Simple webDAV auth implementation (#82)

cmd/distribyted/main.go

@@ -161,7 +161,7 @@ func load(configPath string, port, webDAVPort int, fuseAllowOther bool) error {
 				return
 			}
 
-			if err := webdav.NewWebDAVServer(cfs, port); err != nil {
+			if err := webdav.NewWebDAVServer(cfs, port, conf.WebDAV.User, conf.WebDAV.Pass); err != nil {
 				log.Error().Err(err).Msg("error starting webDAV")
 			}
 		}

config/config.go

@@ -20,6 +20,8 @@ func DefaultConfig() *Root {
 		},
 		WebDAV: &WebDAVGlobal{
 			Port: 36911,
+			User: "admin",
+			Pass: "admin",
 		},
 		Torrent: &TorrentGlobal{
 			GlobalCacheSize: 1024,

config/model.go

@@ -18,6 +18,8 @@ type TorrentGlobal struct {
 
 type WebDAVGlobal struct {
 	Port int    `yaml:"port"`
+	User string `yaml:"user"`
+	Pass string `yaml:"pass"`
 }
 
 type HTTPGlobal struct {

templates/config_template.yaml

@@ -7,6 +7,8 @@ http:
 # WebDAV specific configuration. Remove this to disable WebDAV.
 webdav:
   port: 36911
+  user: admin
+  pass: admin
 
 # Specific configuration for torrent backend.
 torrent:

webdav/http.go

@@ -8,7 +8,22 @@ import (
 	"github.com/rs/zerolog/log"
 )
 
-func NewWebDAVServer(fs fs.Filesystem, port int) error {
+func NewWebDAVServer(fs fs.Filesystem, port int, user, pass string) error {
 	log.Info().Str("host", fmt.Sprintf("0.0.0.0:%d", port)).Msg("starting webDAV server")
-	return http.ListenAndServe(fmt.Sprintf("0.0.0.0:%d", port), newHandler(fs))
+
+	srv := newHandler(fs)
+
+	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		username, password, _ := r.BasicAuth()
+		if username == user && password == pass {
+			srv.ServeHTTP(w, r)
+			return
+		}
+
+		w.Header().Set("WWW-Authenticate", `Basic realm="BASIC WebDAV REALM"`)
+		w.WriteHeader(401)
+		w.Write([]byte("401 Unauthorized\n"))
+	})
+
+	return http.ListenAndServe(fmt.Sprintf("0.0.0.0:%d", port), nil)
 }