chore(release): version v0.28.0

CHANGELOG.md

@@ -2,6 +2,54 @@
 
 All notable changes to this project will be documented in this file.
 
+## [0.28.0] - 2022-07-31
+
+### Bug Fixes
+
+- File path contains special charactors ([#114](https://github.com/sigoden/dufs/issues/114))
+
+### Features
+
+- Add table row hover ([#115](https://github.com/sigoden/dufs/issues/115))
+- Support customize http log format ([#116](https://github.com/sigoden/dufs/issues/116))
+
+## [0.27.0] - 2022-07-25
+
+### Features
+
+- Improve hidden to support glob ([#108](https://github.com/sigoden/dufs/issues/108))
+- Adjust digest auth timeout to 1day ([#110](https://github.com/sigoden/dufs/issues/110))
+
+## [0.26.0] - 2022-07-11
+
+### Bug Fixes
+
+- Cors headers ([#100](https://github.com/sigoden/dufs/issues/100))
+
+### Features
+
+- Make --path-prefix works on serving single file ([#102](https://github.com/sigoden/dufs/issues/102))
+
+## [0.25.0] - 2022-07-06
+
+### Features
+
+- Ui supports creating folder ([#91](https://github.com/sigoden/dufs/issues/91))
+- Ui supports move folder/file to new path ([#92](https://github.com/sigoden/dufs/issues/92))
+- Check permission on move/copy destination ([#93](https://github.com/sigoden/dufs/issues/93))
+- Add completions ([#97](https://github.com/sigoden/dufs/issues/97))
+- Limit the number of concurrent uploads ([#98](https://github.com/sigoden/dufs/issues/98))
+
+## [0.24.0] - 2022-07-02
+
+### Bug Fixes
+
+- Unexpect stack overflow when searching a lot ([#87](https://github.com/sigoden/dufs/issues/87))
+
+### Features
+
+- Allow search with --render-try-index ([#88](https://github.com/sigoden/dufs/issues/88))
+
 ## [0.23.1] - 2022-06-30
 
 ### Bug Fixes

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "dufs"
-version = "0.23.1"
+version = "0.28.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
 description = "Dufs is a distinctive utility file server"
@@ -12,6 +12,7 @@ keywords = ["static", "file", "server", "webdav", "cli"]
 
 [dependencies]
 clap = { version = "3", default-features = false, features = ["std", "wrap_help"] }
+clap_complete = "3"
 chrono = "0.4"
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
 tokio-util = { version = "0.7",  features = ["io-util"] }
@@ -21,8 +22,7 @@ serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 futures = "0.3"
 base64 = "0.13"
-async_zip = { git = "https://github.com/sigoden/rs-async-zip", branch = "patch01" }
+async_zip = { version = "0.0.8", default-features = false, features = ["deflate"] }
-async-walkdir = "0.2"
 headers = "0.3"
 mime_guess = "2.0"
 if-addrs = "0.7"
@@ -37,6 +37,7 @@ xml-rs = "0.8"
 log = "0.4"
 socket2 = "0.4"
 async-stream = "0.3"
+walkdir = "2.3"
 
 [features]
 default = ["tls"]
@@ -46,11 +47,9 @@ tls = ["rustls", "rustls-pemfile", "tokio-rustls"]
 assert_cmd = "2"
 reqwest = { version = "0.11", features = ["blocking", "multipart", "rustls-tls"], default-features = false }
 assert_fs = "1"
-select = "0.5"
 port_check = "0.1"
 rstest = "0.15"
 regex = "1"
-pretty_assertions = "1.2"
 url = "2"
 diqwest = { version = "1", features = ["blocking"] }
 predicates = "2"

README.md

@@ -5,7 +5,7 @@
 
 Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
 
-![demo](https://user-images.githubusercontent.com/4012553/174486522-7af350e6-0195-4f4a-8480-d9464fc6452f.png)
+![demo](https://user-images.githubusercontent.com/4012553/177549931-130383ef-0480-4911-b9c2-0d9534a624b7.png)
 
 ## Features
 
@@ -30,7 +30,7 @@ cargo install dufs
 ### With docker
 
 ```
-docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data -A
 ```
 
 ### Binaries on macOS, Linux, Windows
@@ -51,7 +51,7 @@ ARGS:
 OPTIONS:
     -b, --bind <addr>...         Specify bind address
     -p, --port <port>            Specify port to listen on [default: 5000]
-        --path-prefix <path>     Specify an path prefix
+        --path-prefix <path>     Specify a path prefix
         --hidden <value>         Hide directories from directory listings, separated by `,`
     -a, --auth <rule>...         Add auth for path
         --auth-method <value>    Select auth method [default: digest] [possible values: basic, digest]
@@ -66,6 +66,8 @@ OPTIONS:
         --render-spa             Serve SPA(Single Page Application)
         --tls-cert <path>        Path to an SSL/TLS certificate to serve with HTTPS
         --tls-key <path>         Path to the SSL/TLS certificate's private key
+        --log-format <format>    Customize http log format
+        --completions <shell>    Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
     -h, --help                   Print help information
     -V, --version                Print version information
 ```
@@ -78,7 +80,7 @@ Serve current working directory
 dufs
 ```
 
-Explicitly allow all operations including upload/delete 
+Allow all operations like upload/delete/search...
 
 ```
 dufs -A
@@ -90,7 +92,7 @@ Only allow upload operation
 dufs --allow-upload
 ```
 
-Serve a directory
+Serve a specific directory
 
 ```
 dufs Downloads
@@ -102,18 +104,18 @@ Serve a single file
 dufs linux-distro.iso
 ```
 
-Serve index.html when requesting a directory
+Serve a single-page application like react/vue
-
-```
-dufs --render-index
-```
-
-Serve SPA(Single Page Application)
 
 ```
 dufs --render-spa
 ```
 
+Serve a static website with index.html
+
+```
+dufs --render-index
+```
+
 Require username/password
 
 ```
@@ -140,6 +142,12 @@ dufs --tls-cert my.crt --tls-key my.key
 
 ## API
 
+Upload a file
+
+```
+curl -T path-to-file http://127.0.0.1:5000/new-path/path-to-file
+```
+
 Download a file
 ```
 curl http://127.0.0.1:5000/path-to-file
@@ -151,16 +159,10 @@ Download a folder as zip file
 curl -o path-to-folder.zip http://127.0.0.1:5000/path-to-folder?zip
 ```
 
-Upload a file
-
-```
-curl --upload-file path-to-file http://127.0.0.1:5000/path-to-file
-```
-
 Delete a file/folder
 
 ```
-curl -X DELETE http://127.0.0.1:5000/path-to-file
+curl -X DELETE http://127.0.0.1:5000/path-to-file-or-folder
 ```
 
 ## Access Control
@@ -186,6 +188,23 @@ dufs -a /@admin:pass1@* -a /ui@designer:pass2 -A
 - Account `admin:pass1` can upload/delete/view/download any files/folders.
 - Account `designer:pass2` can upload/delete/view/download any files/folders in the `ui` folder.
 
+## Log format
+
+dufs supports customize http log format via option `--log-format`.
+
+The default format is `$remote_addr "$request" $status`.
+
+All variables list below:
+
+| name         | description                                                               |
+| ------------ | ------------------------------------------------------------------------- |
+| $remote_addr | client address                                                            |
+| $remote_user | user name supplied with authentication                                    |
+| $request     | full original request line                                                |
+| $status      | response status                                                           |
+| $http_       | arbitrary request header field. examples: $http_user_agent, $http_referer |
+
+> use `dufs --log-format=''` to disable http log
 ## License
 
 Copyright (c) 2022 dufs-developers.

assets/index.css

@@ -59,6 +59,15 @@ body {
   height: 1.1rem;
 }
 
+.toolbox .control {
+  cursor: pointer;
+  padding-left: 0.25em;
+}
+
+.upload-file input {
+  display: none;
+}
+
 .searchbar {
   display: flex;
   flex-wrap: nowrap;
@@ -90,15 +99,6 @@ body {
   cursor: pointer;
 }
 
-.upload-control {
-  cursor: pointer;
-  padding-left: 0.25em;
-}
-
-.upload-control input {
-  display: none;
-}
-
 .upload-status span {
   width: 70px;
   display: inline-block;
@@ -131,8 +131,12 @@ body {
   padding-left: 0.6em;
 }
 
+.paths-table tr:hover {
+  background-color: #fafafa;
+}
+
 .paths-table .cell-actions {
-  width: 60px;
+  width: 75px;
   display: flex;
   padding-left: 0.6em;
 }
@@ -175,7 +179,7 @@ body {
 }
 
 .action-btn {
-  padding-left: 0.4em;
+  padding-right: 0.3em;
 }
 
 .uploaders-table {

assets/index.html

@@ -15,12 +15,18 @@
           <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
         </a>
       </div>
-      <div class="upload-control hidden" title="Upload files">
+      <div class="control upload-file hidden" title="Upload files">
         <label for="file">
           <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z"/></svg>
         </label>
         <input type="file" id="file" name="file" multiple>
       </div>
+      <div class="control new-folder hidden" title="New folder">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path d="m.5 3 .04.87a1.99 1.99 0 0 0-.342 1.311l.637 7A2 2 0 0 0 2.826 14H9v-1H2.826a1 1 0 0 1-.995-.91l-.637-7A1 1 0 0 1 2.19 4h11.62a1 1 0 0 1 .996 1.09L14.54 8h1.005l.256-2.819A2 2 0 0 0 13.81 3H9.828a2 2 0 0 1-1.414-.586l-.828-.828A2 2 0 0 0 6.172 1H2.5a2 2 0 0 0-2 2zm5.672-1a1 1 0 0 1 .707.293L7.586 3H2.19c-.24 0-.47.042-.683.12L1.5 2.98a1 1 0 0 1 1-.98h3.672z"/>
+          <path d="M13.5 10a.5.5 0 0 1 .5.5V12h1.5a.5.5 0 1 1 0 1H14v1.5a.5.5 0 1 1-1 0V13h-1.5a.5.5 0 0 1 0-1H13v-1.5a.5.5 0 0 1 .5-.5z"/>
+        </svg>
+      </div>
     </div>
     <form class="searchbar hidden">
       <div class="icon">

assets/index.js

@@ -29,6 +29,10 @@ let $uploadersTable;
  * @type Element
  */
 let $emptyFolder;
+/**
+ * @type Element
+ */
+let $newFolder;
 
 class Uploader {
   /**
@@ -49,9 +53,8 @@ class Uploader {
   }
 
   upload() {
-    const { file, idx, name } = this;
+    const { idx, name } = this;
     const url = getUrl(name);
-    const encodedUrl = encodedStr(url);
     const encodedName = encodedStr(name);
     $uploadersTable.insertAdjacentHTML("beforeend", `
   <tr id="upload${idx}" class="uploader">
@@ -59,15 +62,22 @@ class Uploader {
       ${getSvg()}
     </td>
     <td class="path cell-name">
-      <a href="${encodedUrl}">${encodedName}</a>
+      <a href="${url}">${encodedName}</a>
     </td>
     <td class="cell-status upload-status" id="uploadStatus${idx}"></td>
   </tr>`);
     $uploadersTable.classList.remove("hidden");
     $emptyFolder.classList.add("hidden");
     this.$uploadStatus = document.getElementById(`uploadStatus${idx}`);
-    this.lastUptime = Date.now();
+    this.$uploadStatus.innerHTML = '-';
+    Uploader.queues.push(this);
+    Uploader.runQueue();
+  }
 
+  ajax() {
+    Uploader.runings += 1;
+    const url = getUrl(this.name);
+    this.lastUptime = Date.now();
     const ajax = new XMLHttpRequest();
     ajax.upload.addEventListener("progress", e => this.progress(e), false);
     ajax.addEventListener("readystatechange", () => {
@@ -82,13 +92,14 @@ class Uploader {
     ajax.addEventListener("error", () => this.fail(), false);
     ajax.addEventListener("abort", () => this.fail(), false);
     ajax.open("PUT", url);
-    ajax.send(file);
+    ajax.send(this.file);
   }
+  
 
   progress(event) {
-    let now = Date.now();
+    const now = Date.now();
-    let speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
+    const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
-    let [speedValue, speedUnit] = formatSize(speed);
+    const [speedValue, speedUnit] = formatSize(speed);
     const speedText = `${speedValue}${speedUnit.toLowerCase()}/s`;
     const progress = formatPercent((event.loaded / event.total) * 100);
     const duration = formatDuration((event.total - event.loaded) / speed)
@@ -99,15 +110,34 @@ class Uploader {
 
   complete() {
     this.$uploadStatus.innerHTML = `✓`;
+    Uploader.runings -= 1;
+    Uploader.runQueue();
   }
 
   fail() {
     this.$uploadStatus.innerHTML = `✗`;
+    Uploader.runings -= 1;
+    Uploader.runQueue();
   }
 }
 
 Uploader.globalIdx = 0;
 
+Uploader.runings = 0;
+
+/**
+ * @type Uploader[]
+ */
+Uploader.queues = [];
+
+
+Uploader.runQueue = () => {
+  if (Uploader.runings > 2) return;
+  let uploader = Uploader.queues.shift();
+  if (!uploader) return;
+  uploader.ajax();
+}
+
 /**
  * Add breadcrumb
  * @param {string} href 
@@ -129,16 +159,15 @@ function addBreadcrumb(href, uri_prefix) {
       if (!path.endsWith("/")) {
         path  += "/";
       }
-      path += encodeURI(name);
+      path += encodeURIComponent(name);
     }
-    const encodedPath = encodedStr(path);
     const encodedName = encodedStr(name);
     if (i === 0) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodedPath}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
     } else if (i === len - 1) {
       $breadcrumb.insertAdjacentHTML("beforeend", `<b>${encodedName}</b>`);
     } else {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodedPath}">${encodedName}</a>`);
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}">${encodedName}</a>`);
     }
     if (i !== len - 1) {
       $breadcrumb.insertAdjacentHTML("beforeend", `<span class="separator">/</span>`);
@@ -154,35 +183,41 @@ function addBreadcrumb(href, uri_prefix) {
 function addPath(file, index) {
   const encodedName = encodedStr(file.name);
   let url = getUrl(file.name)
-  let encodedUrl = encodedStr(url);
   let actionDelete = "";
   let actionDownload = "";
+  let actionMove = "";
   if (file.path_type.endsWith("Dir")) {
     url += "/";
-    encodedUrl += "/";
     actionDownload = `
     <div class="action-btn">
-      <a href="${encodedUrl}?zip" title="Download folder as a .zip file">
+      <a href="${url}?zip" title="Download folder as a .zip file">
         <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
       </a>
     </div>`;
   } else {
     actionDownload = `
     <div class="action-btn" >
-      <a href="${encodedUrl}" title="Download file" download>
+      <a href="${url}" title="Download file" download>
         <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
       </a>
     </div>`;
   }
   if (DATA.allow_delete) {
+    if (DATA.allow_upload) {
+      actionMove = `
+      <div onclick="movePath(${index})" class="action-btn" id="moveBtn${index}" title="Move to new path">
+        <svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>
+      </div>`;
+    }
     actionDelete = `
-    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete ${encodedName}">
+    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">
       <svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>
     </div>`;
   }
   let actionCell = `
   <td class="cell-actions">
     ${actionDownload}
+    ${actionMove}
     ${actionDelete}
   </td>`
 
@@ -192,7 +227,7 @@ function addPath(file, index) {
     ${getSvg(file.path_type)}
   </td>
   <td class="path cell-name">
-    <a href="${encodedUrl}">${encodedName}</a>
+    <a href="${url}">${encodedName}</a>
   </td>
   <td class="cell-mtime">${formatMtime(file.mtime)}</td>
   <td class="cell-size">${formatSize(file.size).join(" ")}</td>
@@ -201,7 +236,7 @@ function addPath(file, index) {
 }
 
 /**
- * Delete pathitem
+ * Delete path
  * @param {number} index 
  * @returns 
  */
@@ -231,6 +266,46 @@ async function deletePath(index) {
   }
 }
 
+
+/**
+ * Move path
+ * @param {number} index 
+ * @returns 
+ */
+async function movePath(index) {
+  const file = DATA.paths[index];
+  if (!file) return;
+
+  const fileUrl = getUrl(file.name);
+  const fileUrlObj = new URL(fileUrl)
+
+  const prefix = DATA.uri_prefix.slice(0, -1);
+    
+  const filePath = decodeURIComponent(fileUrlObj.pathname.slice(prefix.length));
+
+  let newPath = prompt("Enter new path", filePath)
+  if (!newPath) return;
+  if (!newPath.startsWith("/")) newPath = "/" + newPath;
+  if (filePath === newPath) return;
+  const newFileUrl = fileUrlObj.origin + prefix + newPath.split("/").map(encodeURIComponent).join("/");
+
+  try {
+    const res = await fetch(fileUrl, {
+      method: "MOVE",
+      headers: {
+        "Destination": newFileUrl,
+      }
+    });
+    if (res.status >= 200 && res.status < 300) {
+      location.href = newFileUrl.split("/").slice(0, -1).join("/")
+    } else {
+      throw new Error(await res.text())
+    }
+  } catch (err) {
+    alert(`Cannot move \`${filePath}\` to \`${newPath}\`, ${err.message}`);
+  }
+}
+
 function dropzone() {
     ["drag", "dragstart", "dragend", "dragover", "dragenter", "dragleave", "drop"].forEach(name => {
       document.addEventListener(name, e => {
@@ -255,6 +330,24 @@ function dropzone() {
     });
 }
 
+/**
+ * Create a folder
+ * @param {string} name 
+ */
+async function createFolder(name) {
+  const url = getUrl(name);
+  try {
+    const res = await fetch(url, {
+      method: "MKCOL",
+    });
+    if (res.status >= 200 && res.status < 300) {
+      location.href = url;
+    }
+  } catch (err) {
+    alert(`Cannot create folder \`${name}\`, ${err.message}`);
+  }
+}
+
 async function addFileEntries(entries, dirs) {
   for (const entry of entries) {
     if (entry.isFile) {
@@ -272,7 +365,7 @@ async function addFileEntries(entries, dirs) {
 function getUrl(name) {
     let url = location.href.split('?')[0];
     if (!url.endsWith("/")) url += "/";
-    url += encodeURI(name);
+    url += name.split("/").map(encodeURIComponent).join("/");
     return url;
 }
 
@@ -314,9 +407,9 @@ function formatSize(size) {
 
 function formatDuration(seconds) {
   seconds = Math.ceil(seconds);
-  let h = Math.floor(seconds / 3600);
+  const h = Math.floor(seconds / 3600);
-  let m = Math.floor((seconds - h * 3600) / 60);
+  const m = Math.floor((seconds - h * 3600) / 60);
-  let s = seconds - h * 3600 - m * 60
+  const s = seconds - h * 3600 - m * 60
   return `${padZero(h, 2)}:${padZero(m, 2)}:${padZero(s, 2)}`;
 }
 
@@ -340,6 +433,7 @@ function ready() {
   $pathsTableBody = document.querySelector(".paths-table tbody");
   $uploadersTable = document.querySelector(".uploaders-table");
   $emptyFolder = document.querySelector(".empty-folder");
+  $newFolder = document.querySelector(".new-folder");
 
   if (DATA.allow_search) {
     document.querySelector(".searchbar").classList.remove("hidden");
@@ -365,7 +459,14 @@ function ready() {
   }
   if (DATA.allow_upload) {
     dropzone();
-    document.querySelector(".upload-control").classList.remove("hidden");
+    if (DATA.allow_delete) {
+      $newFolder.classList.remove("hidden");
+      $newFolder.addEventListener("click", () => {
+        const name = prompt("Enter name of new folder");
+        if (name) createFolder(name);
+      });
+    }
+    document.querySelector(".upload-file").classList.remove("hidden");
     document.getElementById("file").addEventListener("change", e => {
       const files = e.target.files;
       for (let file of files) {

src/args.rs

@@ -1,4 +1,5 @@
-use clap::{AppSettings, Arg, ArgMatches, Command};
+use clap::{value_parser, AppSettings, Arg, ArgMatches, Command};
+use clap_complete::{generate, Generator, Shell};
 #[cfg(feature = "tls")]
 use rustls::{Certificate, PrivateKey};
 use std::env;
@@ -7,11 +8,13 @@ use std::path::{Path, PathBuf};
 
 use crate::auth::AccessControl;
 use crate::auth::AuthMethod;
+use crate::log_http::{LogHttp, DEFAULT_LOG_FORMAT};
 #[cfg(feature = "tls")]
 use crate::tls::{load_certs, load_private_key};
+use crate::utils::encode_uri;
 use crate::BoxResult;
 
-fn app() -> Command<'static> {
+pub fn build_cli() -> Command<'static> {
     let app = Command::new(env!("CARGO_CRATE_NAME"))
         .version(env!("CARGO_PKG_VERSION"))
         .author(env!("CARGO_PKG_AUTHORS"))
@@ -48,7 +51,7 @@ fn app() -> Command<'static> {
             Arg::new("path-prefix")
                 .long("path-prefix")
                 .value_name("path")
-                .help("Specify an path prefix"),
+                .help("Specify a path prefix"),
         )
         .arg(
             Arg::new("hidden")
@@ -135,11 +138,23 @@ fn app() -> Command<'static> {
                 .help("Path to the SSL/TLS certificate's private key"),
         );
 
-    app
+    app.arg(
+        Arg::new("log-format")
+            .long("log-format")
+            .value_name("format")
+            .help("Customize http log format"),
+    )
+    .arg(
+        Arg::new("completions")
+            .long("completions")
+            .value_name("shell")
+            .value_parser(value_parser!(Shell))
+            .help("Print shell completion script for <shell>"),
+    )
 }
 
-pub fn matches() -> ArgMatches {
+pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) {
-    app().get_matches()
+    generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout());
 }
 
 #[derive(Debug)]
@@ -150,7 +165,7 @@ pub struct Args {
     pub path_is_file: bool,
     pub path_prefix: String,
     pub uri_prefix: String,
-    pub hidden: String,
+    pub hidden: Vec<String>,
     pub auth_method: AuthMethod,
     pub auth: AccessControl,
     pub allow_upload: bool,
@@ -161,6 +176,7 @@ pub struct Args {
     pub render_spa: bool,
     pub render_try_index: bool,
     pub enable_cors: bool,
+    pub log_http: LogHttp,
     #[cfg(feature = "tls")]
     pub tls: Option<(Vec<Certificate>, PrivateKey)>,
     #[cfg(not(feature = "tls"))]
@@ -188,11 +204,11 @@ impl Args {
         let uri_prefix = if path_prefix.is_empty() {
             "/".to_owned()
         } else {
-            format!("/{}/", &path_prefix)
+            format!("/{}/", &encode_uri(&path_prefix))
         };
-        let hidden: String = matches
+        let hidden: Vec<String> = matches
             .value_of("hidden")
-            .map(|v| format!(",{},", v))
+            .map(|v| v.split(',').map(|x| x.to_string()).collect())
             .unwrap_or_default();
         let enable_cors = matches.is_present("enable-cors");
         let auth: Vec<&str> = matches
@@ -222,6 +238,10 @@ impl Args {
         };
         #[cfg(not(feature = "tls"))]
         let tls = None;
+        let log_http: LogHttp = matches
+            .value_of("log-format")
+            .unwrap_or(DEFAULT_LOG_FORMAT)
+            .parse()?;
 
         Ok(Args {
             addrs,
@@ -242,6 +262,7 @@ impl Args {
             render_try_index,
             render_spa,
             tls,
+            log_http,
         })
     }
 

src/auth.rs

@@ -12,6 +12,7 @@ use crate::utils::encode_uri;
 use crate::BoxResult;
 
 const REALM: &str = "DUFS";
+const DIGEST_AUTH_TIMEOUT: u32 = 86400;
 
 lazy_static! {
     static ref NONCESTARTHASH: Context = {
@@ -197,6 +198,24 @@ impl AuthMethod {
             }
         }
     }
+    pub fn get_user(&self, authorization: &HeaderValue) -> Option<String> {
+        match self {
+            AuthMethod::Basic => {
+                let value: Vec<u8> =
+                    base64::decode(strip_prefix(authorization.as_bytes(), b"Basic ")?).ok()?;
+                let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
+                Some(parts[0].to_string())
+            }
+            AuthMethod::Digest => {
+                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
+                let digest_vals = to_headermap(digest_value).ok()?;
+                digest_vals
+                    .get(b"username".as_ref())
+                    .and_then(|b| std::str::from_utf8(*b).ok())
+                    .map(|v| v.to_string())
+            }
+        }
+    }
     pub fn validate(
         &self,
         authorization: &HeaderValue,
@@ -206,10 +225,9 @@ impl AuthMethod {
     ) -> Option<()> {
         match self {
             AuthMethod::Basic => {
-                let value: Vec<u8> =
+                let basic_value: Vec<u8> =
-                    base64::decode(strip_prefix(authorization.as_bytes(), b"Basic ").unwrap())
+                    base64::decode(strip_prefix(authorization.as_bytes(), b"Basic ")?).ok()?;
-                        .unwrap();
+                let parts: Vec<&str> = std::str::from_utf8(&basic_value).ok()?.split(':').collect();
-                let parts: Vec<&str> = std::str::from_utf8(&value).unwrap().split(':').collect();
 
                 if parts[0] != auth_user {
                     return None;
@@ -228,13 +246,13 @@ impl AuthMethod {
             }
             AuthMethod::Digest => {
                 let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
-                let user_vals = to_headermap(digest_value).ok()?;
+                let digest_vals = to_headermap(digest_value).ok()?;
                 if let (Some(username), Some(nonce), Some(user_response)) = (
-                    user_vals
+                    digest_vals
                         .get(b"username".as_ref())
                         .and_then(|b| std::str::from_utf8(*b).ok()),
-                    user_vals.get(b"nonce".as_ref()),
+                    digest_vals.get(b"nonce".as_ref()),
-                    user_vals.get(b"response".as_ref()),
+                    digest_vals.get(b"response".as_ref()),
                 ) {
                     match validate_nonce(nonce) {
                         Ok(true) => {}
@@ -246,12 +264,12 @@ impl AuthMethod {
                     let mut ha = Context::new();
                     ha.consume(method);
                     ha.consume(b":");
-                    if let Some(uri) = user_vals.get(b"uri".as_ref()) {
+                    if let Some(uri) = digest_vals.get(b"uri".as_ref()) {
                         ha.consume(uri);
                     }
                     let ha = format!("{:x}", ha.compute());
                     let mut correct_response = None;
-                    if let Some(qop) = user_vals.get(b"qop".as_ref()) {
+                    if let Some(qop) = digest_vals.get(b"qop".as_ref()) {
                         if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
                             correct_response = Some({
                                 let mut c = Context::new();
@@ -259,11 +277,11 @@ impl AuthMethod {
                                 c.consume(b":");
                                 c.consume(nonce);
                                 c.consume(b":");
-                                if let Some(nc) = user_vals.get(b"nc".as_ref()) {
+                                if let Some(nc) = digest_vals.get(b"nc".as_ref()) {
                                     c.consume(nc);
                                 }
                                 c.consume(b":");
-                                if let Some(cnonce) = user_vals.get(b"cnonce".as_ref()) {
+                                if let Some(cnonce) = digest_vals.get(b"cnonce".as_ref()) {
                                     c.consume(cnonce);
                                 }
                                 c.consume(b":");
@@ -317,8 +335,7 @@ fn validate_nonce(nonce: &[u8]) -> Result<bool, ()> {
                 h.consume(secs_nonce.to_be_bytes());
                 let h = format!("{:x}", h.compute());
                 if h[..26] == n[8..34] {
-                    return Ok(dur < 300); // from the last 5min
+                    return Ok(dur < DIGEST_AUTH_TIMEOUT);
-                                          //Authentication-Info ?
                 }
             }
         }

src/log_http.rs

@@ -0,0 +1,99 @@
+use std::{collections::HashMap, str::FromStr, sync::Arc};
+
+use crate::{args::Args, server::Request};
+
+pub const DEFAULT_LOG_FORMAT: &str = r#"$remote_addr "$request" $status"#;
+
+#[derive(Debug)]
+pub struct LogHttp {
+    elems: Vec<LogElement>,
+}
+
+#[derive(Debug)]
+enum LogElement {
+    Variable(String),
+    Header(String),
+    Literal(String),
+}
+
+impl LogHttp {
+    pub fn data(&self, req: &Request, args: &Arc<Args>) -> HashMap<String, String> {
+        let mut data = HashMap::default();
+        for elem in self.elems.iter() {
+            match elem {
+                LogElement::Variable(name) => match name.as_str() {
+                    "request" => {
+                        data.insert(name.to_string(), format!("{} {}", req.method(), req.uri()));
+                    }
+                    "remote_user" => {
+                        if let Some(user) = req
+                            .headers()
+                            .get("authorization")
+                            .and_then(|v| args.auth_method.get_user(v))
+                        {
+                            data.insert(name.to_string(), user);
+                        }
+                    }
+                    _ => {}
+                },
+                LogElement::Header(name) => {
+                    if let Some(value) = req.headers().get(name).and_then(|v| v.to_str().ok()) {
+                        data.insert(name.to_string(), value.to_string());
+                    }
+                }
+                LogElement::Literal(_) => {}
+            }
+        }
+        data
+    }
+    pub fn log(&self, data: &HashMap<String, String>, err: Option<String>) {
+        if self.elems.is_empty() {
+            return;
+        }
+        let mut output = String::new();
+        for elem in self.elems.iter() {
+            match elem {
+                LogElement::Literal(value) => output.push_str(value.as_str()),
+                LogElement::Header(name) | LogElement::Variable(name) => {
+                    output.push_str(data.get(name).map(|v| v.as_str()).unwrap_or("-"))
+                }
+            }
+        }
+        match err {
+            Some(err) => error!("{} {}", output, err),
+            None => info!("{}", output),
+        }
+    }
+}
+
+impl FromStr for LogHttp {
+    type Err = Box<dyn std::error::Error>;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        let mut elems = vec![];
+        let mut is_var = false;
+        let mut cache = String::new();
+        for c in format!("{} ", s).chars() {
+            if c == '$' {
+                if !cache.is_empty() {
+                    elems.push(LogElement::Literal(cache.to_string()));
+                }
+                cache.clear();
+                is_var = true;
+            } else if is_var && !(c.is_alphanumeric() || c == '_') {
+                if let Some(value) = cache.strip_prefix("$http_") {
+                    elems.push(LogElement::Header(value.replace('_', "-").to_string()));
+                } else if let Some(value) = cache.strip_prefix('$') {
+                    elems.push(LogElement::Variable(value.to_string()));
+                }
+                cache.clear();
+                is_var = false;
+            }
+            cache.push(c);
+        }
+        let cache = cache.trim();
+        if !cache.is_empty() {
+            elems.push(LogElement::Literal(cache.to_string()));
+        }
+        Ok(Self { elems })
+    }
+}

src/main.rs

@@ -1,5 +1,6 @@
 mod args;
 mod auth;
+mod log_http;
 mod logger;
 mod server;
 mod streamer;
@@ -10,14 +11,16 @@ mod utils;
 #[macro_use]
 extern crate log;
 
-use crate::args::{matches, Args};
+use crate::args::{build_cli, print_completions, Args};
 use crate::server::{Request, Server};
 #[cfg(feature = "tls")]
 use crate::tls::{TlsAcceptor, TlsStream};
 
 use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
+use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 
+use clap_complete::Shell;
 use futures::future::join_all;
 use tokio::net::TcpListener;
 use tokio::task::JoinHandle;
@@ -36,9 +39,17 @@ async fn main() {
 
 async fn run() -> BoxResult<()> {
     logger::init().map_err(|e| format!("Failed to init logger, {}", e))?;
-    let args = Args::parse(matches())?;
+    let cmd = build_cli();
+    let matches = cmd.get_matches();
+    if let Some(generator) = matches.get_one::<Shell>("completions") {
+        let mut cmd = build_cli();
+        print_completions(*generator, &mut cmd);
+        return Ok(());
+    }
+    let args = Args::parse(matches)?;
     let args = Arc::new(args);
-    let handles = serve(args.clone())?;
+    let running = Arc::new(AtomicBool::new(true));
+    let handles = serve(args.clone(), running.clone())?;
     print_listening(args)?;
 
     tokio::select! {
@@ -51,13 +62,17 @@ async fn run() -> BoxResult<()> {
             Ok(())
         },
         _ = shutdown_signal() => {
+            running.store(false, Ordering::SeqCst);
             Ok(())
         },
     }
 }
 
-fn serve(args: Arc<Args>) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>> {
+fn serve(
-    let inner = Arc::new(Server::new(args.clone()));
+    args: Arc<Args>,
+    running: Arc<AtomicBool>,
+) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>> {
+    let inner = Arc::new(Server::new(args.clone(), running));
     let mut handles = vec![];
     let port = args.port;
     for ip in args.addrs.iter() {

src/server.rs

@@ -1,22 +1,21 @@
 use crate::streamer::Streamer;
-use crate::utils::{decode_uri, encode_uri, get_file_name, try_get_file_name};
+use crate::utils::{decode_uri, encode_uri, get_file_name, glob, try_get_file_name};
 use crate::{Args, BoxResult};
-use async_walkdir::{Filtering, WalkDir};
+use walkdir::WalkDir;
 use xml::escape::escape_str_pcdata;
 
 use async_zip::write::{EntryOptions, ZipFileWriter};
 use async_zip::Compression;
 use chrono::{TimeZone, Utc};
-use futures::stream::StreamExt;
 use futures::TryStreamExt;
 use headers::{
-    AcceptRanges, AccessControlAllowCredentials, AccessControlAllowHeaders,
+    AcceptRanges, AccessControlAllowCredentials, AccessControlAllowOrigin, Connection,
-    AccessControlAllowOrigin, Connection, ContentLength, ContentType, ETag, HeaderMap,
+    ContentLength, ContentType, ETag, HeaderMap, HeaderMapExt, IfModifiedSince, IfNoneMatch,
-    HeaderMapExt, IfModifiedSince, IfNoneMatch, IfRange, LastModified, Range,
+    IfRange, LastModified, Range,
 };
 use hyper::header::{
-    HeaderValue, ACCEPT, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE,
+    HeaderValue, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE,
-    CONTENT_TYPE, ORIGIN, RANGE, WWW_AUTHENTICATE,
+    RANGE, WWW_AUTHENTICATE,
 };
 use hyper::{Body, Method, StatusCode, Uri};
 use serde::Serialize;
@@ -24,6 +23,7 @@ use std::fs::Metadata;
 use std::io::SeekFrom;
 use std::net::SocketAddr;
 use std::path::{Path, PathBuf};
+use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 use std::time::SystemTime;
 use tokio::fs::File;
@@ -45,13 +45,30 @@ const BUF_SIZE: usize = 65536;
 pub struct Server {
     args: Arc<Args>,
     assets_prefix: String,
+    single_file_req_paths: Vec<String>,
+    running: Arc<AtomicBool>,
 }
 
 impl Server {
-    pub fn new(args: Arc<Args>) -> Self {
+    pub fn new(args: Arc<Args>, running: Arc<AtomicBool>) -> Self {
         let assets_prefix = format!("{}__dufs_v{}_", args.uri_prefix, env!("CARGO_PKG_VERSION"));
+        let single_file_req_paths = if args.path_is_file {
+            vec![
+                args.uri_prefix.to_string(),
+                args.uri_prefix[0..args.uri_prefix.len() - 1].to_string(),
+                encode_uri(&format!(
+                    "{}{}",
+                    &args.uri_prefix,
+                    get_file_name(&args.path)
+                )),
+            ]
+        } else {
+            vec![]
+        };
         Self {
             args,
+            running,
+            single_file_req_paths,
             assets_prefix,
         }
     }
@@ -61,16 +78,17 @@ impl Server {
         req: Request,
         addr: SocketAddr,
     ) -> Result<Response, hyper::Error> {
-        let method = req.method().clone();
         let uri = req.uri().clone();
         let assets_prefix = self.assets_prefix.clone();
         let enable_cors = self.args.enable_cors;
+        let mut http_log_data = self.args.log_http.data(&req, &self.args);
+        http_log_data.insert("remote_addr".to_string(), addr.ip().to_string());
 
-        let mut res = match self.handle(req).await {
+        let mut res = match self.clone().handle(req).await {
             Ok(res) => {
-                let status = res.status().as_u16();
+                http_log_data.insert("status".to_string(), res.status().as_u16().to_string());
                 if !uri.path().starts_with(&assets_prefix) {
-                    info!(r#"{} "{} {}" - {}"#, addr.ip(), method, uri, status,);
+                    self.args.log_http.log(&http_log_data, None);
                 }
                 res
             }
@@ -78,8 +96,10 @@ impl Server {
                 let mut res = Response::default();
                 let status = StatusCode::INTERNAL_SERVER_ERROR;
                 *res.status_mut() = status;
-                let status = status.as_u16();
+                http_log_data.insert("status".to_string(), status.as_u16().to_string());
-                error!(r#"{} "{} {}" - {} {}"#, addr.ip(), method, uri, status, err);
+                self.args
+                    .log_http
+                    .log(&http_log_data, Some(err.to_string()));
                 res
             }
         };
@@ -116,8 +136,16 @@ impl Server {
         let head_only = method == Method::HEAD;
 
         if self.args.path_is_file {
-            self.handle_send_file(&self.args.path, headers, head_only, &mut res)
+            if self
-                .await?;
+                .single_file_req_paths
+                .iter()
+                .any(|v| v.as_str() == req_path)
+            {
+                self.handle_send_file(&self.args.path, headers, head_only, &mut res)
+                    .await?;
+            } else {
+                status_not_found(&mut res);
+            }
             return Ok(res);
         }
 
@@ -153,9 +181,18 @@ impl Server {
         match method {
             Method::GET | Method::HEAD => {
                 if is_dir {
-                    if render_try_index && query == "zip" {
+                    if render_try_index {
-                        self.handle_zip_dir(path, head_only, &mut res).await?;
+                        if query == "zip" {
-                    } else if render_index || render_spa || render_try_index {
+                            self.handle_zip_dir(path, head_only, &mut res).await?;
+                        } else if allow_search && query.starts_with("q=") {
+                            let q = decode_uri(&query[2..]).unwrap_or_default();
+                            self.handle_search_dir(path, &q, head_only, &mut res)
+                                .await?;
+                        } else {
+                            self.handle_render_index(path, headers, head_only, &mut res)
+                                .await?;
+                        }
+                    } else if render_index || render_spa {
                         self.handle_render_index(path, headers, head_only, &mut res)
                             .await?;
                     } else if query == "zip" {
@@ -228,7 +265,7 @@ impl Server {
                     } else if is_miss {
                         status_not_found(&mut res);
                     } else {
-                        self.handle_copy(path, headers, &mut res).await?
+                        self.handle_copy(path, &req, &mut res).await?
                     }
                 }
                 "MOVE" => {
@@ -237,7 +274,7 @@ impl Server {
                     } else if is_miss {
                         status_not_found(&mut res);
                     } else {
-                        self.handle_move(path, headers, &mut res).await?
+                        self.handle_move(path, &req, &mut res).await?
                     }
                 }
                 "LOCK" => {
@@ -331,34 +368,41 @@ impl Server {
         res: &mut Response,
     ) -> BoxResult<()> {
         let mut paths: Vec<PathItem> = vec![];
-        let hidden = self.args.hidden.to_string();
+        let path_buf = path.to_path_buf();
-        let search = search.to_string();
+        let hidden = Arc::new(self.args.hidden.to_vec());
-        let mut walkdir = WalkDir::new(path).filter(move |entry| {
+        let hidden = hidden.clone();
-            let hidden_cloned = hidden.clone();
+        let running = self.running.clone();
-            let search_cloned = search.clone();
+        let search = search.to_lowercase();
-            async move {
+        let search_paths = tokio::task::spawn_blocking(move || {
+            let mut it = WalkDir::new(&path_buf).into_iter();
+            let mut paths: Vec<PathBuf> = vec![];
+            while let Some(Ok(entry)) = it.next() {
+                if !running.load(Ordering::SeqCst) {
+                    break;
+                }
                 let entry_path = entry.path();
-                let base_name = get_file_name(&entry_path);
+                let base_name = get_file_name(entry_path);
-                if is_hidden(&hidden_cloned, base_name) {
+                let file_type = entry.file_type();
-                    return Filtering::IgnoreDir;
+                if is_hidden(&hidden, base_name) {
+                    if file_type.is_dir() {
+                        it.skip_current_dir();
+                    }
+                    continue;
                 }
-                if !base_name
+                if !base_name.to_lowercase().contains(&search) {
-                    .to_lowercase()
+                    continue;
-                    .contains(&search_cloned.to_lowercase())
-                {
-                    return Filtering::Ignore;
                 }
-                if fs::symlink_metadata(entry.path()).await.is_err() {
+                if entry.path().symlink_metadata().is_err() {
-                    return Filtering::Ignore;
+                    continue;
                 }
-                Filtering::Continue
+                paths.push(entry_path.to_path_buf());
             }
-        });
+            paths
-        while let Some(entry) = walkdir.next().await {
+        })
-            if let Ok(entry) = entry {
+        .await?;
-                if let Ok(Some(item)) = self.to_pathitem(entry.path(), path.to_path_buf()).await {
+        for search_path in search_paths.into_iter() {
-                    paths.push(item);
+            if let Ok(Some(item)) = self.to_pathitem(search_path, path.to_path_buf()).await {
-                }
+                paths.push(item);
             }
         }
         self.send_index(path, paths, true, head_only, res)
@@ -387,8 +431,9 @@ impl Server {
         }
         let path = path.to_owned();
         let hidden = self.args.hidden.clone();
+        let running = self.running.clone();
         tokio::spawn(async move {
-            if let Err(e) = zip_dir(&mut writer, &path, &hidden).await {
+            if let Err(e) = zip_dir(&mut writer, &path, &hidden, running).await {
                 error!("Failed to zip {}, {}", path.display(), e);
             }
         });
@@ -625,16 +670,10 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_copy(
+    async fn handle_copy(&self, path: &Path, req: &Request, res: &mut Response) -> BoxResult<()> {
-        &self,
+        let dest = match self.extract_dest(req, res) {
-        path: &Path,
-        headers: &HeaderMap<HeaderValue>,
-        res: &mut Response,
-    ) -> BoxResult<()> {
-        let dest = match self.extract_dest(headers) {
             Some(dest) => dest,
             None => {
-                *res.status_mut() = StatusCode::BAD_REQUEST;
                 return Ok(());
             }
         };
@@ -653,16 +692,10 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_move(
+    async fn handle_move(&self, path: &Path, req: &Request, res: &mut Response) -> BoxResult<()> {
-        &self,
+        let dest = match self.extract_dest(req, res) {
-        path: &Path,
-        headers: &HeaderMap<HeaderValue>,
-        res: &mut Response,
-    ) -> BoxResult<()> {
-        let dest = match self.extract_dest(headers) {
             Some(dest) => dest,
             None => {
-                *res.status_mut() = StatusCode::BAD_REQUEST;
                 return Ok(());
             }
         };
@@ -781,10 +814,43 @@ DATA = {}
             .unwrap_or_default()
     }
 
-    fn extract_dest(&self, headers: &HeaderMap<HeaderValue>) -> Option<PathBuf> {
+    fn extract_dest(&self, req: &Request, res: &mut Response) -> Option<PathBuf> {
+        let headers = req.headers();
+        let dest_path = match self.extract_destination_header(headers) {
+            Some(dest) => dest,
+            None => {
+                *res.status_mut() = StatusCode::BAD_REQUEST;
+                return None;
+            }
+        };
+        let authorization = headers.get(AUTHORIZATION);
+        let guard_type = self.args.auth.guard(
+            &dest_path,
+            req.method(),
+            authorization,
+            self.args.auth_method.clone(),
+        );
+        if guard_type.is_reject() {
+            *res.status_mut() = StatusCode::FORBIDDEN;
+            *res.body_mut() = Body::from("Forbidden");
+            return None;
+        }
+
+        let dest = match self.extract_path(&dest_path) {
+            Some(dest) => dest,
+            None => {
+                *res.status_mut() = StatusCode::BAD_REQUEST;
+                return None;
+            }
+        };
+
+        Some(dest)
+    }
+
+    fn extract_destination_header(&self, headers: &HeaderMap<HeaderValue>) -> Option<String> {
         let dest = headers.get("Destination")?.to_str().ok()?;
         let uri: Uri = dest.parse().ok()?;
-        self.extract_path(uri.path())
+        Some(uri.path().to_string())
     }
 
     fn extract_path(&self, path: &str) -> Option<PathBuf> {
@@ -969,11 +1035,19 @@ fn add_cors(res: &mut Response) {
         .typed_insert(AccessControlAllowOrigin::ANY);
     res.headers_mut()
         .typed_insert(AccessControlAllowCredentials);
-
+    res.headers_mut().insert(
-    res.headers_mut().typed_insert(
+        "Access-Control-Allow-Methods",
-        vec![RANGE, CONTENT_TYPE, ACCEPT, ORIGIN, WWW_AUTHENTICATE]
+        HeaderValue::from_static("GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"),
-            .into_iter()
+    );
-            .collect::<AccessControlAllowHeaders>(),
+    res.headers_mut().insert(
+        "Access-Control-Allow-Headers",
+        HeaderValue::from_static("Authorization,Destination,Range"),
+    );
+    res.headers_mut().insert(
+        "Access-Control-Expose-Headers",
+        HeaderValue::from_static(
+            "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition",
+        ),
     );
 }
 
@@ -992,41 +1066,54 @@ fn res_multistatus(res: &mut Response, content: &str) {
     ));
 }
 
-async fn zip_dir<W: AsyncWrite + Unpin>(writer: &mut W, dir: &Path, hidden: &str) -> BoxResult<()> {
+async fn zip_dir<W: AsyncWrite + Unpin>(
+    writer: &mut W,
+    dir: &Path,
+    hidden: &[String],
+    running: Arc<AtomicBool>,
+) -> BoxResult<()> {
     let mut writer = ZipFileWriter::new(writer);
-    let hidden = hidden.to_string();
+    let hidden = Arc::new(hidden.to_vec());
-    let mut walkdir = WalkDir::new(dir).filter(move |entry| {
+    let hidden = hidden.clone();
-        let hidden = hidden.clone();
+    let dir_path_buf = dir.to_path_buf();
-        async move {
+    let zip_paths = tokio::task::spawn_blocking(move || {
+        let mut it = WalkDir::new(&dir_path_buf).into_iter();
+        let mut paths: Vec<PathBuf> = vec![];
+        while let Some(Ok(entry)) = it.next() {
+            if !running.load(Ordering::SeqCst) {
+                break;
+            }
             let entry_path = entry.path();
-            let base_name = get_file_name(&entry_path);
+            let base_name = get_file_name(entry_path);
+            let file_type = entry.file_type();
             if is_hidden(&hidden, base_name) {
-                return Filtering::IgnoreDir;
+                if file_type.is_dir() {
+                    it.skip_current_dir();
+                }
+                continue;
             }
-            let meta = match fs::symlink_metadata(entry.path()).await {
+            if entry.path().symlink_metadata().is_err() {
-                Ok(meta) => meta,
+                continue;
-                Err(_) => return Filtering::Ignore,
-            };
-            if !meta.is_file() {
-                return Filtering::Ignore;
             }
-            Filtering::Continue
+            if !file_type.is_file() {
-        }
+                continue;
-    });
+            }
-    while let Some(entry) = walkdir.next().await {
+            paths.push(entry_path.to_path_buf());
-        if let Ok(entry) = entry {
-            let entry_path = entry.path();
-            let filename = match entry_path.strip_prefix(dir).ok().and_then(|v| v.to_str()) {
-                Some(v) => v,
-                None => continue,
-            };
-            let entry_options = EntryOptions::new(filename.to_owned(), Compression::Deflate)
-                .unix_permissions(0o644);
-            let mut file = File::open(&entry_path).await?;
-            let mut file_writer = writer.write_entry_stream(entry_options).await?;
-            io::copy(&mut file, &mut file_writer).await?;
-            file_writer.close().await?;
         }
+        paths
+    })
+    .await?;
+    for zip_path in zip_paths.into_iter() {
+        let filename = match zip_path.strip_prefix(dir).ok().and_then(|v| v.to_str()) {
+            Some(v) => v,
+            None => continue,
+        };
+        let entry_options =
+            EntryOptions::new(filename.to_owned(), Compression::Deflate).unix_permissions(0o644);
+        let mut file = File::open(&zip_path).await?;
+        let mut file_writer = writer.write_entry_stream(entry_options).await?;
+        io::copy(&mut file, &mut file_writer).await?;
+        file_writer.close().await?;
     }
     writer.close().await?;
     Ok(())
@@ -1087,8 +1174,8 @@ fn status_no_content(res: &mut Response) {
     *res.status_mut() = StatusCode::NO_CONTENT;
 }
 
-fn is_hidden(hidden: &str, file_name: &str) -> bool {
+fn is_hidden(hidden: &[String], file_name: &str) -> bool {
-    hidden.contains(&format!(",{},", file_name))
+    hidden.iter().any(|v| glob(v, file_name))
 }
 
 fn set_webdav_headers(res: &mut Response) {

src/utils.rs

@@ -23,3 +23,61 @@ pub fn try_get_file_name(path: &Path) -> BoxResult<&str> {
         .and_then(|v| v.to_str())
         .ok_or_else(|| format!("Failed to get file name of `{}`", path.display()).into())
 }
+
+pub fn glob(source: &str, target: &str) -> bool {
+    let ss: Vec<char> = source.chars().collect();
+    let mut iter = target.chars();
+    let mut i = 0;
+    'outer: while i < ss.len() {
+        let s = ss[i];
+        match s {
+            '*' => match ss.get(i + 1) {
+                Some(s_next) => {
+                    for t in iter.by_ref() {
+                        if t == *s_next {
+                            i += 2;
+                            continue 'outer;
+                        }
+                    }
+                    return true;
+                }
+                None => return true,
+            },
+            '?' => match iter.next() {
+                Some(_) => {
+                    i += 1;
+                    continue;
+                }
+                None => return false,
+            },
+            _ => match iter.next() {
+                Some(t) => {
+                    if s == t {
+                        i += 1;
+                        continue;
+                    }
+                    return false;
+                }
+                None => return false,
+            },
+        }
+    }
+    iter.next().is_none()
+}
+
+#[test]
+fn test_glob_key() {
+    assert!(glob("", ""));
+    assert!(glob(".*", ".git"));
+    assert!(glob("abc", "abc"));
+    assert!(glob("a*c", "abc"));
+    assert!(glob("a?c", "abc"));
+    assert!(glob("a*c", "abbc"));
+    assert!(glob("*c", "abc"));
+    assert!(glob("a*", "abc"));
+    assert!(glob("?c", "bc"));
+    assert!(glob("a?", "ab"));
+    assert!(!glob("abc", "adc"));
+    assert!(!glob("abc", "abcd"));
+    assert!(!glob("a?c", "abbc"));
+}

tests/args.rs

@@ -1,11 +1,10 @@
+//! Run file server with different args
+
 mod fixtures;
 mod utils;
 
-use assert_cmd::prelude::*;
+use fixtures::{server, Error, TestServer};
-use assert_fs::fixture::TempDir;
-use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
 use rstest::rstest;
-use std::process::{Command, Stdio};
 
 #[rstest]
 fn path_prefix_index(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
@@ -31,22 +30,3 @@ fn path_prefix_propfind(
     assert!(text.contains("<D:href>/xyz/</D:href>"));
     Ok(())
 }
-
-#[rstest]
-#[case("index.html")]
-fn serve_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
-    let mut child = Command::cargo_bin("dufs")?
-        .arg(tmpdir.path().join(file))
-        .arg("-p")
-        .arg(port.to_string())
-        .stdout(Stdio::piped())
-        .spawn()?;
-
-    wait_for_port(port);
-
-    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
-    assert_eq!(resp.text()?, "This is index.html");
-
-    child.kill()?;
-    Ok(())
-}

tests/auth.rs

@@ -95,3 +95,29 @@ fn auth_basic(
     assert_eq!(resp.status(), 201);
     Ok(())
 }
+
+#[rstest]
+fn auth_webdav_move(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dira/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn auth_webdav_copy(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dira/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}

tests/cli.rs

@@ -0,0 +1,32 @@
+//! Run cli with different args, not starting a server
+
+mod fixtures;
+
+use assert_cmd::prelude::*;
+use clap::ValueEnum;
+use clap_complete::Shell;
+use fixtures::Error;
+use std::process::Command;
+
+#[test]
+/// Show help and exit.
+fn help_shows() -> Result<(), Error> {
+    Command::cargo_bin("dufs")?.arg("-h").assert().success();
+
+    Ok(())
+}
+
+#[test]
+/// Print completions and exit.
+fn print_completions() -> Result<(), Error> {
+    // let shell_enums = EnumValueParser::<Shell>::new();
+    for shell in Shell::value_variants() {
+        Command::cargo_bin("dufs")?
+            .arg("--completions")
+            .arg(shell.to_string())
+            .assert()
+            .success();
+    }
+
+    Ok(())
+}

tests/cors.rs

@@ -7,31 +7,27 @@ use rstest::rstest;
 #[rstest]
 fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
-
     assert_eq!(
         resp.headers().get("access-control-allow-origin").unwrap(),
         "*"
     );
     assert_eq!(
-        resp.headers().get("access-control-allow-headers").unwrap(),
+        resp.headers()
-        "range, content-type, accept, origin, www-authenticate"
+            .get("access-control-allow-credentials")
+            .unwrap(),
+        "true"
     );
-
-    Ok(())
-}
-
-#[rstest]
-fn cors_options(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
-    let resp = fetch!(b"OPTIONS", server.url()).send()?;
-
     assert_eq!(
-        resp.headers().get("access-control-allow-origin").unwrap(),
+        resp.headers().get("access-control-allow-methods").unwrap(),
-        "*"
+        "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
     );
     assert_eq!(
         resp.headers().get("access-control-allow-headers").unwrap(),
-        "range, content-type, accept, origin, www-authenticate"
+        "Authorization,Destination,Range"
+    );
+    assert_eq!(
+        resp.headers().get("access-control-expose-headers").unwrap(),
+        "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition"
     );
-
     Ok(())
 }

tests/log_http.rs

@@ -0,0 +1,78 @@
+mod fixtures;
+mod utils;
+
+use diqwest::blocking::WithDigestAuth;
+use fixtures::{port, tmpdir, wait_for_port, Error};
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use rstest::rstest;
+use std::io::Read;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case(&["-a", "/@user:pass", "--log-format", "$remote_user"], false)]
+#[case(&["-a", "/@user:pass", "--log-format", "$remote_user", "--auth-method", "basic"], true)]
+fn log_remote_user(
+    tmpdir: TempDir,
+    port: u16,
+    #[case] args: &[&str],
+    #[case] is_basic: bool,
+) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args)
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
+
+    let req = fetch!(b"GET", &format!("http://localhost:{}", port));
+
+    let resp = if is_basic {
+        req.basic_auth("user", Some("pass")).send()?
+    } else {
+        req.send_with_digest_auth("user", "pass")?
+    };
+
+    assert_eq!(resp.status(), 200);
+
+    let mut buf = [0; 1000];
+    let buf_len = stdout.read(&mut buf)?;
+    let output = std::str::from_utf8(&buf[0..buf_len])?;
+
+    assert!(output.lines().last().unwrap().ends_with("user"));
+
+    child.kill()?;
+    Ok(())
+}
+
+#[rstest]
+#[case(&["--log-format", ""])]
+fn no_log(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args)
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
+
+    let resp = fetch!(b"GET", &format!("http://localhost:{}", port)).send()?;
+    assert_eq!(resp.status(), 200);
+
+    let mut buf = [0; 1000];
+    let buf_len = stdout.read(&mut buf)?;
+    let output = std::str::from_utf8(&buf[0..buf_len])?;
+
+    assert_eq!(output.lines().last().unwrap(), "");
+    Ok(())
+}

tests/render.rs

@@ -50,6 +50,18 @@ fn render_try_index3(#[with(&["--render-try-index"])] server: TestServer) -> Res
     Ok(())
 }
 
+#[rstest]
+#[case(server(&["--render-try-index"] as &[&str]), false)]
+#[case(server(&["--render-try-index", "--allow-search"] as &[&str]), true)]
+fn render_try_index4(#[case] server: TestServer, #[case] searched: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}?q={}", server.url(), DIR_NO_INDEX, "😀.bin"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    assert_eq!(paths.iter().all(|v| v.contains("😀.bin")), searched);
+    Ok(())
+}
+
 #[rstest]
 fn render_spa(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;

tests/single_file.rs

@@ -0,0 +1,60 @@
+//! Run file server with different args
+
+mod fixtures;
+mod utils;
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, tmpdir, wait_for_port, Error};
+use rstest::rstest;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case("index.html")]
+fn single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+
+    child.kill()?;
+    Ok(())
+}
+
+#[rstest]
+#[case("index.html")]
+fn path_prefix_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .arg("--path-prefix")
+        .arg("xyz")
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz/", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}", port))?;
+    assert_eq!(resp.status(), 404);
+
+    child.kill()?;
+    Ok(())
+}