mirror of
https://github.com/filebrowser/filebrowser.git
synced 2024-06-07 23:00:43 +00:00
fix: rename global scope as root and fix root md
License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
Former-commit-id: 856c18bc9cf98a27b6cbea923b231e0aaf279190 [formerly 201c1a0294947930a7d0706af72ce719a8cc3b98] [formerly 0253e57e2994023e798f6fb0ae76f9c21d18fd69 [formerly 33a58c999a
]]
Former-commit-id: e7d88b22207125c29ea85a5a539653a54584999c [formerly 77cb1e0172cdf7195cc25d557e5028a9250d655c]
Former-commit-id: 64288f5a475a82d5f88c91347a09aea67ebb169d
This commit is contained in:
parent
77e1fe83db
commit
5a83d6736b
@ -3,12 +3,11 @@ package auth
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/filebrowser/filebrowser/v2/settings"
|
||||
"github.com/filebrowser/filebrowser/v2/users"
|
||||
)
|
||||
|
||||
// Auther is the authentication interface.
|
||||
type Auther interface {
|
||||
// Auth is called to authenticate a request.
|
||||
Auth(*http.Request, *users.Storage, *settings.Settings) (*users.User, error)
|
||||
Auth(r *http.Request, s *users.Storage, root string) (*users.User, error)
|
||||
}
|
||||
|
@ -26,7 +26,7 @@ type JSONAuth struct {
|
||||
}
|
||||
|
||||
// Auth authenticates the user via a json in content body.
|
||||
func (a *JSONAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Settings) (*users.User, error) {
|
||||
func (a *JSONAuth) Auth(r *http.Request, sto *users.Storage, root string) (*users.User, error) {
|
||||
var cred jsonCred
|
||||
|
||||
if r.Body == nil {
|
||||
@ -51,7 +51,7 @@ func (a *JSONAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Setti
|
||||
}
|
||||
}
|
||||
|
||||
u, err := sto.Get(set.Scope, cred.Username)
|
||||
u, err := sto.Get(root, cred.Username)
|
||||
if err != nil || !users.CheckPwd(cred.Password, u.Password) {
|
||||
return nil, os.ErrPermission
|
||||
}
|
||||
|
@ -11,10 +11,9 @@ import (
|
||||
const MethodNoAuth settings.AuthMethod = "noauth"
|
||||
|
||||
// NoAuth is no auth implementation of auther.
|
||||
type NoAuth struct {
|
||||
}
|
||||
type NoAuth struct{}
|
||||
|
||||
// Auth uses authenticates user 1.
|
||||
func (a *NoAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Settings) (*users.User, error) {
|
||||
return sto.Get(set.Scope, 1)
|
||||
func (a *NoAuth) Auth(r *http.Request, sto *users.Storage, root string) (*users.User, error) {
|
||||
return sto.Get(root, 1)
|
||||
}
|
||||
|
@ -18,9 +18,9 @@ type ProxyAuth struct {
|
||||
}
|
||||
|
||||
// Auth authenticates the user via an HTTP header.
|
||||
func (a *ProxyAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Settings) (*users.User, error) {
|
||||
func (a *ProxyAuth) Auth(r *http.Request, sto *users.Storage, root string) (*users.User, error) {
|
||||
username := r.Header.Get(a.Header)
|
||||
user, err := sto.Get(set.Scope, username)
|
||||
user, err := sto.Get(root, username)
|
||||
if err == errors.ErrNotExist {
|
||||
return nil, os.ErrPermission
|
||||
}
|
||||
|
10
cmd/root.go
10
cmd/root.go
@ -39,7 +39,7 @@ func init() {
|
||||
vaddP(f, "port", "p", 8080, "port to listen on")
|
||||
vaddP(f, "cert", "t", "", "tls certificate")
|
||||
vaddP(f, "key", "k", "", "tls key")
|
||||
vaddP(f, "scope", "s", ".", "scope to prepend to a user's scope when it is relative")
|
||||
vaddP(f, "root", "r", ".", "root to prepend to relative paths")
|
||||
vaddP(f, "baseurl", "b", "", "base url")
|
||||
vadd(f, "username", "admin", "username for the first user when using quick config")
|
||||
vadd(f, "password", "", "hashed password for the first user when using quick config (default \"admin\")")
|
||||
@ -115,9 +115,9 @@ user created with the credentials from options "username" and "password".`,
|
||||
address := v.GetString("address")
|
||||
cert := v.GetString("cert")
|
||||
key := v.GetString("key")
|
||||
scope := v.GetString("scope")
|
||||
root := v.GetString("root")
|
||||
|
||||
scope, err := filepath.Abs(scope)
|
||||
root, err := filepath.Abs(root)
|
||||
checkErr(err)
|
||||
settings, err := d.store.Settings.Get()
|
||||
checkErr(err)
|
||||
@ -127,7 +127,7 @@ user created with the credentials from options "username" and "password".`,
|
||||
// they are needed during the execution and not only
|
||||
// to start up the server.
|
||||
settings.BaseURL = v.GetString("baseurl")
|
||||
settings.Scope = scope
|
||||
settings.Root = root
|
||||
err = d.store.Settings.Save(settings)
|
||||
checkErr(err)
|
||||
|
||||
@ -151,7 +151,7 @@ user created with the credentials from options "username" and "password".`,
|
||||
if err := http.Serve(listener, handler); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}, pythonConfig{noDB: true}),
|
||||
}, pythonConfig{allowNoDB: true}),
|
||||
}
|
||||
|
||||
func quickSetup(d pythonData) {
|
||||
|
@ -21,19 +21,17 @@ var usersUpdateCmd = &cobra.Command{
|
||||
options you want to change.`,
|
||||
Args: cobra.ExactArgs(1),
|
||||
Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
|
||||
set, err := d.store.Settings.Get()
|
||||
checkErr(err)
|
||||
|
||||
username, id := parseUsernameOrID(args[0])
|
||||
password := mustGetString(cmd, "password")
|
||||
newUsername := mustGetString(cmd, "username")
|
||||
|
||||
var err error
|
||||
var user *users.User
|
||||
|
||||
if id != 0 {
|
||||
user, err = d.store.Users.Get(set.Scope, id)
|
||||
user, err = d.store.Users.Get("", id)
|
||||
} else {
|
||||
user, err = d.store.Users.Get(set.Scope, username)
|
||||
user, err = d.store.Users.Get("", username)
|
||||
}
|
||||
|
||||
checkErr(err)
|
||||
|
@ -73,7 +73,8 @@ type cobraFunc func(cmd *cobra.Command, args []string)
|
||||
type pythonFunc func(cmd *cobra.Command, args []string, data pythonData)
|
||||
|
||||
type pythonConfig struct {
|
||||
noDB bool
|
||||
noDB bool
|
||||
allowNoDB bool
|
||||
}
|
||||
|
||||
type pythonData struct {
|
||||
@ -91,7 +92,7 @@ func python(fn pythonFunc, cfg pythonConfig) cobraFunc {
|
||||
if os.IsNotExist(err) {
|
||||
data.hadDB = false
|
||||
|
||||
if !cfg.noDB {
|
||||
if !cfg.noDB || !cfg.allowNoDB {
|
||||
log.Fatal(path + " does not exid.store. Please run 'filebrowser config init' fird.store.")
|
||||
}
|
||||
} else if err != nil {
|
||||
|
@ -67,7 +67,7 @@ func withUser(fn handleFunc) handleFunc {
|
||||
w.Header().Add("X-Renew-Token", "true")
|
||||
}
|
||||
|
||||
d.user, err = d.store.Users.Get(d.settings.Scope, tk.User.ID)
|
||||
d.user, err = d.store.Users.Get(d.settings.Root, tk.User.ID)
|
||||
if err != nil {
|
||||
return http.StatusInternalServerError, err
|
||||
}
|
||||
@ -91,7 +91,7 @@ var loginHandler = func(w http.ResponseWriter, r *http.Request, d *data) (int, e
|
||||
return http.StatusInternalServerError, err
|
||||
}
|
||||
|
||||
user, err := auther.Auth(r, d.store.Users, d.Settings)
|
||||
user, err := auther.Auth(r, d.store.Users, d.Settings.Root)
|
||||
if err == os.ErrPermission {
|
||||
return http.StatusForbidden, nil
|
||||
} else if err != nil {
|
||||
|
@ -13,7 +13,7 @@ var withHashFile = func(fn handleFunc) handleFunc {
|
||||
return errToStatus(err), err
|
||||
}
|
||||
|
||||
user, err := d.store.Users.Get(d.settings.Scope, link.UserID)
|
||||
user, err := d.store.Users.Get(d.settings.Root, link.UserID)
|
||||
if err != nil {
|
||||
return errToStatus(err), err
|
||||
}
|
||||
|
@ -61,7 +61,7 @@ func withSelfOrAdmin(fn handleFunc) handleFunc {
|
||||
}
|
||||
|
||||
var usersGetHandler = withAdmin(func(w http.ResponseWriter, r *http.Request, d *data) (int, error) {
|
||||
users, err := d.store.Users.Gets(d.settings.Scope)
|
||||
users, err := d.store.Users.Gets(d.settings.Root)
|
||||
if err != nil {
|
||||
return http.StatusInternalServerError, err
|
||||
}
|
||||
@ -78,7 +78,7 @@ var usersGetHandler = withAdmin(func(w http.ResponseWriter, r *http.Request, d *
|
||||
})
|
||||
|
||||
var userGetHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request, d *data) (int, error) {
|
||||
u, err := d.store.Users.Get(d.settings.Scope, d.raw.(uint))
|
||||
u, err := d.store.Users.Get(d.settings.Root, d.raw.(uint))
|
||||
if err == errors.ErrNotExist {
|
||||
return http.StatusNotFound, err
|
||||
}
|
||||
@ -147,7 +147,7 @@ var userPutHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request
|
||||
req.Data.Password, err = users.HashPwd(req.Data.Password)
|
||||
} else {
|
||||
var suser *users.User
|
||||
suser, err = d.store.Users.Get(d.settings.Scope, d.raw.(uint))
|
||||
suser, err = d.store.Users.Get(d.settings.Root, d.raw.(uint))
|
||||
req.Data.Password = suser.Password
|
||||
}
|
||||
|
||||
|
@ -9,7 +9,7 @@ type AuthMethod string
|
||||
type Settings struct {
|
||||
Key []byte `json:"key"`
|
||||
BaseURL string `json:"baseURL"`
|
||||
Scope string `json:"scope"`
|
||||
Root string `json:"root"`
|
||||
Signup bool `json:"signup"`
|
||||
Defaults UserDefaults `json:"defaults"`
|
||||
AuthMethod AuthMethod `json:"authMethod"`
|
||||
|
Loading…
Reference in New Issue
Block a user