refactor: change the format of www-authenticate (#312)

2026-04-09 09:09:03 +03:00 · 2023-12-07 15:04:14 +08:00
parent 5c850256f4
commit 37800f630d
3 changed files with 28 additions and 17 deletions
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -1,7 +1,9 @@
+use crate::{args::Args, server::Response, utils::unix_now};
+
 use anyhow::{anyhow, bail, Result};
 use base64::{engine::general_purpose, Engine as _};
 use headers::HeaderValue;
-use hyper::Method;
+use hyper::{header::WWW_AUTHENTICATE, Method};
 use indexmap::IndexMap;
 use lazy_static::lazy_static;
 use md5::Context;
@@ -11,8 +13,6 @@ use std::{
 };
 use uuid::Uuid;

-use crate::{args::Args, utils::unix_now};
-
 const REALM: &str = "DUFS";
 const DIGEST_AUTH_TIMEOUT: u32 = 604800; // 7 days

@@ -258,17 +258,21 @@ impl AccessPerm {
    }
 }

-pub fn www_authenticate(args: &Args) -> Result<HeaderValue> {
-    let value = if args.auth.use_hashed_password {
-        format!("Basic realm=\"{}\"", REALM)
+pub fn www_authenticate(res: &mut Response, args: &Args) -> Result<()> {
+    if args.auth.use_hashed_password {
+        let basic = HeaderValue::from_str(&format!("Basic realm=\"{}\"", REALM))?;
+        res.headers_mut().insert(WWW_AUTHENTICATE, basic);
    } else {
        let nonce = create_nonce()?;
-        format!(
-            "Digest realm=\"{}\", nonce=\"{}\", qop=\"auth\", Basic realm=\"{}\"",
-            REALM, nonce, REALM
-        )
-    };
-    Ok(HeaderValue::from_str(&value)?)
+        let digest = HeaderValue::from_str(&format!(
+            "Digest realm=\"{}\", nonce=\"{}\", qop=\"auth\"",
+            REALM, nonce
+        ))?;
+        let basic = HeaderValue::from_str(&format!("Basic realm=\"{}\"", REALM))?;
+        res.headers_mut().append(WWW_AUTHENTICATE, digest);
+        res.headers_mut().append(WWW_AUTHENTICATE, basic);
+    }
+    Ok(())
 }

 pub fn get_auth_user(authorization: &HeaderValue) -> Option<String> {
--- a/src/server.rs
+++ b/src/server.rs
@@ -21,7 +21,7 @@ use headers::{
 };
 use hyper::header::{
    HeaderValue, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE,
-    RANGE, WWW_AUTHENTICATE,
+    RANGE,
 };
 use hyper::{Body, Method, StatusCode, Uri};
 use serde::Serialize;
@@ -1056,9 +1056,8 @@ impl Server {

    fn auth_reject(&self, res: &mut Response) -> Result<()> {
        set_webdav_headers(res);
-        res.headers_mut()
-            .append(WWW_AUTHENTICATE, www_authenticate(&self.args)?);
-        // set 401 to make the browser pop up the login box
+
+        www_authenticate(res, &self.args)?;
        *res.status_mut() = StatusCode::UNAUTHORIZED;
        Ok(())
    }