flounder

A simple gemini site builder
Log | Files | Refs | README | LICENSE

commit b9a8645bc1f8102bacd11b8bb1da8c2876511e89
parent a8026c9fc1d7a9c079da5cb21a8d7493199bdd69
Author: alex wennerberg <alex@alexwennerberg.com>
Date:   Mon,  7 Dec 2020 20:35:52 -0800

Basic auth+webdav setup

Diffstat:
Aauth.go | 14++++++++++++++
Awebdav.go | 32++++++++++++++++++++++++++++++++
2 files changed, 46 insertions(+), 0 deletions(-)

diff --git a/auth.go b/auth.go @@ -0,0 +1,14 @@ +package main + +import "golang.org/x/crypto/bcrypt" + +func checkAuth(user string, password string) error { + var actualPass []byte + row := DB.QueryRow("SELECT password_hash FROM user where username = ?", user) + err := row.Scan(&actualPass) + if err != nil { + return err + } + err = bcrypt.CompareHashAndPassword(actualPass, []byte(password)) + return err +} diff --git a/webdav.go b/webdav.go @@ -0,0 +1,32 @@ +package main + +import ( + "fmt" + "golang.org/x/net/webdav" + "net/http" +) + +func webdavHandler(w http.ResponseWriter, r *http.Request) { + // get user + if r.Header.Get("Authorization") == "" { + w.Header().Set("WWW-Authenticate", "Basic realm=\"wevdav\"") + http.Error(w, "Authentication Error", http.StatusUnauthorized) + return + } + for key, element := range r.Header { + fmt.Println(key, element) + } + fmt.Println(r.Body) + user, pass, ok := r.BasicAuth() + if ok && (checkAuth(user, pass) == nil) { + fmt.Println(user, pass) + webdavHandler := webdav.Handler{ + FileSystem: webdav.Dir(getUserDirectory(user)), + Prefix: "/webdav/", + LockSystem: webdav.NewMemLS(), + } + webdavHandler.ServeHTTP(w, r) + } else { + http.Error(w, "Authentication Error", http.StatusUnauthorized) + } +}