github
/
filebrowser
mirror of https://github.com/filebrowser/filebrowser
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: Fix user creation on proxy auth (#3666) 

* Fix user creation on proxy auth

* Refactoring

---------

Co-authored-by: Oleg Lobanov <oleg@lobanov.me>
pull/3543/head^2
Arran Hobson Sayers 2025-01-30 10:28:19 +00:00 committed by GitHub
parent bbdd313705
commit 5300d00d2e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 36 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
auth/proxy.go
View File

@ -23,39 +23,45 @@ func (a ProxyAuth) Auth(r *http.Request, usr users.Store, setting *settings.Sett
username := r.Header.Get(a.Header)
user, err := usr.Get(srv.Root, username)
if errors.Is(err, fbErrors.ErrNotExist) {
randomPasswordBytes := make([]byte, 32) //nolint:gomnd
_, err = rand.Read(randomPasswordBytes)
if err != nil {
return nil, err
}
return a.createUser(usr, setting, srv, username)
}
return user, err
}
var hashedRandomPassword string
hashedRandomPassword, err = users.HashPwd(string(randomPasswordBytes))
if err != nil {
return nil, err
}
user = &users.User{
Username: username,
Password: hashedRandomPassword,
LockPassword: true,
}
setting.Defaults.Apply(user)
var userHome string
userHome, err = setting.MakeUserDir(user.Username, user.Scope, srv.Root)
if err != nil {
return nil, err
}
user.Scope = userHome
err = usr.Save(user)
if err != nil {
return nil, err
}
func (a ProxyAuth) createUser(usr users.Store, setting *settings.Settings, srv *settings.Server, username string) (*users.User, error) {
const passwordSize = 32
randomPasswordBytes := make([]byte, passwordSize)
_, err := rand.Read(randomPasswordBytes)
if err != nil {
return nil, err
}
return user, err
var hashedRandomPassword string
hashedRandomPassword, err = users.HashPwd(string(randomPasswordBytes))
if err != nil {
return nil, err
}
user := &users.User{
Username: username,
Password: hashedRandomPassword,
LockPassword: true,
}
setting.Defaults.Apply(user)
var userHome string
userHome, err = setting.MakeUserDir(user.Username, user.Scope, srv.Root)
if err != nil {
return nil, err
}
user.Scope = userHome
err = usr.Save(user)
if err != nil {
return nil, err
}
return user, nil
}
// LoginPage tells that proxy auth doesn't require a login page.