) {
  366. if a.maybeServeSubPage(c) {
  367. return
  368. }
  369. subId := c.Param("subid")
  370. scheme, host, hostWithPort, _ := a.subService.ResolveRequest(c)
  371. clashSub, header, err := a.subClashService.GetClash(subId, host)
  372. if err != nil || len(clashSub) == 0 {
  373. writeSubError(c, err)
  374. } else {
  375. profileUrl := a.subProfileUrl
  376. if profileUrl == "" {
  377. profileUrl = fmt.Sprintf("%s://%s%s", scheme, hostWithPort, c.Request.RequestURI)
  378. }
  379. a.ApplyCommonHeaders(c, header, a.updateInterval, a.subTitle, a.subSupportUrl, profileUrl, a.subAnnounce, a.subEnableRouting, a.subRoutingRules, a.subHideSettings)
  380. if a.subTitle != "" {
  381. // Clash clients commonly use Content-Disposition to choose the imported profile name.
  382. c.Writer.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename*=UTF-8''%s`, url.PathEscape(a.subTitle)))
  383. }
  384. c.Data(200, "application/yaml; charset=utf-8", []byte(clashSub))
  385. }
  386. }
  387. // ApplyCommonHeaders sets common HTTP headers for subscription responses including user info, update interval, and profile title.
  388. func (a *SUBController) ApplyCommonHeaders(
  389. c *gin.Context,
  390. header,
  391. updateInterval,
  392. profileTitle string,
  393. profileSupportUrl string,
  394. profileUrl string,
  395. profileAnnounce string,
  396. profileEnableRouting bool,
  397. profileRoutingRules string,
  398. profileHideSettings bool,
  399. ) {
  400. c.Writer.Header().Set("Subscription-Userinfo", header)
  401. c.Writer.Header().Set("Profile-Update-Interval", updateInterval)
  402. // Basics
  403. if profileTitle != "" {
  404. c.Writer.Header().Set("Profile-Title", "base64:"+base64.StdEncoding.EncodeToString([]byte(profileTitle)))
  405. }
  406. if profileSupportUrl != "" {
  407. c.Writer.Header().Set("Support-Url", profileSupportUrl)
  408. }
  409. if profileUrl != "" {
  410. c.Writer.Header().Set("Profile-Web-Page-Url", profileUrl)
  411. }
  412. if profileAnnounce != "" {
  413. c.Writer.Header().Set("Announce", "base64:"+base64.StdEncoding.EncodeToString([]byte(profileAnnounce)))
  414. }
  415. // Advanced (Happ)
  416. c.Writer.Header().Set("Routing-Enable", strconv.FormatBool(profileEnableRouting))
  417. if profileRoutingRules != "" {
  418. c.Writer.Header().Set("Routing", profileRoutingRules)
  419. }
  420. if profileHideSettings {
  421. c.Writer.Header().Set("Hide-Settings", "1")
  422. }
  423. }