ShareDAV/main.go

// Copyright (c) 2018, Andreas Schneider
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
//     * Redistributions of source code must retain the above copyright
//       notice, this list of conditions and the following disclaimer.
//     * Redistributions in binary form must reproduce the above copyright
//       notice, this list of conditions and the following disclaimer in the
//       documentation and/or other materials provided with the distribution.
//     * Neither the name of the <organization> nor the
//       names of its contributors may be used to endorse or promote products
//       derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL <COPYRIGHT HOLDER> BE LIABLE FOR ANY
// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
// LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
// ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
// SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

package main

import (
	"context"
	"flag"
	"fmt"
	pwgen "github.com/sethvargo/go-password/password"
	"golang.org/x/crypto/bcrypt"
	"golang.org/x/net/webdav"
	"math/rand"
	"net/http"
	"time"
)

var configFile = flag.String("config", "sharedav.yaml", "Config file to be used.")
var genPassword = flag.Bool("genpass", false, "If set, a password will be generated and hashed.")
var hashPassword = flag.String("hashpass", "", "If set, the given password will be hashed.")

func main() {
	flag.Parse()

	if *genPassword {
		// math.rand is not secure. For determining the number of digits in a password
		// it should suffice, though.
		rand.Seed(time.Now().UnixNano())
		pwLen := 32
		pw, err := pwgen.Generate(pwLen, rand.Intn(pwLen/2), 0, false, true)
		if err != nil {
			panic(err)
		}
		hash, err := bcrypt.GenerateFromPassword([]byte(pw), 0)
		if err != nil {
			panic(err)
		}

		fmt.Printf("Password: %s\n", pw)
		fmt.Printf("    Hash: %s\n", hash)
		return
	} else if *hashPassword != "" {
		hash, err := bcrypt.GenerateFromPassword([]byte(*hashPassword), 0)
		if err != nil {
			panic(err)
		}
		fmt.Println(string(hash))
		return
	}

	c := LoadConfig(*configFile)

	h := &webdav.Handler{}
	h.LockSystem = webdav.NewMemLS()
	h.FileSystem = BaseDir(c.BaseDirectory)

	authenticatedWebdavHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		username, password, ok := r.BasicAuth()
		directory := ""
		if ok {
			ok, directory = c.ValidateDAVUser(username, password)
		}
		if !ok {
			w.Header().Set("WWW-Authenticate", `Basic realm="ShareDAV"`)
			http.Error(w, "unauthorized", http.StatusUnauthorized)
			return
		}

		// Use the WebDAV handler to actually serve the request. Also enhance the context
		// to contain the subdirectory (of the base directory) which contains the data for
		// the authenticated user.
		h.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), "dir", directory)))
	})

	http.ListenAndServe(c.ListenAddress, authenticatedWebdavHandler)
}