Merge branch 'master' into 230-torrents-category

server/web/api/download.go

@@ -47,7 +47,7 @@ func (f *fileReader) Seek(offset int64, whence int) (int64, error) {
 //
 //	@Tags			API
 //
-//	@Param			size	path	string	true	"Test file size"
+//	@Param			size	path	string	true	"Test file size (in MB)"
 //
 //	@Produce		application/octet-stream
 //	@Success		200 {file} file

server/web/api/ffprobe.go

@@ -18,12 +18,12 @@ import (
 //
 //	@Tags			API
 //
-//	@Param			hash	query	string	true	"Torrent hash"
-//	@Param			id		query	string	true	"File index in torrent"
+//	@Param			hash	path	string	true	"Torrent hash"
+//	@Param			id		path	string	true	"File index in torrent"
 //
 //	@Produce		json
 //	@Success		200	"Data returned from ffprobe"
-//	@Router			/ffp [get]
+//	@Router			/ffp/{hash}/{id} [get]
 func ffp(c *gin.Context) {
 	hash := c.Param("hash")
 	indexStr := c.Param("id")

server/web/api/m3u.go

@@ -11,7 +11,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/anacrolix/missinggo/httptoo"
+	"github.com/anacrolix/missinggo/v2/httptoo"
 
 	sets "server/settings"
 	"server/torr"

server/web/api/play.go

@@ -19,17 +19,16 @@ import (
 //
 //	@Tags			API
 //
-//	@Param			hash		query	string	true	"Torrent hash"
-//	@Param			id			query	string	true	"File index in torrent"
-//	@Param			not_auth	query	bool	false	"Not authenticated"
+//	@Param			hash		path	string	true	"Torrent hash"
+//	@Param			id			path	string	true	"File index in torrent"
 //
 //	@Produce		application/octet-stream
 //	@Success		200	"Torrent data"
-//	@Router			/play [get]
+//	@Router			/play/{hash}/{id} [get]
 func play(c *gin.Context) {
 	hash := c.Param("hash")
 	indexStr := c.Param("id")
-	notAuth := c.GetBool("not_auth")
+	notAuth := c.GetBool("auth_required") && c.GetString(gin.AuthUserKey) == ""
 
 	if hash == "" || indexStr == "" {
 		c.AbortWithError(http.StatusNotFound, errors.New("link should not be empty"))

server/web/api/route.go

@@ -1,6 +1,9 @@
 package api
 
 import (
+	config "server/settings"
+	"server/web/auth"
+
 	"github.com/gin-gonic/gin"
 )
 
@@ -8,15 +11,17 @@ type requestI struct {
 	Action string `json:"action,omitempty"`
 }
 
-func SetupRoute(route *gin.RouterGroup) {
-	route.GET("/shutdown", shutdown)
+func SetupRoute(route gin.IRouter) {
+	authorized := route.Group("/", auth.CheckAuth())
 
-	route.POST("/settings", settings)
+	authorized.GET("/shutdown", shutdown)
 
-	route.POST("/torrents", torrents)
-	route.POST("/torrent/upload", torrentUpload)
+	authorized.POST("/settings", settings)
 
-	route.POST("/cache", cache)
+	authorized.POST("/torrents", torrents)
+	authorized.POST("/torrent/upload", torrentUpload)
+
+	authorized.POST("/cache", cache)
 
 	route.HEAD("/stream", stream)
 	route.HEAD("/stream/*fname", stream)
@@ -27,15 +32,19 @@ func SetupRoute(route *gin.RouterGroup) {
 	route.HEAD("/play/:hash/:id", play)
 	route.GET("/play/:hash/:id", play)
 
-	route.POST("/viewed", viewed)
+	authorized.POST("/viewed", viewed)
 
-	route.GET("/playlistall/all.m3u", allPlayList)
+	authorized.GET("/playlistall/all.m3u", allPlayList)
 	route.GET("/playlist", playList)
 	route.GET("/playlist/*fname", playList) // Is this endpoint still needed ? `fname` is never used in handler
 
-	route.GET("/download/:size", download)
+	authorized.GET("/download/:size", download)
 
-	route.GET("/search/*query", rutorSearch)
+	if config.SearchWA {
+		route.GET("/search/*query", rutorSearch)
+	} else {
+		authorized.GET("/search/*query", rutorSearch)
+	}
 
-	route.GET("/ffp/:hash/:id", ffp)
+	authorized.GET("/ffp/:hash/:id", ffp)
 }

server/web/api/stream.go

@@ -41,11 +41,10 @@ import (
 //	@Param			stat		query	string	false	"Get statistics from torrent"
 //	@Param			save		query	string	false	"Should save torrent"
 //	@Param			m3u		query	string	false	"Get torrent as M3U playlist"
-//	@Param			fromlast		query	string	false	"Get m3u from last play"
+//	@Param			fromlast		query	string	false	"Get M3U from last played file"
 //	@Param			play		query	string	false	"Start stream torrent"
 //	@Param			title		query	string	true	"Set title of torrent"
-//	@Param			poster		query	string	true	"File index in torrent"
-//	@Param			not_auth		query	string	true	"Set poster link of torrent"
+//	@Param			poster		query	string	true	"Set poster link of torrent"
 //
 //	@Produce		application/octet-stream
 //	@Success		200	"Data returned according to query"
@@ -62,7 +61,7 @@ func stream(c *gin.Context) {
 	title := c.Query("title")
 	poster := c.Query("poster")
 	data := ""
-	notAuth := c.GetBool("not_auth")
+	notAuth := c.GetBool("auth_required") && c.GetString(gin.AuthUserKey) == ""
 
 	if notAuth && (play || m3u) {
 		streamNoAuth(c)

server/web/api/torrents.go

@@ -73,6 +73,10 @@ func torrents(c *gin.Context) {
 		{
 			dropTorrent(req, c)
 		}
+	case "wipe":
+		{
+			wipeTorrents(req, c)
+		}
 	}
 }
 
@@ -188,3 +192,16 @@ func dropTorrent(req torrReqJS, c *gin.Context) {
 	torr.DropTorrent(req.Hash)
 	c.Status(200)
 }
+
+func wipeTorrents(req torrReqJS, c *gin.Context) {
+	torrents := torr.ListTorrent()
+	for _, t := range torrents {
+		torr.RemTorrent(t.TorrentSpec.InfoHash.HexString())
+	}
+	// TODO: remove (copied todo from remTorrent())
+	if set.BTsets.EnableDLNA {
+		dlna.Stop()
+		dlna.Start()
+	}
+	c.Status(200)
+}

server/web/auth/auth.go

@@ -6,8 +6,6 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
-	"reflect"
-	"strings"
 	"unsafe"
 
 	"github.com/gin-gonic/gin"
@@ -16,15 +14,15 @@ import (
 	"server/settings"
 )
 
-func SetupAuth(engine *gin.Engine) *gin.RouterGroup {
+func SetupAuth(engine *gin.Engine) {
 	if !settings.HttpAuth {
-		return nil
+		return
 	}
 	accs := getAccounts()
 	if accs == nil {
-		return nil
+		return
 	}
-	return engine.Group("/", BasicAuth(accs))
+	engine.Use(BasicAuth(accs))
 }
 
 func getAccounts() gin.Accounts {
@@ -61,21 +59,27 @@ func (a authPairs) searchCredential(authValue string) (string, bool) {
 func BasicAuth(accounts gin.Accounts) gin.HandlerFunc {
 	pairs := processAccounts(accounts)
 	return func(c *gin.Context) {
+		c.Set("auth_required", true)
+
 		user, found := pairs.searchCredential(c.Request.Header.Get("Authorization"))
-		if !found { // always accessible
-			if strings.HasPrefix(c.FullPath(), "/stream") ||
-				c.FullPath() == "/site.webmanifest" ||
-				// https://github.com/YouROK/TorrServer/issues/172
-				(strings.HasPrefix(c.FullPath(), "/play") && c.FullPath() != "/playlistall/all.m3u") ||
-				(settings.SearchWA && strings.HasPrefix(c.FullPath(), "/search")) {
-				c.Set("not_auth", true)
-				return
-			}
-			c.Header("WWW-Authenticate", "Basic realm=Authorization Required")
-			c.AbortWithStatus(http.StatusUnauthorized)
+		if found {
+			c.Set(gin.AuthUserKey, user)
+		}
+	}
+}
+
+func CheckAuth() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if !settings.HttpAuth {
 			return
 		}
-		c.Set(gin.AuthUserKey, user)
+
+		if _, ok := c.Get(gin.AuthUserKey); ok {
+			return
+		}
+
+		c.Header("WWW-Authenticate", "Basic realm=Authorization Required")
+		c.AbortWithStatus(http.StatusUnauthorized)
 	}
 }
 
@@ -97,8 +101,5 @@ func authorizationHeader(user, password string) string {
 }
 
 func StringToBytes(s string) (b []byte) {
-	sh := *(*reflect.StringHeader)(unsafe.Pointer(&s))
-	bh := (*reflect.SliceHeader)(unsafe.Pointer(&b))
-	bh.Data, bh.Len, bh.Cap = sh.Data, sh.Len, sh.Len
-	return b
+	return unsafe.Slice(unsafe.StringData(s), len(s))
 }

server/web/msx/msx.go

@@ -7,6 +7,7 @@ import (
 	"sync"
 
 	"server/version"
+	"server/web/auth"
 
 	"github.com/gin-gonic/gin"
 )
@@ -30,10 +31,12 @@ func asset(c *gin.Context, t string, d []byte) {
 	c.Data(200, t+"; charset=UTF-8", d)
 }
 
-func SetupRoute(r *gin.RouterGroup) {
-	r.GET("/msx/:pth", msxPTH)
-	r.GET("/msx/imdb", msxIMDB)
-	r.GET("/msx/imdb/:id", msxIMDBID)
+func SetupRoute(r gin.IRouter) {
+	authorized := r.Group("/", auth.CheckAuth())
+
+	authorized.GET("/msx/:pth", msxPTH)
+	authorized.GET("/msx/imdb", msxIMDB)
+	authorized.GET("/msx/imdb/:id", msxIMDBID)
 }
 
 // msxPTH godoc
@@ -43,11 +46,11 @@ func SetupRoute(r *gin.RouterGroup) {
 //
 //	@Tags			MSX
 //
-//	@Param			link	query	string	true	"Magnet/hash/link to torrent"
+//	@Param			link	path	string	true	"Route MSX pages"
 //
 //	@Produce		json
-//	@Success		200	"Data returned according to query"
-//	@Router			/msx [get]
+//	@Success		200	"Data returned according to path"
+//	@Router			/msx/{pth} [get]
 func msxPTH(c *gin.Context) {
 	js := []string{"http://msx.benzac.de/js/tvx-plugin.min.js"}
 	switch p := c.Param("pth"); p {
@@ -114,7 +117,7 @@ func msxIMDB(c *gin.Context) {
 //
 // @Produce		json
 // @Success		200	"JSON MSX IMDB informations"
-// @Router			/msx/imdb/:id [get]
+// @Router			/msx/imdb/{id} [get]
 func msxIMDBID(c *gin.Context) {
 	idb.Lock()
 	defer idb.Unlock()

server/web/pages/route.go

@@ -6,13 +6,27 @@ import (
 
 	"server/settings"
 	"server/torr"
+	"server/web/auth"
 	"server/web/pages/template"
+
+	"golang.org/x/exp/slices"
 )
 
-func SetupRoute(route *gin.RouterGroup) {
-	template.RouteWebPages(route)
-	route.GET("/stat", statPage)
-	route.GET("/magnets", getTorrents)
+func SetupRoute(route gin.IRouter) {
+	authorized := route.Group("/", auth.CheckAuth())
+
+	webPagesAuth := route.Group("/", func() gin.HandlerFunc {
+		return func(c *gin.Context) {
+			if slices.Contains([]string{"/site.webmanifest"}, c.FullPath()) {
+				return
+			}
+			auth.CheckAuth()(c)
+		}
+	}())
+
+	template.RouteWebPages(webPagesAuth)
+	authorized.GET("/stat", statPage)
+	authorized.GET("/magnets", getTorrents)
 }
 
 // stat godoc

server/web/pages/template/html.go

@@ -118,20 +118,20 @@ var Mstile150x150png []byte
 //go:embed pages/site.webmanifest
 var Sitewebmanifest []byte
 
-//go:embed pages/static/js/2.41a752aa.chunk.js
-var Staticjs241a752aachunkjs []byte
+//go:embed pages/static/js/2.916c2545.chunk.js
+var Staticjs2916c2545chunkjs []byte
 
-//go:embed pages/static/js/2.41a752aa.chunk.js.LICENSE.txt
-var Staticjs241a752aachunkjsLICENSEtxt []byte
+//go:embed pages/static/js/2.916c2545.chunk.js.LICENSE.txt
+var Staticjs2916c2545chunkjsLICENSEtxt []byte
 
-//go:embed pages/static/js/2.41a752aa.chunk.js.map
-var Staticjs241a752aachunkjsmap []byte
+//go:embed pages/static/js/2.916c2545.chunk.js.map
+var Staticjs2916c2545chunkjsmap []byte
 
-//go:embed pages/static/js/main.b1d76117.chunk.js
-var Staticjsmainb1d76117chunkjs []byte
+//go:embed pages/static/js/main.55f380e1.chunk.js
+var Staticjsmain55f380e1chunkjs []byte
 
-//go:embed pages/static/js/main.b1d76117.chunk.js.map
-var Staticjsmainb1d76117chunkjsmap []byte
+//go:embed pages/static/js/main.55f380e1.chunk.js.map
+var Staticjsmain55f380e1chunkjsmap []byte
 
 //go:embed pages/static/js/runtime-main.f542387e.js
 var Staticjsruntimemainf542387ejs []byte

server/web/pages/template/pages/asset-manifest.json

@@ -1,17 +1,17 @@
 {
   "files": {
-    "main.js": "/static/js/main.b1d76117.chunk.js",
-    "main.js.map": "/static/js/main.b1d76117.chunk.js.map",
+    "main.js": "/static/js/main.55f380e1.chunk.js",
+    "main.js.map": "/static/js/main.55f380e1.chunk.js.map",
     "runtime-main.js": "/static/js/runtime-main.f542387e.js",
     "runtime-main.js.map": "/static/js/runtime-main.f542387e.js.map",
-    "static/js/2.41a752aa.chunk.js": "/static/js/2.41a752aa.chunk.js",
-    "static/js/2.41a752aa.chunk.js.map": "/static/js/2.41a752aa.chunk.js.map",
+    "static/js/2.916c2545.chunk.js": "/static/js/2.916c2545.chunk.js",
+    "static/js/2.916c2545.chunk.js.map": "/static/js/2.916c2545.chunk.js.map",
     "index.html": "/index.html",
-    "static/js/2.41a752aa.chunk.js.LICENSE.txt": "/static/js/2.41a752aa.chunk.js.LICENSE.txt"
+    "static/js/2.916c2545.chunk.js.LICENSE.txt": "/static/js/2.916c2545.chunk.js.LICENSE.txt"
   },
   "entrypoints": [
     "static/js/runtime-main.f542387e.js",
-    "static/js/2.41a752aa.chunk.js",
-    "static/js/main.b1d76117.chunk.js"
+    "static/js/2.916c2545.chunk.js",
+    "static/js/main.55f380e1.chunk.js"
   ]
 }

server/web/pages/template/route.go

@@ -1,191 +1,331 @@
 package template
 
 import (
+	"crypto/md5"
+	"fmt"
 	"github.com/gin-gonic/gin"
 )
 
-func RouteWebPages(route *gin.RouterGroup) {
+func RouteWebPages(route gin.IRouter) {
 	route.GET("/", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Indexhtml))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "text/html; charset=utf-8", Indexhtml)
 	})
 
 	route.GET("/apple-splash-1125-2436.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash11252436jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash11252436jpg)
 	})
 
 	route.GET("/apple-splash-1136-640.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash1136640jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash1136640jpg)
 	})
 
 	route.GET("/apple-splash-1170-2532.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash11702532jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash11702532jpg)
 	})
 
 	route.GET("/apple-splash-1242-2208.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash12422208jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash12422208jpg)
 	})
 
 	route.GET("/apple-splash-1242-2688.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash12422688jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash12422688jpg)
 	})
 
 	route.GET("/apple-splash-1284-2778.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash12842778jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash12842778jpg)
 	})
 
 	route.GET("/apple-splash-1334-750.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash1334750jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash1334750jpg)
 	})
 
 	route.GET("/apple-splash-1536-2048.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash15362048jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash15362048jpg)
 	})
 
 	route.GET("/apple-splash-1620-2160.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash16202160jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash16202160jpg)
 	})
 
 	route.GET("/apple-splash-1668-2224.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash16682224jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash16682224jpg)
 	})
 
 	route.GET("/apple-splash-1668-2388.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash16682388jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash16682388jpg)
 	})
 
 	route.GET("/apple-splash-1792-828.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash1792828jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash1792828jpg)
 	})
 
 	route.GET("/apple-splash-2048-1536.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash20481536jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash20481536jpg)
 	})
 
 	route.GET("/apple-splash-2048-2732.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash20482732jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash20482732jpg)
 	})
 
 	route.GET("/apple-splash-2160-1620.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash21601620jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash21601620jpg)
 	})
 
 	route.GET("/apple-splash-2208-1242.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash22081242jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash22081242jpg)
 	})
 
 	route.GET("/apple-splash-2224-1668.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash22241668jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash22241668jpg)
 	})
 
 	route.GET("/apple-splash-2388-1668.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash23881668jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash23881668jpg)
 	})
 
 	route.GET("/apple-splash-2436-1125.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash24361125jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash24361125jpg)
 	})
 
 	route.GET("/apple-splash-2532-1170.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash25321170jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash25321170jpg)
 	})
 
 	route.GET("/apple-splash-2688-1242.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash26881242jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash26881242jpg)
 	})
 
 	route.GET("/apple-splash-2732-2048.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash27322048jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash27322048jpg)
 	})
 
 	route.GET("/apple-splash-2778-1284.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash27781284jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash27781284jpg)
 	})
 
 	route.GET("/apple-splash-640-1136.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash6401136jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash6401136jpg)
 	})
 
 	route.GET("/apple-splash-750-1334.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash7501334jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash7501334jpg)
 	})
 
 	route.GET("/apple-splash-828-1792.jpg", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Applesplash8281792jpg))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/jpeg", Applesplash8281792jpg)
 	})
 
 	route.GET("/asset-manifest.json", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Assetmanifestjson))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "application/json", Assetmanifestjson)
 	})
 
 	route.GET("/browserconfig.xml", func(c *gin.Context) {
-		c.Data(200, "text/xml; charset=utf-8", Browserconfigxml)
+		etag := fmt.Sprintf("%x", md5.Sum(Browserconfigxml))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "application/xml; charset=utf-8", Browserconfigxml)
 	})
 
 	route.GET("/dlnaicon-120.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Dlnaicon120png))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Dlnaicon120png)
 	})
 
 	route.GET("/dlnaicon-48.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Dlnaicon48png))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Dlnaicon48png)
 	})
 
 	route.GET("/favicon-16x16.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Favicon16x16png))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Favicon16x16png)
 	})
 
 	route.GET("/favicon-32x32.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Favicon32x32png))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Favicon32x32png)
 	})
 
 	route.GET("/favicon.ico", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Faviconico))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/vnd.microsoft.icon", Faviconico)
 	})
 
 	route.GET("/icon.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Iconpng))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Iconpng)
 	})
 
 	route.GET("/index.html", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Indexhtml))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "text/html; charset=utf-8", Indexhtml)
 	})
 
 	route.GET("/logo.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Logopng))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Logopng)
 	})
 
 	route.GET("/mstile-150x150.png", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Mstile150x150png))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "image/png", Mstile150x150png)
 	})
 
 	route.GET("/site.webmanifest", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Sitewebmanifest))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "application/manifest+json", Sitewebmanifest)
 	})
 
-	route.GET("/static/js/2.41a752aa.chunk.js", func(c *gin.Context) {
-		c.Data(200, "text/javascript; charset=utf-8", Staticjs241a752aachunkjs)
+	route.GET("/static/js/2.916c2545.chunk.js", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjs2916c2545chunkjs))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "application/javascript; charset=utf-8", Staticjs2916c2545chunkjs)
 	})
 
-	route.GET("/static/js/2.41a752aa.chunk.js.LICENSE.txt", func(c *gin.Context) {
-		c.Data(200, "text/plain; charset=utf-8", Staticjs241a752aachunkjsLICENSEtxt)
+	route.GET("/static/js/2.916c2545.chunk.js.LICENSE.txt", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjs2916c2545chunkjsLICENSEtxt))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "text/plain; charset=utf-8", Staticjs2916c2545chunkjsLICENSEtxt)
 	})
 
-	route.GET("/static/js/2.41a752aa.chunk.js.map", func(c *gin.Context) {
-		c.Data(200, "application/json", Staticjs241a752aachunkjsmap)
+	route.GET("/static/js/2.916c2545.chunk.js.map", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjs2916c2545chunkjsmap))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "application/json", Staticjs2916c2545chunkjsmap)
 	})
 
-	route.GET("/static/js/main.b1d76117.chunk.js", func(c *gin.Context) {
-		c.Data(200, "text/javascript; charset=utf-8", Staticjsmainb1d76117chunkjs)
+	route.GET("/static/js/main.55f380e1.chunk.js", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjsmain55f380e1chunkjs))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "application/javascript; charset=utf-8", Staticjsmain55f380e1chunkjs)
 	})
 
-	route.GET("/static/js/main.b1d76117.chunk.js.map", func(c *gin.Context) {
-		c.Data(200, "application/json", Staticjsmainb1d76117chunkjsmap)
+	route.GET("/static/js/main.55f380e1.chunk.js.map", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjsmain55f380e1chunkjsmap))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "application/json", Staticjsmain55f380e1chunkjsmap)
 	})
 
 	route.GET("/static/js/runtime-main.f542387e.js", func(c *gin.Context) {
-		c.Data(200, "text/javascript; charset=utf-8", Staticjsruntimemainf542387ejs)
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjsruntimemainf542387ejs))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
+		c.Data(200, "application/javascript; charset=utf-8", Staticjsruntimemainf542387ejs)
 	})
 
 	route.GET("/static/js/runtime-main.f542387e.js.map", func(c *gin.Context) {
+		etag := fmt.Sprintf("%x", md5.Sum(Staticjsruntimemainf542387ejsmap))
+		c.Header("Cache-Control", "public, max-age=31536000")
+		c.Header("ETag", etag)
 		c.Data(200, "application/json", Staticjsruntimemainf542387ejsmap)
 	})
 }

server/web/server.go

@@ -71,19 +71,14 @@ func Start() {
 
 	route := gin.New()
 	route.Use(log.WebLogger(), blocker.Blocker(), gin.Recovery(), cors.New(corsCfg), location.Default())
+	auth.SetupAuth(route)
 
 	route.GET("/echo", echo)
 
-	routeAuth := auth.SetupAuth(route)
-	if routeAuth != nil {
-		api.SetupRoute(routeAuth)
-		msx.SetupRoute(routeAuth)
-		pages.SetupRoute(routeAuth)
-	} else {
-		api.SetupRoute(&route.RouterGroup)
-		msx.SetupRoute(&route.RouterGroup)
-		pages.SetupRoute(&route.RouterGroup)
-	}
+	api.SetupRoute(route)
+	msx.SetupRoute(route)
+	pages.SetupRoute(route)
+
 	if settings.BTsets.EnableDLNA {
 		dlna.Start()
 	}