apps/photoprism
1
0
Fork 0
mirror of https://github.com/photoprism/photoprism.git synced 2025-10-19 07:05:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

WebDAV: Allow authentication with auth token and no username #808 #3943

Browse Source 
Signed-off-by: Michael Mayer <michael@photoprism.app>
This commit is contained in:
Michael Mayer
2024-01-10 18:03:38 +01:00
parent 7d78ee803a
commit cc356abe03
2 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/server/webdav_auth.go
View File

@@ -40,7 +40,7 @@ func WebDAVAuth(conf *config.Config) gin.HandlerFunc {
// Fail if the username or password is empty, as // Fail if the username or password is empty, as
// this is not allowed under any circumstances. // this is not allowed under any circumstances.
if username == "" || password == "" || cacheKey == "" { if username == "" || password == "" || cacheKey == "" {
return "", "", "", false return "", password, "", false
} }
// To improve performance, check the cache for already authorized users. // To improve performance, check the cache for already authorized users.
@@ -80,7 +80,7 @@ func WebDAVAuth(conf *config.Config) gin.HandlerFunc {
// Use the value provided in the password field as auth secret if no username was provided // Use the value provided in the password field as auth secret if no username was provided
// and the format matches. // and the format matches.
if username == "" && authToken == "" && rnd.IsAuthSecret(password) { if (username == "" || username == "access-token") && authToken == "" && rnd.IsAuthSecret(password) {
authToken = password authToken = password
} }

21
internal/server/webdav_auth_test.go
View File

@@ -1,6 +1,8 @@
package server package server
import ( import (
"encoding/base64"
"fmt"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"testing" "testing"
@@ -53,7 +55,24 @@ func TestWebDAVAuth(t *testing.T) {
} }
sess := entity.SessionFixtures.Get("alice_token_webdav") sess := entity.SessionFixtures.Get("alice_token_webdav")
header.SetAuthorization(c.Request, sess.AuthToken()) basicAuth := []byte(fmt.Sprintf("access-token:%s", sess.AuthToken()))
c.Request.Header.Add(header.Auth, fmt.Sprintf("%s %s", header.AuthBasic, base64.StdEncoding.EncodeToString(basicAuth)))
webdavHandler(c)
assert.Equal(t, http.StatusOK, c.Writer.Status())
assert.Equal(t, "", c.Writer.Header().Get("WWW-Authenticate"))
})
t.Run("AliceTokenWebdavWithoutUsername", func(t *testing.T) {
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
sess := entity.SessionFixtures.Get("alice_token_webdav")
basicAuth := []byte(fmt.Sprintf(":%s", sess.AuthToken()))
c.Request.Header.Add(header.Auth, fmt.Sprintf("%s %s", header.AuthBasic, base64.StdEncoding.EncodeToString(basicAuth)))
webdavHandler(c) webdavHandler(c)