rebuilt storage
This commit is contained in:
Daniel Goc
@@ -1,8 +1,10 @@
|
||||
package middleware
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"git.ma-al.com/goc_daniel/b2b/app/config"
|
||||
"git.ma-al.com/goc_daniel/b2b/app/model"
|
||||
@@ -133,6 +135,72 @@ func RequireAdmin() fiber.Handler {
|
||||
}
|
||||
}
|
||||
|
||||
// Webdav
|
||||
func Webdav() fiber.Handler {
|
||||
authService := authService.NewAuthService()
|
||||
|
||||
return func(c fiber.Ctx) error {
|
||||
authHeader := c.Get("Authorization")
|
||||
if authHeader == "" {
|
||||
c.Set("WWW-Authenticate", `Basic realm="webdav"`)
|
||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "authorization token required",
|
||||
})
|
||||
}
|
||||
|
||||
if !strings.HasPrefix(authHeader, "Basic ") {
|
||||
c.Set("WWW-Authenticate", `Basic realm="webdav"`)
|
||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "invalid authorization token",
|
||||
})
|
||||
}
|
||||
|
||||
encoded := strings.TrimPrefix(authHeader, "Basic ")
|
||||
decoded, err := base64.StdEncoding.DecodeString(encoded)
|
||||
if err != nil {
|
||||
c.Set("WWW-Authenticate", `Basic realm="webdav"`)
|
||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "invalid authorization token",
|
||||
})
|
||||
}
|
||||
|
||||
credentials := strings.SplitN(string(decoded), ":", 2)
|
||||
rawToken := ""
|
||||
if len(credentials) == 1 {
|
||||
rawToken = credentials[0]
|
||||
} else if len(credentials) == 2 {
|
||||
rawToken = credentials[1]
|
||||
}
|
||||
if len(rawToken) != constdata.NBYTES_IN_WEBDAV_TOKEN*2 {
|
||||
c.Set("WWW-Authenticate", `Basic realm="webdav"`)
|
||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "invalid authorization token",
|
||||
})
|
||||
}
|
||||
|
||||
// we identify user based on this token.
|
||||
user, err := authService.GetUserByWebdavToken(rawToken)
|
||||
if err != nil {
|
||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "user not found",
|
||||
})
|
||||
}
|
||||
|
||||
if user.WebdavExpires != nil && user.WebdavExpires.Before(time.Now()) {
|
||||
return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
|
||||
"error": "invalid or expired token",
|
||||
})
|
||||
}
|
||||
|
||||
var userLocale model.UserLocale
|
||||
userLocale.OriginalUser = user
|
||||
userLocale.User = user
|
||||
c.Locals(constdata.USER_LOCALE, &userLocale)
|
||||
|
||||
return c.Next()
|
||||
}
|
||||
}
|
||||
|
||||
// GetConfig returns the app config
|
||||
func GetConfig() *config.Config {
|
||||
return config.Get()
|
||||
|
||||
Reference in New Issue
Block a user