diff --git a/bootstrap/setting.go b/bootstrap/setting.go index b3bfbf8a..4834699a 100644 --- a/bootstrap/setting.go +++ b/bootstrap/setting.go @@ -158,7 +158,7 @@ func InitSettings() { }, { Key: "WebDAV username", - Value: "alist", + Value: "alist_admin", Description: "WebDAV username", Type: "string", Access: model.PRIVATE, @@ -166,12 +166,44 @@ func InitSettings() { }, { Key: "WebDAV password", - Value: "alist", + Value: "alist_admin", Description: "WebDAV password", Type: "string", Access: model.PRIVATE, Group: model.BACK, }, + { + Key: "artplayer whitelist", + Value: "*", + Description: "refer to https://artplayer.org/document/options#whitelist", + Type: "string", + Access: model.PUBLIC, + Group: model.FRONT, + }, + { + Key: "artplayer autoSize", + Value: "true", + Description: "refer to https://artplayer.org/document/options#autosize", + Type: "bool", + Access: model.PUBLIC, + Group: model.FRONT, + }, + { + Key: "Visitor WebDAV username", + Value: "alist_visitor", + Description: "Visitor WebDAV username", + Type: "string", + Access: model.PRIVATE, + Group: model.BACK, + }, + { + Key: "Visitor WebDAV password", + Value: "alist_visitor", + Description: "Visitor WebDAV password", + Type: "string", + Access: model.PRIVATE, + Group: model.BACK, + }, } for i, _ := range settings { v := settings[i] diff --git a/conf/var.go b/conf/var.go index 504337a1..07b2e3aa 100644 --- a/conf/var.go +++ b/conf/var.go @@ -45,7 +45,9 @@ var ( CheckParent bool CheckDown bool - Token string - DavUsername string - DavPassword string + Token string + DavUsername string + DavPassword string + VisitorDavUsername string + VisitorDavPassword string ) diff --git a/model/setting.go b/model/setting.go index e817a61c..37233e82 100644 --- a/model/setting.go +++ b/model/setting.go @@ -132,4 +132,12 @@ func LoadSettings() { if err == nil { conf.DavPassword = davPassword.Value } + visitorDavUsername, err := GetSettingByKey("Visitor WebDAV username") + if err == nil { + conf.VisitorDavUsername = visitorDavUsername.Value + } + visitorDavPassword, err := GetSettingByKey("Visitor WebDAV password") + if err == nil { + conf.VisitorDavPassword = visitorDavPassword.Value + } } diff --git a/server/webdav.go b/server/webdav.go index bf24f508..f19095be 100644 --- a/server/webdav.go +++ b/server/webdav.go @@ -3,6 +3,7 @@ package server import ( "github.com/Xhofe/alist/conf" "github.com/Xhofe/alist/server/webdav" + "github.com/Xhofe/alist/utils" "github.com/gin-gonic/gin" "net/http" ) @@ -33,7 +34,7 @@ func WebDav(r *gin.Engine) { func ServeWebDAV(c *gin.Context) { fs := webdav.FileSystem{} - handler.ServeHTTP(c.Writer,c.Request,&fs) + handler.ServeHTTP(c.Writer, c.Request, &fs) } func WebDAVAuth(c *gin.Context) { @@ -48,13 +49,16 @@ func WebDAVAuth(c *gin.Context) { c.Abort() return } - if conf.DavUsername != "" && conf.DavUsername != username { - c.Status(http.StatusUnauthorized) - c.Abort() + if conf.DavUsername == username && conf.DavPassword == password { + c.Next() + return } - if conf.DavPassword != "" && conf.DavPassword != password { - c.Status(http.StatusUnauthorized) - c.Abort() + if (conf.VisitorDavUsername == username && conf.VisitorDavPassword == password) || (conf.VisitorDavUsername == "" && conf.VisitorDavPassword == "") { + if !utils.IsContain([]string{"PUT", "DELETE", "PROPPATCH", "MKCOL", "COPY", "MOVE"}, c.Request.Method) { + c.Next() + return + } } - c.Next() -} \ No newline at end of file + c.Status(http.StatusUnauthorized) + c.Abort() +}