diff --git a/.travis.yml b/.travis.yml index 1bb121a2..a7a06733 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,7 +1,7 @@ language: go go: - - "1.11.x" + - "1.13.x" services: - redis-server - mysql diff --git a/README.md b/README.md index 5063645c..4c0e3716 100644 --- a/README.md +++ b/README.md @@ -4,8 +4,6 @@ beego is used for rapid development of RESTful APIs, web apps and backend services in Go. It is inspired by Tornado, Sinatra and Flask. beego has some Go-specific features such as interfaces and struct embedding. - Response time ranking: [web-frameworks](https://github.com/the-benchmarker/web-frameworks). - ###### More info at [beego.me](http://beego.me). ## Quick Start @@ -56,6 +54,7 @@ Congratulations! You've just built your first **beego** app. * [http://beego.me/community](http://beego.me/community) * Welcome to join us in Slack: [https://beego.slack.com](https://beego.slack.com), you can get invited from [here](https://github.com/beego/beedoc/issues/232) +* QQ Group Group ID:523992905 ## License diff --git a/beego.go b/beego.go index 66b19f36..3ed3bdd0 100644 --- a/beego.go +++ b/beego.go @@ -23,7 +23,7 @@ import ( const ( // VERSION represent beego web framework version. - VERSION = "1.12.0" + VERSION = "1.12.1" // DEV is for develop DEV = "dev" diff --git a/context/context.go b/context/context.go index bbd58299..de248ed2 100644 --- a/context/context.go +++ b/context/context.go @@ -25,7 +25,7 @@ package context import ( "bufio" "crypto/hmac" - "crypto/sha1" + "crypto/sha256" "encoding/base64" "errors" "fmt" @@ -123,7 +123,7 @@ func (ctx *Context) GetSecureCookie(Secret, key string) (string, bool) { timestamp := parts[1] sig := parts[2] - h := hmac.New(sha1.New, []byte(Secret)) + h := hmac.New(sha256.New, []byte(Secret)) fmt.Fprintf(h, "%s%s", vs, timestamp) if fmt.Sprintf("%02x", h.Sum(nil)) != sig { @@ -137,7 +137,7 @@ func (ctx *Context) GetSecureCookie(Secret, key string) (string, bool) { func (ctx *Context) SetSecureCookie(Secret, name, value string, others ...interface{}) { vs := base64.URLEncoding.EncodeToString([]byte(value)) timestamp := strconv.FormatInt(time.Now().UnixNano(), 10) - h := hmac.New(sha1.New, []byte(Secret)) + h := hmac.New(sha256.New, []byte(Secret)) fmt.Fprintf(h, "%s%s", vs, timestamp) sig := fmt.Sprintf("%02x", h.Sum(nil)) cookie := strings.Join([]string{vs, timestamp, sig}, "|") @@ -169,11 +169,11 @@ func (ctx *Context) CheckXSRFCookie() bool { token = ctx.Request.Header.Get("X-Csrftoken") } if token == "" { - ctx.Abort(403, "'_xsrf' argument missing from POST") + ctx.Abort(422, "422") return false } if ctx._xsrfToken != token { - ctx.Abort(403, "XSRF cookie does not match POST argument") + ctx.Abort(417, "417") return false } return true diff --git a/go.mod b/go.mod index fbdec124..9468c1b6 100644 --- a/go.mod +++ b/go.mod @@ -29,11 +29,13 @@ require ( github.com/ssdb/gossdb v0.0.0-20180723034631-88f6b59b84ec github.com/syndtr/goleveldb v0.0.0-20181127023241-353a9fca669c // indirect github.com/wendal/errors v0.0.0-20130201093226-f66c77a7882b // indirect - golang.org/x/crypto v0.0.0-20181127143415-eb0de9b17e85 - golang.org/x/net v0.0.0-20181114220301-adae6a3d119a // indirect + golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 + golang.org/x/tools v0.0.0-20200117065230-39095c1d176c gopkg.in/yaml.v2 v2.2.1 ) replace golang.org/x/crypto v0.0.0-20181127143415-eb0de9b17e85 => github.com/golang/crypto v0.0.0-20181127143415-eb0de9b17e85 replace gopkg.in/yaml.v2 v2.2.1 => github.com/go-yaml/yaml v0.0.0-20180328195020-5420a8b6744d + +go 1.13 diff --git a/go.sum b/go.sum index ab233162..1fe5e032 100644 --- a/go.sum +++ b/go.sum @@ -61,8 +61,20 @@ github.com/wendal/errors v0.0.0-20130201093226-f66c77a7882b h1:0Ve0/CCjiAiyKddUM github.com/wendal/errors v0.0.0-20130201093226-f66c77a7882b/go.mod h1:Q12BUT7DqIlHRmgv3RskH+UCM/4eqVMgI0EMmlSpAXc= golang.org/x/crypto v0.0.0-20181127143415-eb0de9b17e85 h1:et7+NAX3lLIk5qUCTA9QelBjGE/NkhzYw/mhnr0s7nI= golang.org/x/crypto v0.0.0-20181127143415-eb0de9b17e85/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a h1:gOpx8G595UYyvj8UK4+OFyY4rx037g3fmfhe5SasG3U= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/tools v0.0.0-20200117065230-39095c1d176c h1:FodBYPZKH5tAN2O60HlglMwXGAeV/4k+NKbli79M/2c= +golang.org/x/tools v0.0.0-20200117065230-39095c1d176c/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.2.1 h1:mUhvW9EsL+naU5Q3cakzfE91YhliOondGd6ZrsDBHQE= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/httplib/httplib.go b/httplib/httplib.go index 074cf661..9d63505f 100644 --- a/httplib/httplib.go +++ b/httplib/httplib.go @@ -47,9 +47,11 @@ import ( "net/http/httputil" "net/url" "os" + "path" "strings" "sync" "time" + "gopkg.in/yaml.v2" ) @@ -558,12 +560,6 @@ func (b *BeegoHTTPRequest) Bytes() ([]byte, error) { // ToFile saves the body data in response to one file. // it calls Response inner. func (b *BeegoHTTPRequest) ToFile(filename string) error { - f, err := os.Create(filename) - if err != nil { - return err - } - defer f.Close() - resp, err := b.getResponse() if err != nil { return err @@ -572,10 +568,35 @@ func (b *BeegoHTTPRequest) ToFile(filename string) error { return nil } defer resp.Body.Close() + err = pathExistAndMkdir(filename) + if err != nil { + return err + } + f, err := os.Create(filename) + if err != nil { + return err + } + defer f.Close() _, err = io.Copy(f, resp.Body) return err } +//Check that the file directory exists, there is no automatically created +func pathExistAndMkdir(filename string) (err error) { + filename = path.Dir(filename) + _, err = os.Stat(filename) + if err == nil { + return nil + } + if os.IsNotExist(err) { + err = os.MkdirAll(filename, os.ModePerm) + if err == nil { + return nil + } + } + return err +} + // ToJSON returns the map that marshals from the body bytes as json in response . // it calls Response inner. func (b *BeegoHTTPRequest) ToJSON(v interface{}) error { diff --git a/httplib/httplib_test.go b/httplib/httplib_test.go index 7314ae01..dd2a4f1c 100644 --- a/httplib/httplib_test.go +++ b/httplib/httplib_test.go @@ -232,6 +232,20 @@ func TestToFile(t *testing.T) { } } +func TestToFileDir(t *testing.T) { + f := "./files/beego_testfile" + req := Get("http://httpbin.org/ip") + err := req.ToFile(f) + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll("./files") + b, err := ioutil.ReadFile(f) + if n := strings.Index(string(b), "origin"); n == -1 { + t.Fatal(err) + } +} + func TestHeader(t *testing.T) { req := Get("http://httpbin.org/headers") req.Header("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36") diff --git a/orm/cmd_utils.go b/orm/cmd_utils.go index 7c9aa51e..61f17346 100644 --- a/orm/cmd_utils.go +++ b/orm/cmd_utils.go @@ -198,7 +198,7 @@ func getDbCreateSQL(al *alias) (sqls []string, tableIndexes map[string][]dbIndex column = strings.Replace(column, "%COL%", fi.column, -1) } - if fi.description != "" { + if fi.description != "" && al.Driver!=DRSqlite { column += " " + fmt.Sprintf("COMMENT '%s'",fi.description) } diff --git a/orm/utils.go b/orm/utils.go index 78392771..3ff76772 100644 --- a/orm/utils.go +++ b/orm/utils.go @@ -129,7 +129,7 @@ func (f StrTo) Uint16() (uint16, error) { return uint16(v), err } -// Uint32 string to uint31 +// Uint32 string to uint32 func (f StrTo) Uint32() (uint32, error) { v, err := strconv.ParseUint(f.String(), 10, 32) return uint32(v), err diff --git a/router.go b/router.go index 3593be4c..e71366b4 100644 --- a/router.go +++ b/router.go @@ -773,7 +773,7 @@ func (p *ControllerRegister) ServeHTTP(rw http.ResponseWriter, r *http.Request) } } else if routerInfo.routerType == routerTypeHandler { isRunnable = true - routerInfo.handler.ServeHTTP(rw, r) + routerInfo.handler.ServeHTTP(context.ResponseWriter, context.Request) } else { runRouter = routerInfo.controllerType methodParams = routerInfo.methodParams diff --git a/session/sess_utils.go b/session/sess_utils.go index 2e3376c7..20915bb6 100644 --- a/session/sess_utils.go +++ b/session/sess_utils.go @@ -19,7 +19,7 @@ import ( "crypto/cipher" "crypto/hmac" "crypto/rand" - "crypto/sha1" + "crypto/sha256" "crypto/subtle" "encoding/base64" "encoding/gob" @@ -129,7 +129,7 @@ func encodeCookie(block cipher.Block, hashKey, name string, value map[interface{ b = encode(b) // 3. Create MAC for "name|date|value". Extra pipe to be used later. b = []byte(fmt.Sprintf("%s|%d|%s|", name, time.Now().UTC().Unix(), b)) - h := hmac.New(sha1.New, []byte(hashKey)) + h := hmac.New(sha256.New, []byte(hashKey)) h.Write(b) sig := h.Sum(nil) // Append mac, remove name. @@ -153,7 +153,7 @@ func decodeCookie(block cipher.Block, hashKey, name, value string, gcmaxlifetime } b = append([]byte(name+"|"), b[:len(b)-len(parts[2])]...) - h := hmac.New(sha1.New, []byte(hashKey)) + h := hmac.New(sha256.New, []byte(hashKey)) h.Write(b) sig := h.Sum(nil) if len(sig) != len(parts[2]) || subtle.ConstantTimeCompare(sig, parts[2]) != 1 { diff --git a/session/session.go b/session/session.go index 46a9f1f0..eb85360a 100644 --- a/session/session.go +++ b/session/session.go @@ -270,7 +270,8 @@ func (manager *Manager) SessionDestroy(w http.ResponseWriter, r *http.Request) { Path: "/", HttpOnly: !manager.config.DisableHTTPOnly, Expires: expiration, - MaxAge: -1} + MaxAge: -1, + Domain: manager.config.Domain} http.SetCookie(w, cookie) } diff --git a/utils/mail.go b/utils/mail.go index 42b1e4d4..80a366ca 100644 --- a/utils/mail.go +++ b/utils/mail.go @@ -175,6 +175,7 @@ func (e *Email) AttachFile(args ...string) (a *Attachment, err error) { if err != nil { return } + defer f.Close() ct := mime.TypeByExtension(filepath.Ext(filename)) basename := path.Base(filename) return e.Attach(f, basename, ct, id) diff --git a/validation/util.go b/validation/util.go index 66fce283..e2cfb3b7 100644 --- a/validation/util.go +++ b/validation/util.go @@ -26,6 +26,8 @@ const ( // ValidTag struct tag ValidTag = "valid" + LabelTag = "label" + wordsize = 32 << (^uint(0) >> 32 & 1) ) @@ -124,6 +126,7 @@ func isStructPtr(t reflect.Type) bool { func getValidFuncs(f reflect.StructField) (vfs []ValidFunc, err error) { tag := f.Tag.Get(ValidTag) + label := f.Tag.Get(LabelTag) if len(tag) == 0 { return } @@ -136,7 +139,7 @@ func getValidFuncs(f reflect.StructField) (vfs []ValidFunc, err error) { if len(vfunc) == 0 { continue } - vf, err = parseFunc(vfunc, f.Name) + vf, err = parseFunc(vfunc, f.Name, label) if err != nil { return } @@ -168,7 +171,7 @@ func getRegFuncs(tag, key string) (vfs []ValidFunc, str string, err error) { return } -func parseFunc(vfunc, key string) (v ValidFunc, err error) { +func parseFunc(vfunc, key string, label string) (v ValidFunc, err error) { defer func() { if r := recover(); r != nil { err = fmt.Errorf("%v", r) @@ -188,7 +191,7 @@ func parseFunc(vfunc, key string) (v ValidFunc, err error) { err = fmt.Errorf("%s require %d parameters", vfunc, num) return } - v = ValidFunc{vfunc, []interface{}{key + "." + vfunc}} + v = ValidFunc{vfunc, []interface{}{key + "." + vfunc + "." + label}} return } @@ -210,7 +213,7 @@ func parseFunc(vfunc, key string) (v ValidFunc, err error) { return } - tParams, err := trim(name, key+"."+name, params) + tParams, err := trim(name, key+"."+ name + "." + label, params) if err != nil { return } diff --git a/validation/validation.go b/validation/validation.go index ca1e211f..a3e4b571 100644 --- a/validation/validation.go +++ b/validation/validation.go @@ -267,15 +267,16 @@ func (v *Validation) apply(chk Validator, obj interface{}) *Result { key := chk.GetKey() Name := key Field := "" - + Label := "" parts := strings.Split(key, ".") - if len(parts) == 2 { + if len(parts) == 3 { Field = parts[0] Name = parts[1] + Label = parts[2] } err := &Error{ - Message: chk.DefaultMessage(), + Message: Label + chk.DefaultMessage(), Key: key, Name: Name, Field: Field, @@ -298,7 +299,7 @@ func (v *Validation) AddError(key, message string) { Field := "" parts := strings.Split(key, ".") - if len(parts) == 2 { + if len(parts) == 3 { Field = parts[0] Name = parts[1] } diff --git a/validation/validation_test.go b/validation/validation_test.go index 3146766b..bae48d37 100644 --- a/validation/validation_test.go +++ b/validation/validation_test.go @@ -280,6 +280,18 @@ func TestMobile(t *testing.T) { if valid.Mobile("8617400008888", "mobile").Ok { t.Error("\"8617400008888\" is a valid mobile phone number should be false") } + if !valid.Mobile("16200008888", "mobile").Ok { + t.Error("\"16200008888\" is a valid mobile phone number should be true") + } + if !valid.Mobile("16500008888", "mobile").Ok { + t.Error("\"16500008888\" is a valid mobile phone number should be true") + } + if !valid.Mobile("16600008888", "mobile").Ok { + t.Error("\"16600008888\" is a valid mobile phone number should be true") + } + if !valid.Mobile("16700008888", "mobile").Ok { + t.Error("\"16700008888\" is a valid mobile phone number should be true") + } } func TestTel(t *testing.T) { diff --git a/validation/validators.go b/validation/validators.go index dc18b11e..ac00a72c 100644 --- a/validation/validators.go +++ b/validation/validators.go @@ -632,7 +632,7 @@ func (b Base64) GetLimitValue() interface{} { } // just for chinese mobile phone number -var mobilePattern = regexp.MustCompile(`^((\+86)|(86))?(1(([35][0-9])|[8][0-9]|[7][01356789]|[4][579]))\d{8}$`) +var mobilePattern = regexp.MustCompile(`^((\+86)|(86))?(1(([35][0-9])|[8][0-9]|[7][01356789]|[4][579]|[6][2567]))\d{8}$`) // Mobile check struct type Mobile struct {