feat: create user on proxy authentication if user does not exist (#3569)

--------- Co-authored-by: Oleg Lobanov <oleg@lobanov.me>
2025-05-08 11:22:10 +00:00 · 2024-12-16 21:05:13 +00:00 · 2024-12-16 21:05:13 +00:00 · 209acf2429
commit 209acf2429
parent 25372edb5c
1 changed files with 32 additions and 3 deletions
--- a/auth/proxy.go
+++ b/auth/proxy.go
@ -1,9 +1,9 @@
 package auth
 import (
 	"crypto/rand"
 	"errors"
 	"net/http"
 	"os"
 	fbErrors "github.com/filebrowser/filebrowser/v2/errors"
 	"github.com/filebrowser/filebrowser/v2/settings"
@ -19,11 +19,40 @@ type ProxyAuth struct {
 }
 // Auth authenticates the user via an HTTP header.
-func (a ProxyAuth) Auth(r *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server) (*users.User, error) {
+func (a ProxyAuth) Auth(r *http.Request, usr users.Store, setting *settings.Settings, srv *settings.Server) (*users.User, error) {
 	username := r.Header.Get(a.Header)
 	user, err := usr.Get(srv.Root, username)
 	if errors.Is(err, fbErrors.ErrNotExist) {
-		return nil, os.ErrPermission
+		randomPasswordBytes := make([]byte, 32) //nolint:gomnd
 		_, err = rand.Read(randomPasswordBytes)
 		if err != nil {
 			return nil, err
 		}
 		var hashedRandomPassword string
 		hashedRandomPassword, err = users.HashPwd(string(randomPasswordBytes))
 		if err != nil {
 			return nil, err
 		}
 		user = &users.User{
 			Username:     username,
 			Password:     hashedRandomPassword,
 			LockPassword: true,
 		}
 		setting.Defaults.Apply(user)
 		var userHome string
 		userHome, err = setting.MakeUserDir(user.Username, user.Scope, srv.Root)
 		if err != nil {
 			return nil, err
 		}
 		user.Scope = userHome
 		err = usr.Save(user)
 		if err != nil {
 			return nil, err
 		}
 	}
 	return user, err