Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to interface with the authentication #134

Open
Daxcor69 opened this issue Jan 28, 2024 · 4 comments
Open

How to interface with the authentication #134

Daxcor69 opened this issue Jan 28, 2024 · 4 comments

Comments

@Daxcor69
Copy link

I am looking to use mongo db as a authentication source for the server. I know nothing about TS and using classes and constructors. I am trying to understand the examples given but it just doesn't make any sense.

here is what Understand so far

const userManager = new webdav.SimpleUserManager();
const user = userManager.addUser("username", "password", false);

// Create a new server instance
const server = new webdav.WebDAVServer({
  // HTTP Basic authentication
  httpAuthentication: new webdav.HTTPBasicAuthentication(userManager, "Default realm"),
  rootFileSystem: new webdav.PhysicalFileSystem("/tmp/"),
});

When the sever starts, it adds the values for this user to some sort of memory table. Then when the requests comes it is compared and go or no go.

What I am looking for is the ability to get the incoming Basic auth values and look up my mongo table instead. I just can't figure out how to grab the values on connection, or does the server have to preload all the values ahead of any connection?

I have goggled around looking for some examples, if you have anything you can share would be most appreciative.
Thanks,
@Daxcor69
Copy link
Author

Ok with the help of chatGPT here is what I got working. This might help someone else

const webdav = require("webdav-server").v2;

class SimpleUserManager extends webdav.SimpleUserManager {
  async getUserByNamePassword(name, password, callback) {
    let user = await User.findOne({ username: name }).select("+password");

    if (!user) {
      callback(new Error("Bad Authentication"));
    } else {
      if (await user.matchPassword(password)) {
        callback(null, this.addUser(user.name, user.password, false));
      } else {
        callback(new Error("Bad Authentication"));
      }
    }
  }
}

const userManager = new SimpleUserManager();

// Create a new server instance
const server = new webdav.WebDAVServer({
  // HTTP Basic authentication
  httpAuthentication: new webdav.HTTPBasicAuthentication(userManager, "Default realm"),
  rootFileSystem: new webdav.PhysicalFileSystem("/tmp/"),
});

// Start the server
server.start((s) => console.log("Ready on port", s.address().port));

@Daxcor69
Copy link
Author

I am running into an issue, that windows 11, is totally bypassing the authentication and allows full access with out credentials. Any idea why?

@Daxcor69
Copy link
Author

Adding requireAuthentification: true, has stopped the windows file explorer from having access, but now it wont grant access with the right credentials presented. I tired strictmode on and off. Any suggestions?

@hironico
Copy link

Hi,

I would try using a privilege manager that allows access only to users that belongs to a directory.
This is the way I manage user access rights RO, RW to my directories.
privilege manager can also manage disk space quota.

To acheive this I do :

  1. build user config from a json file or whatever is your preference
  2. for each user returned by user manager, configure the privilege manager to set user rights and compute quota used.
  3. when creating server then affect the privilege manager in the config

Hope this helps !

Cheers

N.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@hironico @Daxcor69