sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-08 16:49:02 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

[GH-ISSUE #510] auth cannot remain in all path #293

New Issue
Closed
opened 2026-04-08 16:51:47 +03:00 by zhus · 1 comment
zhus commented 2026-04-08 16:51:47 +03:00
Owner
Copy Link

Originally created by @yuf19-2022 on GitHub (Dec 24, 2024).
Original GitHub issue: https://github.com/sigoden/dufs/issues/510

Problem

eg:/a/b/c is a non-auth path,i enter this path,and i login and auth ok,when i back to its parent path:/a/b,even if i refresh my brower,i cannot see other dir thst needs to be authed.i have to auth in /a/b again.

as you can see: i have /file/public(non-auth),/file/user(need to auth),when i auth in /file/public,i back to its parent path:/file,even if i refresh my brower,i can not see /file/user dir,i have to auth again.

Configuration

serve-path: 'C:\dufs'
bind: 0.0.0.0
port: 5000
path-prefix: /
auth:

  • admin:admin@/:rw
  • userA:userA@/file/user/private/userA,/file/user/public
  • "@/product/index.html,/file/public" # According to the YAML spec, quoting is required.
    allow-all: false
    allow-upload: true
    allow-delete: true
    allow-search: true
    allow-symlink: true
    allow-archive: true
    enable-cors: true
    render-index: false
    render-try-index: true
    render-spa: false
    assets: C:\Users\yuf19\software\dufs-v0.43.0-x86_64-pc-windows-msvc\assets
    log-format: '$remote_addr $remote_user "$request" $status $http_user_agent'
    log-file: C:\Users\yuf19\software\dufs-v0.43.0-x86_64-pc-windows-msvc\log\dufs.log
    compress: high

Log

2024-12-24T18:26:26+08:00 INFO - 127.0.0.1 - "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:27:30+08:00 INFO - 127.0.0.1 - "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:27:33+08:00 INFO - 127.0.0.1 - "GET /file/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:27:39+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:27:45+08:00 INFO - 127.0.0.1 - "CHECKAUTH /file/public/" 401 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:27:47+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:27:49+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:29:31+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:23+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:29+08:00 INFO - 127.0.0.1 - "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:32+08:00 INFO - 127.0.0.1 - "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:35+08:00 INFO - 127.0.0.1 - "GET /file/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:36+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:39+08:00 INFO - 127.0.0.1 - "CHECKAUTH /file/public/" 401 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:41+08:00 INFO - 127.0.0.1 admin "CHECKAUTH /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:41+08:00 INFO - 127.0.0.1 admin "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:47+08:00 INFO - 127.0.0.1 admin "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:49+08:00 INFO - 127.0.0.1 - "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:56+08:00 INFO - 127.0.0.1 - "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:59+08:00 INFO - 127.0.0.1 - "CHECKAUTH /file" 401 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:59+08:00 INFO - 127.0.0.1 admin "CHECKAUTH /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:30:59+08:00 INFO - 127.0.0.1 admin "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:31:04+08:00 INFO - 127.0.0.1 admin "GET /file/user/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:31:08+08:00 INFO - 127.0.0.1 admin "GET /file/user/private/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:31:10+08:00 INFO - 127.0.0.1 admin "GET /file/user/private/userA/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:31:12+08:00 INFO - 127.0.0.1 admin "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:31:16+08:00 INFO - 127.0.0.1 admin "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
2024-12-24T18:31:19+08:00 INFO - 127.0.0.1 admin "GET /file/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Screenshots/Media

https://github.com/user-attachments/assets/ebf62c7f-3658-4a80-bf20-ef7fe48c8529

Environment Information

  • Dufs version:v0.43.0
  • Browser/Webdav info:chrome
  • OS info:windows 11
  • Proxy server (if any): no
Originally created by @yuf19-2022 on GitHub (Dec 24, 2024). Original GitHub issue: https://github.com/sigoden/dufs/issues/510 **Problem** eg:/a/b/c is a non-auth path,i enter this path,and i login and auth ok,when i back to its parent path:/a/b,even if i refresh my brower,i cannot see other dir thst needs to be authed.i have to auth in /a/b again. as you can see: i have /file/public(non-auth),/file/user(need to auth),when i auth in /file/public,i back to its parent path:/file,even if i refresh my brower,i can not see /file/user dir,i have to auth again. **Configuration** serve-path: 'C:\dufs' bind: 0.0.0.0 port: 5000 path-prefix: / auth: - admin:admin@/:rw - userA:userA@/file/user/private/userA,/file/user/public - "@/product/index.html,/file/public" # According to the YAML spec, quoting is required. allow-all: false allow-upload: true allow-delete: true allow-search: true allow-symlink: true allow-archive: true enable-cors: true render-index: false render-try-index: true render-spa: false assets: C:\Users\yuf19\software\dufs-v0.43.0-x86_64-pc-windows-msvc\assets\ log-format: '$remote_addr $remote_user "$request" $status $http_user_agent' log-file: C:\Users\yuf19\software\dufs-v0.43.0-x86_64-pc-windows-msvc\log\dufs.log compress: high **Log** 2024-12-24T18:26:26+08:00 INFO - 127.0.0.1 - "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:27:30+08:00 INFO - 127.0.0.1 - "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:27:33+08:00 INFO - 127.0.0.1 - "GET /file/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:27:39+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:27:45+08:00 INFO - 127.0.0.1 - "CHECKAUTH /file/public/" 401 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:27:47+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:27:49+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:29:31+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:23+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:29+08:00 INFO - 127.0.0.1 - "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:32+08:00 INFO - 127.0.0.1 - "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:35+08:00 INFO - 127.0.0.1 - "GET /file/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:36+08:00 INFO - 127.0.0.1 - "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:39+08:00 INFO - 127.0.0.1 - "CHECKAUTH /file/public/" 401 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:41+08:00 INFO - 127.0.0.1 admin "CHECKAUTH /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:41+08:00 INFO - 127.0.0.1 admin "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:47+08:00 INFO - 127.0.0.1 admin "GET /file/public/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:49+08:00 INFO - 127.0.0.1 - "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:56+08:00 INFO - 127.0.0.1 - "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:59+08:00 INFO - 127.0.0.1 - "CHECKAUTH /file" 401 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:59+08:00 INFO - 127.0.0.1 admin "CHECKAUTH /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:30:59+08:00 INFO - 127.0.0.1 admin "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:31:04+08:00 INFO - 127.0.0.1 admin "GET /file/user/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:31:08+08:00 INFO - 127.0.0.1 admin "GET /file/user/private/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:31:10+08:00 INFO - 127.0.0.1 admin "GET /file/user/private/userA/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:31:12+08:00 INFO - 127.0.0.1 admin "GET /file" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:31:16+08:00 INFO - 127.0.0.1 admin "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 2024-12-24T18:31:19+08:00 INFO - 127.0.0.1 admin "GET /file/" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 **Screenshots/Media** https://github.com/user-attachments/assets/ebf62c7f-3658-4a80-bf20-ef7fe48c8529 **Environment Information** - Dufs version:v0.43.0 - Browser/Webdav info:chrome - OS info:windows 11 - Proxy server (if any): no
zhus closed this issue 2026-04-08 16:51:47 +03:00
zhus commented 2026-04-08 16:51:48 +03:00
Author
Owner
Copy Link

@sigoden commented on GitHub (Dec 24, 2024):

I have confirmed the issue, but there is no solution to it.

The user successfully logged in on the /a/b/c page, but when accessing the /a/b page, the browser did not automatically carry the authorization information, which is why the problem occurred.

However, if the user logs in from the page /a, they can access /a/b/c normally because the browser automatically carries the authorization information.

A less elegant solution is to log in again from the parent path, but fortunately there is no need to re-enter the username/password.

https://github.com/user-attachments/assets/e6157373-d148-4d35-b751-cd71591c90ef

Watch the video at 10:00 and you can see that the user can re-login without re-entering the username/password

<!-- gh-comment-id:2561011808 --> @sigoden commented on GitHub (Dec 24, 2024): I have confirmed the issue, but there is no solution to it. The user successfully logged in on the /a/b/c page, but when accessing the /a/b page, the browser did not automatically carry the authorization information, which is why the problem occurred. However, if the user logs in from the page /a, they can access /a/b/c normally because the browser automatically carries the authorization information. A less elegant solution is to log in again from the parent path, but fortunately there is no need to re-enter the username/password. https://github.com/user-attachments/assets/e6157373-d148-4d35-b751-cd71591c90ef Watch the video at 10:00 and you can see that the user can re-login without re-entering the username/password
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug
enhancement
help wanted
pull-request
Mirrored from GitHub Pull Request
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
zhus
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sigoden/dufs#293
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?