sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-09 17:13:02 +03:00
Code Issues 17 Packages Projects Releases 10 Wiki Activity

Compare commits

base: sigoden:v0.19.0
Branches Tags
sigoden:main sigoden:chore-release
sigoden:v0.46.0-rc1 sigoden:v0.45.0 sigoden:v0.44.0 sigoden:v0.43.0 sigoden:v0.42.0 sigoden:v0.41.0 sigoden:v0.40.0 sigoden:v0.39.0 sigoden:v0.38.0 sigoden:v0.37.1 sigoden:v0.37.0 sigoden:v0.36.0 sigoden:v0.35.0 sigoden:v0.34.2 sigoden:v0.34.1 sigoden:v0.34.0 sigoden:v0.33.0 sigoden:v0.32.0 sigoden:v0.31.0 sigoden:v0.30.0 sigoden:v0.29.0 sigoden:v0.28.0 sigoden:v0.27.0 sigoden:v0.26.0 sigoden:v0.25.0 sigoden:v0.24.0 sigoden:v0.23.1 sigoden:v0.23.0 sigoden:v0.22.0 sigoden:v0.21.0 sigoden:v0.20.0 sigoden:v0.19.0 sigoden:v0.18.0 sigoden:v0.17.1 sigoden:v0.17.0 sigoden:v0.16.0 sigoden:v0.15.1 sigoden:v0.15.0 sigoden:v0.14.0 sigoden:v0.13.2 sigoden:v0.13.1 sigoden:v0.13.0 sigoden:v0.12.1 sigoden:v0.11.0 sigoden:v0.10.1 sigoden:v0.10.0 sigoden:v0.9.0 sigoden:v0.8.0 sigoden:v0.7.0 sigoden:v0.6.0 sigoden:v0.5.0 sigoden:v0.4.0 sigoden:v0.3.0 sigoden:v0.2.1 sigoden:v0.2.0 sigoden:v0.1.0
...
compare: sigoden:v0.20.0
Branches Tags
sigoden:chore-release sigoden:main
sigoden:v0.46.0-rc1 sigoden:v0.45.0 sigoden:v0.44.0 sigoden:v0.43.0 sigoden:v0.42.0 sigoden:v0.41.0 sigoden:v0.40.0 sigoden:v0.39.0 sigoden:v0.38.0 sigoden:v0.37.1 sigoden:v0.37.0 sigoden:v0.36.0 sigoden:v0.35.0 sigoden:v0.34.2 sigoden:v0.34.1 sigoden:v0.34.0 sigoden:v0.33.0 sigoden:v0.32.0 sigoden:v0.31.0 sigoden:v0.30.0 sigoden:v0.29.0 sigoden:v0.28.0 sigoden:v0.27.0 sigoden:v0.26.0 sigoden:v0.25.0 sigoden:v0.24.0 sigoden:v0.23.1 sigoden:v0.23.0 sigoden:v0.22.0 sigoden:v0.21.0 sigoden:v0.20.0 sigoden:v0.19.0 sigoden:v0.18.0 sigoden:v0.17.1 sigoden:v0.17.0 sigoden:v0.16.0 sigoden:v0.15.1 sigoden:v0.15.0 sigoden:v0.14.0 sigoden:v0.13.2 sigoden:v0.13.1 sigoden:v0.13.0 sigoden:v0.12.1 sigoden:v0.11.0 sigoden:v0.10.1 sigoden:v0.10.0 sigoden:v0.9.0 sigoden:v0.8.0 sigoden:v0.7.0 sigoden:v0.6.0 sigoden:v0.5.0 sigoden:v0.4.0 sigoden:v0.3.0 sigoden:v0.2.1 sigoden:v0.2.0 sigoden:v0.1.0

7 Commits
v0.19.0 ... v0.20.0

Author SHA1 Message Date
sigoden
d2270be8fb chore: update changelog 2022-06-21 07:56:24 +08:00
sigoden
2d0dfed456 chore(release): version v0.20.0 2022-06-21 07:52:45 +08:00
sigoden
4058a2db72 feat: add option --allow-search (#62) 2022-06-21 07:23:20 +08:00
sigoden
069cb64889 fix: decodeURI searching string (#61) 2022-06-20 21:51:41 +08:00
sigoden
c85ea06785 chore: update cli help message and reamde 2022-06-20 19:40:09 +08:00
sigoden
68139c6263 chore: little improves 2022-06-20 15:11:39 +08:00
Joe Koop
deb6365a28 feat: added basic auth (#60) 
* some small css fixes and changes

* added basic auth
https://stackoverflow.com/a/9534652/3642588

* most tests are passing

* fixed all the tests

* maybe now CI will pass

* implemented sigoden's suggestions

* test basic auth

* fixed some little things
 2022-06-20 11:25:09 +08:00
13 changed files with 328 additions and 174 deletions
Expand all files Collapse all files

11
CHANGELOG.md
View File

@@ -2,6 +2,17 @@
All notable changes to this project will be documented in this file.
## [0.20.0] - 2022-06-20
### Bug Fixes
- DecodeURI searching string ([#61](https://github.com/sigoden/dufs/issues/61))
### Features
- Added basic auth ([#60](https://github.com/sigoden/dufs/issues/60))
- Add option --allow-search ([#62](https://github.com/sigoden/dufs/issues/62))
## [0.19.0] - 2022-06-19
### Features

16
Cargo.lock generated
View File

@@ -423,6 +423,7 @@ dependencies = [
"bitflags",
"clap_lex",
"indexmap",
"terminal_size",
"textwrap",
]
@@ -571,7 +572,7 @@ checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10"
[[package]]
name = "dufs"
version = "0.19.0"
version = "0.20.0"
dependencies = [
"assert_cmd",
"assert_fs",
@@ -2146,6 +2147,16 @@ dependencies = [
"utf-8",
]
[[package]]
name = "terminal_size"
version = "0.1.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "633c1a546cee861a1a6d0dc69ebeca693bf4296661ba7852b9d21d159e0506df"
dependencies = [
"libc",
"winapi 0.3.9",
]
[[package]]
name = "termtree"
version = "0.2.4"
@@ -2157,6 +2168,9 @@ name = "textwrap"
version = "0.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb"
dependencies = [
"terminal_size",
]
[[package]]
name = "thiserror"

6
Cargo.toml
View File

@@ -1,9 +1,9 @@
[package]
name = "dufs"
version = "0.19.0"
version = "0.20.0"
edition = "2021"
authors = ["sigoden <sigoden@gmail.com>"]
description = "Dufs is a simple file server."
description = "Dufs is a distinctive utility file server"
license = "MIT OR Apache-2.0"
homepage = "https://github.com/sigoden/dufs"
repository = "https://github.com/sigoden/dufs"
@@ -11,7 +11,7 @@ categories = ["command-line-utilities", "web-programming::http-server"]
keywords = ["static", "file", "server", "webdav", "cli"]
[dependencies]
clap = { version = "3", default-features = false, features = ["std"] }
clap = { version = "3", default-features = false, features = ["std", "wrap_help"] }
chrono = "0.4"
tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
tokio-rustls = "0.23"

127
README.md
View File

@@ -3,7 +3,7 @@
[![CI](https://github.com/sigoden/dufs/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/dufs/actions/workflows/ci.yaml)
[![Crates](https://img.shields.io/crates/v/dufs.svg)](https://crates.io/crates/dufs)
Dufs is a simple file server. Support static serve, search, upload, webdav...
Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
![demo](https://user-images.githubusercontent.com/4012553/174486522-7af350e6-0195-4f4a-8480-d9464fc6452f.png)
@@ -40,59 +40,91 @@ Download from [Github Releases](https://github.com/sigoden/dufs/releases), unzip
## CLI
```
Dufs is a simple file server. - https://github.com/sigoden/dufs
Dufs is a distinctive utility file server - https://github.com/sigoden/dufs
USAGE:
dufs [OPTIONS] [--] [path]
ARGS:
<path> Path to a root directory for serving files [default: .]
<path> Specific path to serve [default: .]
OPTIONS:
-b, --bind <addr>... Specify bind address
-p, --port <port> Specify port to listen on [default: 5000]
--path-prefix <path> Specify an url path prefix
-a, --auth <rule>... Add auth for path
-A, --allow-all Allow all operations
--allow-upload Allow upload files/folders
--allow-delete Allow delete files/folders
--allow-symlink Allow symlink to files/folders outside root directory
--enable-cors Enable CORS, sets `Access-Control-Allow-Origin: *`
--render-index Render index.html when requesting a directory
--render-try-index Render index.html if it exists when requesting a directory
--render-spa Render for single-page application
--tls-cert <path> Path to an SSL/TLS certificate to serve with HTTPS
--tls-key <path> Path to the SSL/TLS certificate's private key
-h, --help Print help information
-V, --version Print version information
-b, --bind <addr>... Specify bind address
-p, --port <port> Specify port to listen on [default: 5000]
--path-prefix <path> Specify an path prefix
-a, --auth <rule>... Add auth for path
--auth-method <value> Select auth method [default: digest] [possible values: basic, digest]
-A, --allow-all Allow all operations
--allow-upload Allow upload files/folders
--allow-delete Allow delete files/folders
--allow-search Allow search files/folders
--allow-symlink Allow symlink to files/folders outside root directory
--enable-cors Enable CORS, sets `Access-Control-Allow-Origin: *`
--render-index Serve index.html when requesting a directory, returns 404 if not found index.html
--render-try-index Serve index.html when requesting a directory, returns file listing if not found index.html
--render-spa Serve SPA(Single Page Application)
--tls-cert <path> Path to an SSL/TLS certificate to serve with HTTPS
--tls-key <path> Path to the SSL/TLS certificate's private key
-h, --help Print help information
-V, --version Print version information
```
## Examples
Serve current working directory, no upload/delete
Serve current working directory
```
dufs
```
Allow upload/delete
Explicitly allow all operations including upload/delete
```
dufs -A
```
Only allow upload operation
```
dufs --allow-upload
```
Serve a directory
```
dufs Downloads
```
Serve a single file
```
dufs linux-distro.iso
```
Serve index.html when requesting a directory
```
dufs --render-index
```
Serve SPA(Single Page Application)
```
dufs --render-spa
```
Require username/password
```
dufs -a /@admin:123
```
Listen on a specific port
```
dufs -p 80
```
For a single page application (SPA)
```
dufs --render-spa
```
Use https
```
@@ -124,36 +156,9 @@ Delete a file/folder
curl -X DELETE http://127.0.0.1:5000/path-to-file
```
## Details
## Access Control
<details>
<summary>
#### 1. Control render logic
</summary>
The default render logic is:
- If request for a folder, rendering the directory listing.
- If request for a file, rendering the file.
- If request target does not exist, returns 404.
The `--render-*` options change the render logic:
- `--render-index`: If request for a folder, rendering index.html in the folder. If the index.html file does not exist, return 404.
- `--render-try-index`: Like `--render-index`, rendering the directory listing if the index.html file does not exist, other than return 404.
- `--render-spa`: If request target does not exist, rendering `/index.html`
</details>
<details>
<summary>
#### 2. Path level access control
</summary>
Dufs supports path level access control. You can control who can do what on which path with `--auth`/`-a`.
```
dufs -a <path>@<readwrite>[@<readonly>]
@@ -163,7 +168,7 @@ dufs -a <path>@<readwrite>[@<readonly>]
- `<readwrite>`: Account with readwrite permission, required
- `<readonly>`: Account with readonly permission, optional
> `*` as `<readonly>` means `<path>` is public, everyone can access/download it.
> `<readonly>` can be `*` means `<path>` is public, everyone can access/download it.
For example:
@@ -174,14 +179,6 @@ dufs -a /@admin:pass@* -a /ui@designer:pass1 -A
- Account `admin:pass` can upload/delete/download any files/folders.
- Account `designer:pass1` can upload/delete/download any files/folders in the `ui` folder.
Curl with digest auth:
```
curl --digest -u designer:pass1 http://127.0.0.1:5000/ui/path-to-file
```
</details>
## License
Copyright (c) 2022 dufs-developers.

31
assets/index.css
View File

@@ -1,11 +1,16 @@
html {
font-family: -apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif;
font-family: -apple-system,BlinkMacSystemFont,Roboto,Helvetica,Arial,sans-serif;
line-height: 1.5;
color: #24292e;
}
body {
/* prevent premature breadcrumb wrapping on mobile */
min-width: 500px;
}
.hidden {
display: none;
display: none !important;
}
.head {
@@ -49,6 +54,11 @@ html {
margin-right: 10px;
}
.toolbox > div {
/* vertically align with breadcrumb text */
height: 1.1rem;
}
.searchbar {
display: flex;
flex-wrap: nowrap;
@@ -116,11 +126,6 @@ html {
white-space: nowrap;
}
.uploaders-table .cell-name,
.paths-table .cell-name {
width: 500px;
}
.uploaders-table .cell-status {
width: 80px;
padding-left: 0.6em;
@@ -143,7 +148,6 @@ html {
padding-left: 0.6em;
}
.path svg {
height: 100%;
fill: rgba(3,47,98,0.5);
@@ -163,7 +167,7 @@ html {
display: block;
text-decoration: none;
max-width: calc(100vw - 375px);
min-width: 400px;
min-width: 200px;
}
.path a:hover {
@@ -182,6 +186,12 @@ html {
padding-right: 1em;
}
@media (min-width: 768px) {
.path a {
min-width: 400px;
}
}
/* dark theme */
@media (prefers-color-scheme: dark) {
body {
@@ -200,7 +210,8 @@ html {
}
svg,
.path svg {
.path svg,
.breadcrumb svg {
fill: #fff;
}

2
assets/index.html
View File

@@ -22,7 +22,7 @@
<input type="file" id="file" name="file" multiple>
</div>
</div>
<form class="searchbar">
<form class="searchbar hidden">
<div class="icon">
<svg width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z"/></svg>
</div>

8
assets/index.js
View File

@@ -339,10 +339,14 @@ function ready() {
$uploadersTable = document.querySelector(".uploaders-table");
$emptyFolder = document.querySelector(".empty-folder");
if (params.q) {
document.getElementById('search').value = params.q;
if (DATA.allow_search) {
document.querySelector(".searchbar").classList.remove("hidden");
if (params.q) {
document.getElementById('search').value = params.q;
}
}
addBreadcrumb(DATA.href, DATA.uri_prefix);
if (Array.isArray(DATA.paths)) {
const len = DATA.paths.length;

35
src/args.rs
View File

@@ -5,6 +5,7 @@ use std::net::IpAddr;
use std::path::{Path, PathBuf};
use crate::auth::AccessControl;
use crate::auth::AuthMethod;
use crate::tls::{load_certs, load_private_key};
use crate::BoxResult;
@@ -39,13 +40,13 @@ fn app() -> Command<'static> {
Arg::new("path")
.default_value(".")
.allow_invalid_utf8(true)
.help("Path to a root directory for serving files"),
.help("Specific path to serve"),
)
.arg(
Arg::new("path-prefix")
.long("path-prefix")
.value_name("path")
.help("Specify an url path prefix"),
.help("Specify an path prefix"),
)
.arg(
Arg::new("auth")
@@ -56,6 +57,14 @@ fn app() -> Command<'static> {
.multiple_occurrences(true)
.value_name("rule"),
)
.arg(
Arg::new("auth-method")
.long("auth-method")
.help("Select auth method")
.possible_values(["basic", "digest"])
.default_value("digest")
.value_name("value"),
)
.arg(
Arg::new("allow-all")
.short('A')
@@ -72,6 +81,11 @@ fn app() -> Command<'static> {
.long("allow-delete")
.help("Allow delete files/folders"),
)
.arg(
Arg::new("allow-search")
.long("allow-search")
.help("Allow search files/folders"),
)
.arg(
Arg::new("allow-symlink")
.long("allow-symlink")
@@ -85,17 +99,17 @@ fn app() -> Command<'static> {
.arg(
Arg::new("render-index")
.long("render-index")
.help("Render index.html when requesting a directory"),
.help("Serve index.html when requesting a directory, returns 404 if not found index.html"),
)
.arg(
Arg::new("render-try-index")
.long("render-try-index")
.help("Render index.html if it exists when requesting a directory"),
.help("Serve index.html when requesting a directory, returns file listing if not found index.html"),
)
.arg(
Arg::new("render-spa")
.long("render-spa")
.help("Render for single-page application"),
.help("Serve SPA(Single Page Application)"),
)
.arg(
Arg::new("tls-cert")
@@ -115,7 +129,7 @@ pub fn matches() -> ArgMatches {
app().get_matches()
}
#[derive(Debug, Clone)]
#[derive(Debug)]
pub struct Args {
pub addrs: Vec<IpAddr>,
pub port: u16,
@@ -123,9 +137,11 @@ pub struct Args {
pub path_is_file: bool,
pub path_prefix: String,
pub uri_prefix: String,
pub auth_method: AuthMethod,
pub auth: AccessControl,
pub allow_upload: bool,
pub allow_delete: bool,
pub allow_search: bool,
pub allow_symlink: bool,
pub render_index: bool,
pub render_spa: bool,
@@ -162,9 +178,14 @@ impl Args {
.values_of("auth")
.map(|v| v.collect())
.unwrap_or_default();
let auth_method = match matches.value_of("auth-method").unwrap() {
"basic" => AuthMethod::Basic,
_ => AuthMethod::Digest,
};
let auth = AccessControl::new(&auth, &uri_prefix)?;
let allow_upload = matches.is_present("allow-all") || matches.is_present("allow-upload");
let allow_delete = matches.is_present("allow-all") || matches.is_present("allow-delete");
let allow_search = matches.is_present("allow-all") || matches.is_present("allow-search");
let allow_symlink = matches.is_present("allow-all") || matches.is_present("allow-symlink");
let render_index = matches.is_present("render-index");
let render_try_index = matches.is_present("render-try-index");
@@ -185,10 +206,12 @@ impl Args {
path_is_file,
path_prefix,
uri_prefix,
auth_method,
auth,
enable_cors,
allow_delete,
allow_upload,
allow_search,
allow_symlink,
render_index,
render_try_index,

205
src/auth.rs
View File

@@ -22,12 +22,12 @@ lazy_static! {
};
}
#[derive(Debug, Clone)]
#[derive(Debug)]
pub struct AccessControl {
rules: HashMap<String, PathControl>,
}
#[derive(Debug, Clone)]
#[derive(Debug)]
pub struct PathControl {
readwrite: Account,
readonly: Option<Account>,
@@ -76,6 +76,7 @@ impl AccessControl {
path: &str,
method: &Method,
authorization: Option<&HeaderValue>,
auth_method: AuthMethod,
) -> GuardType {
if self.rules.is_empty() {
return GuardType::ReadWrite;
@@ -86,7 +87,10 @@ impl AccessControl {
controls.push(control);
if let Some(authorization) = authorization {
let Account { user, pass } = &control.readwrite;
if valid_digest(authorization, method.as_str(), user, pass).is_some() {
if auth_method
.validate(authorization, method.as_str(), user, pass)
.is_some()
{
return GuardType::ReadWrite;
}
}
@@ -99,7 +103,10 @@ impl AccessControl {
}
if let Some(authorization) = authorization {
if let Some(Account { user, pass }) = &control.readonly {
if valid_digest(authorization, method.as_str(), user, pass).is_some() {
if auth_method
.validate(authorization, method.as_str(), user, pass)
.is_some()
{
return GuardType::ReadOnly;
}
}
@@ -167,87 +174,127 @@ impl Account {
}
}
pub fn generate_www_auth(stale: bool) -> String {
let str_stale = if stale { "stale=true," } else { "" };
format!(
"Digest realm=\"{}\",nonce=\"{}\",{}qop=\"auth\"",
REALM,
create_nonce(),
str_stale
)
#[derive(Debug, Clone)]
pub enum AuthMethod {
Basic,
Digest,
}
pub fn valid_digest(
authorization: &HeaderValue,
method: &str,
auth_user: &str,
auth_pass: &str,
) -> Option<()> {
let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
let user_vals = to_headermap(digest_value).ok()?;
if let (Some(username), Some(nonce), Some(user_response)) = (
user_vals
.get(b"username".as_ref())
.and_then(|b| std::str::from_utf8(*b).ok()),
user_vals.get(b"nonce".as_ref()),
user_vals.get(b"response".as_ref()),
) {
match validate_nonce(nonce) {
Ok(true) => {}
_ => return None,
}
if auth_user != username {
return None;
}
let mut ha = Context::new();
ha.consume(method);
ha.consume(b":");
if let Some(uri) = user_vals.get(b"uri".as_ref()) {
ha.consume(uri);
}
let ha = format!("{:x}", ha.compute());
let mut correct_response = None;
if let Some(qop) = user_vals.get(b"qop".as_ref()) {
if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
correct_response = Some({
let mut c = Context::new();
c.consume(&auth_pass);
c.consume(b":");
c.consume(nonce);
c.consume(b":");
if let Some(nc) = user_vals.get(b"nc".as_ref()) {
c.consume(nc);
}
c.consume(b":");
if let Some(cnonce) = user_vals.get(b"cnonce".as_ref()) {
c.consume(cnonce);
}
c.consume(b":");
c.consume(qop);
c.consume(b":");
c.consume(&*ha);
format!("{:x}", c.compute())
});
impl AuthMethod {
pub fn www_auth(&self, stale: bool) -> String {
match self {
AuthMethod::Basic => {
format!("Basic realm=\"{}\"", REALM)
}
}
let correct_response = match correct_response {
Some(r) => r,
None => {
let mut c = Context::new();
c.consume(&auth_pass);
c.consume(b":");
c.consume(nonce);
c.consume(b":");
c.consume(&*ha);
format!("{:x}", c.compute())
AuthMethod::Digest => {
let str_stale = if stale { "stale=true," } else { "" };
format!(
"Digest realm=\"{}\",nonce=\"{}\",{}qop=\"auth\"",
REALM,
create_nonce(),
str_stale
)
}
}
}
pub fn validate(
&self,
authorization: &HeaderValue,
method: &str,
auth_user: &str,
auth_pass: &str,
) -> Option<()> {
match self {
AuthMethod::Basic => {
let value: Vec<u8> =
base64::decode(strip_prefix(authorization.as_bytes(), b"Basic ").unwrap())
.unwrap();
let parts: Vec<&str> = std::str::from_utf8(&value).unwrap().split(':').collect();
if parts[0] != auth_user {
return None;
}
let mut h = Context::new();
h.consume(format!("{}:{}:{}", parts[0], REALM, parts[1]).as_bytes());
let http_pass = format!("{:x}", h.compute());
if http_pass == auth_pass {
return Some(());
}
None
}
AuthMethod::Digest => {
let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
let user_vals = to_headermap(digest_value).ok()?;
if let (Some(username), Some(nonce), Some(user_response)) = (
user_vals
.get(b"username".as_ref())
.and_then(|b| std::str::from_utf8(*b).ok()),
user_vals.get(b"nonce".as_ref()),
user_vals.get(b"response".as_ref()),
) {
match validate_nonce(nonce) {
Ok(true) => {}
_ => return None,
}
if auth_user != username {
return None;
}
let mut ha = Context::new();
ha.consume(method);
ha.consume(b":");
if let Some(uri) = user_vals.get(b"uri".as_ref()) {
ha.consume(uri);
}
let ha = format!("{:x}", ha.compute());
let mut correct_response = None;
if let Some(qop) = user_vals.get(b"qop".as_ref()) {
if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
correct_response = Some({
let mut c = Context::new();
c.consume(&auth_pass);
c.consume(b":");
c.consume(nonce);
c.consume(b":");
if let Some(nc) = user_vals.get(b"nc".as_ref()) {
c.consume(nc);
}
c.consume(b":");
if let Some(cnonce) = user_vals.get(b"cnonce".as_ref()) {
c.consume(cnonce);
}
c.consume(b":");
c.consume(qop);
c.consume(b":");
c.consume(&*ha);
format!("{:x}", c.compute())
});
}
}
let correct_response = match correct_response {
Some(r) => r,
None => {
let mut c = Context::new();
c.consume(&auth_pass);
c.consume(b":");
c.consume(nonce);
c.consume(b":");
c.consume(&*ha);
format!("{:x}", c.compute())
}
};
if correct_response.as_bytes() == *user_response {
// grant access
return Some(());
}
}
None
}
};
if correct_response.as_bytes() == *user_response {
// grant access
return Some(());
}
}
None
}
/// Check if a nonce is still valid.

18
src/server.rs
View File

@@ -1,4 +1,3 @@
use crate::auth::generate_www_auth;
use crate::streamer::Streamer;
use crate::utils::{decode_uri, encode_uri};
use crate::{Args, BoxResult};
@@ -96,7 +95,12 @@ impl Server {
}
let authorization = headers.get(AUTHORIZATION);
let guard_type = self.args.auth.guard(req_path, &method, authorization);
let guard_type = self.args.auth.guard(
req_path,
&method,
authorization,
self.args.auth_method.clone(),
);
if guard_type.is_reject() {
self.auth_reject(&mut res);
return Ok(res);
@@ -129,6 +133,7 @@ impl Server {
let allow_upload = self.args.allow_upload;
let allow_delete = self.args.allow_delete;
let allow_search = self.args.allow_search;
let render_index = self.args.render_index;
let render_spa = self.args.render_spa;
let render_try_index = self.args.render_try_index;
@@ -148,8 +153,9 @@ impl Server {
.await?;
} else if query == "zip" {
self.handle_zip_dir(path, head_only, &mut res).await?;
} else if let Some(q) = query.strip_prefix("q=") {
self.handle_query_dir(path, q, head_only, &mut res).await?;
} else if allow_search && query.starts_with("q=") {
let q = decode_uri(&query[2..]).unwrap_or_default();
self.handle_query_dir(path, &q, head_only, &mut res).await?;
} else {
self.handle_ls_dir(path, true, head_only, &mut res).await?;
}
@@ -691,6 +697,7 @@ impl Server {
paths,
allow_upload: self.args.allow_upload,
allow_delete: self.args.allow_delete,
allow_search: self.args.allow_search,
dir_exists: exist,
};
let data = serde_json::to_string(&data).unwrap();
@@ -720,7 +727,7 @@ const DATA =
}
fn auth_reject(&self, res: &mut Response) {
let value = generate_www_auth(false);
let value = self.args.auth_method.www_auth(false);
set_webdav_headers(res);
res.headers_mut().typed_insert(Connection::close());
res.headers_mut()
@@ -819,6 +826,7 @@ struct IndexData {
paths: Vec<PathItem>,
allow_upload: bool,
allow_delete: bool,
allow_search: bool,
dir_exists: bool,
}

12
tests/allow.rs
View File

@@ -59,3 +59,15 @@ fn allow_upload_delete_can_override(#[with(&["-A"])] server: TestServer) -> Resu
assert_eq!(resp.status(), 201);
Ok(())
}
#[rstest]
fn allow_search(#[with(&["--allow-search"])] server: TestServer) -> Result<(), Error> {
let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
assert_eq!(resp.status(), 200);
let paths = utils::retrive_index_paths(&resp.text()?);
assert!(!paths.is_empty());
for p in paths {
assert!(p.contains(&"test.html"));
}
Ok(())
}

15
tests/auth.rs
View File

@@ -80,3 +80,18 @@ fn auth_nest_share(
assert_eq!(resp.status(), 200);
Ok(())
}
#[rstest]
fn auth_basic(
#[with(&["--auth", "/@user:pass", "--auth-method", "basic", "-A"])] server: TestServer,
) -> Result<(), Error> {
let url = format!("{}file1", server.url());
let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
assert_eq!(resp.status(), 401);
let resp = fetch!(b"PUT", &url)
.body(b"abc".to_vec())
.basic_auth("user", Some("pass"))
.send()?;
assert_eq!(resp.status(), 201);
Ok(())
}

16
tests/http.rs
View File

@@ -63,7 +63,7 @@ fn head_dir_zip(server: TestServer) -> Result<(), Error> {
}
#[rstest]
fn get_dir_search(server: TestServer) -> Result<(), Error> {
fn get_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
assert_eq!(resp.status(), 200);
let paths = utils::retrive_index_paths(&resp.text()?);
@@ -75,7 +75,19 @@ fn get_dir_search(server: TestServer) -> Result<(), Error> {
}
#[rstest]
fn head_dir_search(server: TestServer) -> Result<(), Error> {
fn get_dir_search2(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "😀.data"))?;
assert_eq!(resp.status(), 200);
let paths = utils::retrive_index_paths(&resp.text()?);
assert!(!paths.is_empty());
for p in paths {
assert!(p.contains(&"😀.data"));
}
Ok(())
}
#[rstest]
fn head_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
let resp = fetch!(b"HEAD", format!("{}?q={}", server.url(), "test.html")).send()?;
assert_eq!(resp.status(), 200);
assert_eq!(