2024-01-11 12:08:39 +01:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
|
|
|
"github.com/photoprism/photoprism/internal/entity"
|
|
|
|
"github.com/photoprism/photoprism/internal/event"
|
|
|
|
"github.com/photoprism/photoprism/pkg/header"
|
|
|
|
"github.com/photoprism/photoprism/pkg/rnd"
|
|
|
|
)
|
|
|
|
|
|
|
|
// WebDAVAuthSession returns the client session that belongs to the auth token provided, or returns nil if it was not found.
|
|
|
|
func WebDAVAuthSession(c *gin.Context, authToken string) (sess *entity.Session, user *entity.User, sid string, cached bool) {
|
|
|
|
if authToken == "" {
|
|
|
|
// Abort authentication if no token was provided.
|
|
|
|
return nil, nil, "", false
|
2024-01-17 14:16:02 +01:00
|
|
|
} else if !rnd.IsAuthAny(authToken) {
|
2024-01-11 12:08:39 +01:00
|
|
|
// Abort authentication if token doesn't match expected format.
|
|
|
|
return nil, nil, "", false
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get session ID for the auth token provided.
|
|
|
|
sid = rnd.SessionID(authToken)
|
|
|
|
|
|
|
|
// Check if client authorization has been cached to improve performance.
|
|
|
|
if cacheData, found := webdavAuthCache.Get(sid); found && cacheData != nil {
|
|
|
|
// Add cached user information to the request context.
|
|
|
|
user = cacheData.(*entity.User)
|
|
|
|
return nil, user, sid, true
|
|
|
|
}
|
|
|
|
|
|
|
|
var err error
|
|
|
|
|
|
|
|
// Find the session based on the hashed token used as session ID and return it.
|
|
|
|
sess, err = entity.FindSession(sid)
|
|
|
|
|
|
|
|
// Log error and return nil if no matching session was found.
|
|
|
|
if sess == nil || err != nil {
|
|
|
|
event.AuditErr([]string{header.ClientIP(c), "access webdav", "invalid auth token or secret"})
|
|
|
|
return nil, nil, sid, false
|
|
|
|
}
|
|
|
|
|
|
|
|
// Update the client IP and the user agent from
|
|
|
|
// the request context if they have changed.
|
|
|
|
sess.UpdateContext(c)
|
|
|
|
|
|
|
|
// Returns session and user if all checks have passed.
|
|
|
|
return sess, sess.User(), sid, false
|
|
|
|
}
|