cangui/shelfy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

up

Browse Source
This commit is contained in:
julien 2025-06-19 14:30:45 +02:00
parent 548cf7882e
commit 4f2b9dba1c
1 changed files with 43 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
internal/route/main.go
View File

@ -123,51 +123,56 @@ func RoutesPublic(r *mux.Router, bd *gorm.DB) {
http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError) http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError)
} }
}) })
r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
// Authentification HTTP Basic avec vérification en base authHeader := req.Header.Get("Authorization")
userEmail, password, ok := req.BasicAuth() if authHeader == "" {
if !ok { w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) http.Error(w, "Unauthorized", http.StatusUnauthorized)
http.Error(w, "Unauthorized", http.StatusUnauthorized) return
return }
}
var user models.User // Authentification HTTP Basic en base de données
result := bd.Where("email = ?", userEmail).First(&user) email, password, ok := req.BasicAuth()
if result.Error != nil { if !ok {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(w, "Unauthorized", http.StatusUnauthorized) http.Error(w, "Unauthorized", http.StatusUnauthorized)
return return
} }
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) var user models.User
if err != nil { result := bd.Where("email = ?", email).First(&user)
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) if result.Error != nil {
http.Error(w, "Unauthorized", http.StatusUnauthorized) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
return http.Error(w, "Unauthorized", http.StatusUnauthorized)
} return
}
// Protection lecture seule err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" { if err != nil {
http.Error(w, "Read-Only", http.StatusForbidden) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
return http.Error(w, "Unauthorized", http.StatusUnauthorized)
} return
}
log.Printf("✅ WebDAV access for user: %s", userEmail) // Lecture seule
if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" {
http.Error(w, "Read-Only", http.StatusForbidden)
return
}
// Headers WebDAV attendus log.Printf("✅ WebDAV access for user: %s", email)
w.Header().Set("DAV", "1,2")
w.Header().Set("MS-Author-Via", "DAV")
// Serve le WebDAV w.Header().Set("DAV", "1,2")
webdavHandler := &webdav.Handler{ w.Header().Set("MS-Author-Via", "DAV")
Prefix: "/webdav/",
FileSystem: webdav.Dir("/app/upload"),
LockSystem: webdav.NewMemLS(),
}
webdavHandler.ServeHTTP(w, req) webdavHandler := &webdav.Handler{
})) Prefix: "/webdav/",
FileSystem: webdav.Dir("/app/upload"),
LockSystem: webdav.NewMemLS(),
}
webdavHandler.ServeHTTP(w, req)
}))
// WebDAV sécurisé // WebDAV sécurisé
// username := "tonuser" // ton login // username := "tonuser" // ton login