cangui/shelfy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

up

Browse Source
This commit is contained in:
cangui 2025-06-19 18:20:31 +02:00
parent 0f300c3e72
commit 90810eefd4
1 changed files with 42 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
internal/route/main.go
View File

@ -95,58 +95,55 @@ func RoutesPublic(r *mux.Router, bd *gorm.DB) {
http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError) http.Error(w, "Erreur lors de la génération de la playlist", http.StatusInternalServerError)
} }
}) })
r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { r.PathPrefix("/webdav/").Handler(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
authHeader := req.Header.Get("Authorization") authHeader := req.Header.Get("Authorization")
if authHeader == "" { if authHeader == "" {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(w, "Unauthorized", http.StatusUnauthorized) http.Error(w, "Unauthorized", http.StatusUnauthorized)
return return
} }
// Authentification HTTP Basic en base de données // Authentification HTTP Basic en base de données
email, password, ok := req.BasicAuth() email, password, ok := req.BasicAuth()
if !ok { if !ok {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(w, "Unauthorized", http.StatusUnauthorized) http.Error(w, "Unauthorized", http.StatusUnauthorized)
return return
} }
log.Printf("✅ email saisie: %s", email) log.Printf("✅ email saisi: %s", email)
log.Printf("✅ passw saisie: %s", password) log.Printf("✅ password saisi: %s", password)
var user models.User var user models.User
result := bd.Where("email = ?", email).First(&user) result := bd.Where("email = ?", email).First(&user)
if result.Error != nil { if result.Error != nil {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(w, "Unauthorized", http.StatusUnauthorized) http.Error(w, "Unauthorized", http.StatusUnauthorized)
return return
} }
err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) err := bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password))
if err != nil { if err != nil {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
http.Error(w, "Unauthorized", http.StatusUnauthorized) http.Error(w, "Unauthorized", http.StatusUnauthorized)
return return
} }
// Lecture seule // ✅ Ici on autorise TOUTES les méthodes WebDAV (lecture/écriture/suppression)
if req.Method != "GET" && req.Method != "HEAD" && req.Method != "OPTIONS" && req.Method != "PROPFIND" { log.Printf("✅ WebDAV FULL ACCESS for user: %s", email)
http.Error(w, "Read-Only", http.StatusForbidden)
return
}
log.Printf("✅ WebDAV access for user: %s", email) // Headers WebDAV que certains clients attendent
w.Header().Set("DAV", "1,2")
w.Header().Set("MS-Author-Via", "DAV")
w.Header().Set("DAV", "1,2") // Handler WebDAV complet
w.Header().Set("MS-Author-Via", "DAV") webdavHandler := &webdav.Handler{
Prefix: "/webdav/",
FileSystem: webdav.Dir("/app/upload"),
LockSystem: webdav.NewMemLS(),
}
webdavHandler := &webdav.Handler{ webdavHandler.ServeHTTP(w, req)
Prefix: "/webdav/", }))
FileSystem: webdav.Dir("/app/upload"),
LockSystem: webdav.NewMemLS(),
}
webdavHandler.ServeHTTP(w, req)
}))
// WebDAV sécurisé // WebDAV sécurisé
// username := "tonuser" // ton login // username := "tonuser" // ton login