From 4f2b9dba1c9cd10ad62ab1ffbe478c2155c10fe5 Mon Sep 17 00:00:00 2001 From: julien Date: Thu, 19 Jun 2025 14:30:45 +0200 Subject: [PATCH] up --- internal/route/main.go | 81 ++++++++++++++++++++++-------------------- 1 file changed, 43 insertions(+), 38 deletions(-) diff --git a/internal/route/main.go b/internal/route/main.go index 58e9067..0a66a2f 100644 --- a/internal/route/main.go +++ b/internal/route/main.go @@ -123,51 +123,56 @@ func RoutesPublic(r *mux.Router, bd *gorm.DB) { http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError) } }) - r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - // Authentification HTTP Basic avec vérification en base - userEmail, password, ok := req.BasicAuth() - if !ok { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } +r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + authHeader := req.Header.Get("Authorization") + if authHeader == "" { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - var user models.User - result := bd.Where("email = ?", userEmail).First(&user) - if result.Error != nil { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } + // Authentification HTTP Basic en base de données + email, password, ok := req.BasicAuth() + if !ok { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) - if err != nil { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } + var user models.User + result := bd.Where("email = ?", email).First(&user) + if result.Error != nil { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - // Protection lecture seule - if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" { - http.Error(w, "Read-Only", http.StatusForbidden) - return - } + err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) + if err != nil { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - log.Printf("✅ WebDAV access for user: %s", userEmail) + // Lecture seule + if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" { + http.Error(w, "Read-Only", http.StatusForbidden) + return + } - // Headers WebDAV attendus - w.Header().Set("DAV", "1,2") - w.Header().Set("MS-Author-Via", "DAV") + log.Printf("✅ WebDAV access for user: %s", email) - // Serve le WebDAV - webdavHandler := &webdav.Handler{ - Prefix: "/webdav/", - FileSystem: webdav.Dir("/app/upload"), - LockSystem: webdav.NewMemLS(), - } + w.Header().Set("DAV", "1,2") + w.Header().Set("MS-Author-Via", "DAV") - webdavHandler.ServeHTTP(w, req) - })) + webdavHandler := &webdav.Handler{ + Prefix: "/webdav/", + FileSystem: webdav.Dir("/app/upload"), + LockSystem: webdav.NewMemLS(), + } + + webdavHandler.ServeHTTP(w, req) +})) // WebDAV sécurisé // username := "tonuser" // ton login