feat: Add Return Pages for Unauthorized Domains and IPs (#7306)

backend/app/api/v1/helper/helper.go

@@ -3,6 +3,7 @@ package helper
 import (
 	"context"
 	"fmt"
+	"github.com/1Panel-dev/1Panel/cmd/server/res"
 	"net/http"
 	"strconv"
 
@@ -138,3 +139,23 @@ func ErrResponse(ctx *gin.Context, code int) {
 	ctx.JSON(code, nil)
 	ctx.Abort()
 }
+
+func ErrWithHtml(ctx *gin.Context, code int, scope string) {
+	if code == 444 {
+		ctx.String(444, "")
+		ctx.Abort()
+		return
+	}
+	file := fmt.Sprintf("html/%d.html", code)
+	if code == 200 && scope != "" {
+		file = fmt.Sprintf("html/200_%s.html", scope)
+	}
+	data, err := res.ErrorMsg.ReadFile(file)
+	if err != nil {
+		ctx.String(http.StatusInternalServerError, "Internal Server Error")
+		ctx.Abort()
+		return
+	}
+	ctx.Data(code, "text/html; charset=utf-8", data)
+	ctx.Abort()
+}

backend/init/router/router.go

@@ -156,6 +156,9 @@ func Routers() *gin.Engine {
 		Router.Use(middleware.DemoHandle())
 	}
 
+	Router.Use(middleware.WhiteAllow())
+	Router.Use(middleware.BindDomain())
+
 	Router.NoRoute(func(c *gin.Context) {
 		if checkFrontendPath(c) {
 			toIndexHtml(c)
@@ -182,8 +185,7 @@ func Routers() *gin.Engine {
 		setWebStatic(PublicGroup)
 	}
 	PrivateGroup := Router.Group("/api/v1")
-	PrivateGroup.Use(middleware.WhiteAllow())
-	PrivateGroup.Use(middleware.BindDomain())
+
 	PrivateGroup.Use(middleware.GlobalLoading())
 	for _, router := range rou.RouterGroupApp {
 		router.InitRouter(PrivateGroup)

backend/middleware/bind_domain.go

@@ -1,7 +1,6 @@
 package middleware
 
 import (
-	"errors"
 	"strings"
 
 	"github.com/1Panel-dev/1Panel/backend/app/api/v1/helper"
@@ -30,11 +29,7 @@ func BindDomain() gin.HandlerFunc {
 
 		if domains != status.Value {
 			code := LoadErrCode()
-			if code != 200 {
-				helper.ErrResponse(c, code)
-				return
-			}
-			helper.ErrorWithDetail(c, constant.CodeErrDomain, constant.ErrTypeInternalServer, errors.New("domain not allowed"))
+			helper.ErrWithHtml(c, code, "err_domain")
 			return
 		}
 		c.Next()

backend/middleware/ip_limit.go

@@ -1,7 +1,6 @@
 package middleware
 
 import (
-	"errors"
 	"net"
 	"strings"
 
@@ -36,11 +35,7 @@ func WhiteAllow() gin.HandlerFunc {
 			}
 		}
 		code := LoadErrCode()
-		if code != 200 {
-			helper.ErrResponse(c, code)
-			return
-		}
-		helper.ErrorWithDetail(c, constant.CodeErrIP, constant.ErrTypeInternalServer, errors.New("IP address not allowed"))
+		helper.ErrWithHtml(c, code, "ip_limit")
 	}
 }
 

cmd/server/res/html/200_err_domain.html

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Access Temporarily Unavailable</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            text-align: center;
+            background-color: #f9f9f9;
+            margin: 0;
+            padding: 0;
+            color: #333;
+        }
+        .container {
+            max-width: 600px;
+            margin: 50px auto;
+            padding: 20px;
+            background: #fff;
+            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+            border-radius: 8px;
+        }
+        .icon img {
+            width: 100px;
+            height: auto;
+        }
+        h1 {
+            font-size: 24px;
+            color: #555;
+        }
+        p {
+            font-size: 16px;
+            color: #666;
+            line-height: 1.5;
+        }
+        .command {
+            font-family: monospace;
+            background: #f0f0f0;
+            padding: 5px 10px;
+            border-radius: 4px;
+            display: inline-block;
+            margin-top: 10px;
+        }
+    </style>
+</head>
+<body>
+<div class="container">
+    <h1>Access Temporarily Unavailable</h1>
+    <p>The current environment has enabled domain name binding.</p>
+    <p>You can enter the following command in the SSH terminal to reset the binding information:</p>
+    <p class="command">1pctl rest domain</p>
+</div>
+</body>
+</html>

cmd/server/res/html/200_err_ip_limit.html

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Access Temporarily Unavailable</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            text-align: center;
+            background-color: #f9f9f9;
+            margin: 0;
+            padding: 0;
+            color: #333;
+        }
+        .container {
+            max-width: 600px;
+            margin: 50px auto;
+            padding: 20px;
+            background: #fff;
+            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+            border-radius: 8px;
+        }
+        .icon img {
+            width: 100px;
+            height: auto;
+        }
+        h1 {
+            font-size: 24px;
+            color: #555;
+        }
+        p {
+            font-size: 16px;
+            color: #666;
+            line-height: 1.5;
+        }
+        .command {
+            font-family: monospace;
+            background: #f0f0f0;
+            padding: 5px 10px;
+            border-radius: 4px;
+            display: inline-block;
+            margin-top: 10px;
+        }
+    </style>
+</head>
+<body>
+<div class="container">
+    <h1>Access Temporarily Unavailable</h1>
+    <p>The current environment has enabled authorized IP access.</p>
+    <p>You can enter the following command in the SSH terminal to reset the binding information:</p>
+    <p class="command">1pctl reset ips</p>
+</div>
+</body>
+</html>