projects / factbooks / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 7d9943f f0b6030)
Merge remote-tracking branch 'origin/master'
authorLanius Trolling <lanius@laniustrolling.dev>
Sun, 22 Dec 2024 21:00:37 +0000 (16:00 -0500)
committerLanius Trolling <lanius@laniustrolling.dev>
Sun, 22 Dec 2024 21:00:37 +0000 (16:00 -0500)
# Conflicts:
# src/main/kotlin/info/mechyrdia/route/ResourceWebDav.kt

1  2 
src/main/kotlin/info/mechyrdia/route/ResourceWebDav.kt patch | diff1 | diff2 | blob | history

diff --cc src/main/kotlin/info/mechyrdia/route/ResourceWebDav.kt
index 04eebdc1e0256fb2a8922563504a37b1d99c8965,1d0949a9230f24192d56a38d95c9c1443db76e88..15742d133103c85679b8e0b1a5e06c932f09f383
--- 1/src/main/kotlin/info/mechyrdia/route/ResourceWebDav.kt
--- 2/src/main/kotlin/info/mechyrdia/route/ResourceWebDav.kt
+++ b/src/main/kotlin/info/mechyrdia/route/ResourceWebDav.kt
@@@ -44,8 -41,9 +44,8 @@@ import java.time.ZoneOffse
  import java.time.ZonedDateTime
  import java.time.format.DateTimeFormatter
  import java.util.Base64
 -import java.util.UUID
  
- const val WebDavDomainName = "http://localhost:8180"
+ const val WebDavDomainName = "https://dav.mechyrdia.info"
  
  private val dateTimeFormatter = DateTimeFormatter.ISO_OFFSET_DATE_TIME
  
@@@ -199,9 -197,9 +199,9 @@@ private val base64Decoder = Base64.getD
  
  fun ApplicationRequest.basicAuth(): Pair<String, String>? {
        val auth = authorization() ?: return null
-       if (!auth.startsWith(" ")) return null
+       if (!auth.startsWith("Basic ")) return null
        val basic = auth.substring(6)
 -      return String(base64Decoder.decode(basic))
 +      return String(base64Decoder.decode(basic), Utf8)
                .split(':', limit = 2)
                .let { (user, pass) -> user to pass }
  }
@@@ -209,16 -207,13 +209,13 @@@
  suspend fun ApplicationCall.beforeWebDav() {
        attributes.put(WebDavAttributeKey, true)
        
 -      val (user, token) = request.basicAuth() ?: throw WebDavAuthRequired()
 -      val tokenData = WebDavToken.Table.get(Id(token)) ?: throw WebDavAuthRequired()
 +      response.header(HttpHeaders.DAV, "1,2")
        
-       if (Configuration.Current.isDevMode)
-               return
-       
 -      if (tokenData.holder.id != user.toNationId() || tokenData.validUntil < Instant.now())
 -              throw WebDavAuthRequired()
 +      val (tokenId, tokenPw) = request.basicAuth() ?: throw WebDavAuthRequired()
 +      val tokenData = WebDavToken.Table.get(Id(tokenId)) ?: throw WebDavAuthRequired()
        
 -      response.header(HttpHeaders.DAV, "1,2")
 +      if (tokenData.validUntil < Instant.now() || !Argon2Hasher.verifyHash(tokenData.pwHash, tokenPw))
 +              throw WebDavAuthRequired()
  }
  
  suspend fun ApplicationCall.webDavOptions() {
The source code for the factbook-hosting web application at https://mechyrdia.info/