From 90810eefd4243300252eb985d417af60368c2001 Mon Sep 17 00:00:00 2001 From: cangui Date: Thu, 19 Jun 2025 18:20:31 +0200 Subject: [PATCH] up --- internal/route/main.go | 87 ++++++++++++++++++++---------------------- 1 file changed, 42 insertions(+), 45 deletions(-) diff --git a/internal/route/main.go b/internal/route/main.go index 80e7b56..f0340df 100644 --- a/internal/route/main.go +++ b/internal/route/main.go @@ -95,58 +95,55 @@ func RoutesPublic(r *mux.Router, bd *gorm.DB) { http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError) } }) -r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - authHeader := req.Header.Get("Authorization") - if authHeader == "" { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } + r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + authHeader := req.Header.Get("Authorization") + if authHeader == "" { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - // Authentification HTTP Basic en base de données - email, password, ok := req.BasicAuth() - if !ok { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } - log.Printf("✅ email saisie: %s", email) - log.Printf("✅ passw saisie: %s", password) + // Authentification HTTP Basic en base de données + email, password, ok := req.BasicAuth() + if !ok { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } + log.Printf("✅ email saisi: %s", email) + log.Printf("✅ password saisi: %s", password) - var user models.User - result := bd.Where("email = ?", email).First(&user) - if result.Error != nil { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } + var user models.User + result := bd.Where("email = ?", email).First(&user) + if result.Error != nil { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) - if err != nil { - w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) - http.Error(w, "Unauthorized", http.StatusUnauthorized) - return - } + err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) + if err != nil { + w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } - // Lecture seule - if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" { - http.Error(w, "Read-Only", http.StatusForbidden) - return - } + // ✅ Ici on autorise TOUTES les méthodes WebDAV (lecture/écriture/suppression) + log.Printf("✅ WebDAV FULL ACCESS for user: %s", email) - log.Printf("✅ WebDAV access for user: %s", email) + // Headers WebDAV que certains clients attendent + w.Header().Set("DAV", "1,2") + w.Header().Set("MS-Author-Via", "DAV") - w.Header().Set("DAV", "1,2") - w.Header().Set("MS-Author-Via", "DAV") + // Handler WebDAV complet + webdavHandler := &webdav.Handler{ + Prefix: "/webdav/", + FileSystem: webdav.Dir("/app/upload"), + LockSystem: webdav.NewMemLS(), + } - webdavHandler := &webdav.Handler{ - Prefix: "/webdav/", - FileSystem: webdav.Dir("/app/upload"), - LockSystem: webdav.NewMemLS(), - } - - webdavHandler.ServeHTTP(w, req) -})) + webdavHandler.ServeHTTP(w, req) + })) // WebDAV sécurisé // username := "tonuser" // ton login