From a5d826c6d459681c1b5033b3c97cd83fc96b101e Mon Sep 17 00:00:00 2001
From: LinkinStars <linkinstar@foxmail.com>
Date: Mon, 13 Jan 2025 16:38:19 +0800
Subject: [PATCH] feat(file): add ENV for skip the file access verification

---
 internal/base/middleware/visit_img_auth.go | 10 ++++++++--
 internal/controller/user_controller.go     |  2 +-
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/internal/base/middleware/visit_img_auth.go b/internal/base/middleware/visit_img_auth.go
index eec7edabd..33b62172f 100644
--- a/internal/base/middleware/visit_img_auth.go
+++ b/internal/base/middleware/visit_img_auth.go
@@ -20,15 +20,21 @@
 package middleware
 
 import (
-	"github.com/apache/answer/internal/base/constant"
-	"github.com/gin-gonic/gin"
 	"net/http"
+	"os"
 	"strings"
+
+	"github.com/apache/answer/internal/base/constant"
+	"github.com/gin-gonic/gin"
 )
 
 // VisitAuth when user visit the site image, check visit token. This only for private mode.
 func (am *AuthUserMiddleware) VisitAuth() gin.HandlerFunc {
 	return func(ctx *gin.Context) {
+		if len(os.Getenv("SKIP_FILE_ACCESS_VERIFY")) > 0 {
+			ctx.Next()
+			return
+		}
 		// If visit brand image, no need to check visit token. Because the brand image is public.
 		if strings.HasPrefix(ctx.Request.URL.Path, "/uploads/branding/") {
 			ctx.Next()
diff --git a/internal/controller/user_controller.go b/internal/controller/user_controller.go
index dc7d93ce0..d0545b22e 100644
--- a/internal/controller/user_controller.go
+++ b/internal/controller/user_controller.go
@@ -726,5 +726,5 @@ func (uc *UserController) setVisitCookies(ctx *gin.Context, visitToken string, f
 		return
 	}
 	ctx.SetCookie(constant.UserVisitCookiesCacheKey,
-		visitToken, constant.UserVisitCacheTime, "/", parsedURL.Host, true, true)
+		visitToken, constant.UserVisitCacheTime, "/", parsedURL.Hostname(), true, true)
 }