Fix login issues regarding basicauth+noauth #214 #204

Former-commit-id: 5c150c622724e7d2c9a9630f60325a5a246b7526 [formerly 6ff5856dc0ab40dbb9a9759c0c23de74a23d2531] [formerly b41c082f0631a33648bc50e81f38d7dbba612d8c [formerly c95b1aaacebba255c6153e70bff31c8ebb58e0c6]] Former-commit-id: ead207a0e5405ccc0641b3705875b8846846060d [formerly 7c1221485698d524ef679d09166cff7549f7b00a] Former-commit-id: b01bdc787983c2c48394ef9e3eabed9137c1f31c
2025-05-08 19:22:57 +00:00 · 2017-08-22 15:25:54 +01:00 · 2017-08-22 15:25:54 +01:00 · 4191a6f9e0
commit 4191a6f9e0
parent c18ca4702d
9 changed files with 26 additions and 23 deletions
--- a/assets/index.html
+++ b/assets/index.html
@ -6,6 +6,7 @@
  <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
  <meta name="base" content="{{ .BaseURL }}">
  <meta name="staticgen" content="{{ .StaticGen }}">
+  <meta name="noauth" content="{{ .NoAuth }}">
  <title>File Manager</title>
  <link rel="icon" type="image/png" sizes="32x32" href="{{ .BaseURL }}/static/img/icons/favicon-32x32.png">
  <link rel="icon" type="image/png" sizes="16x16" href="{{ .BaseURL }}/static/img/icons/favicon-16x16.png">
--- a/assets/src/components/Sidebar.vue
+++ b/assets/src/components/Sidebar.vue
@ -46,7 +46,7 @@
      </button>
    </div>

-    <div v-if="!$store.state.user.noAuth">
+    <div v-if="!$store.state.noAuth">
      <router-link class="action" to="/settings" :aria-label="$t('sidebar.settings')" :title="$t('sidebar.settings')">
        <i class="material-icons">settings_applications</i>
        <span>{{ $t('sidebar.settings') }}</span>
--- a/assets/src/components/prompts/NewArchetype.vue
+++ b/assets/src/components/prompts/NewArchetype.vue
@ -47,7 +47,7 @@ export default {
      return new Promise((resolve, reject) => {
        let request = new window.XMLHttpRequest()
        request.open('POST', `${this.$store.state.baseURL}/api/resource${url}`, true)
-        request.setRequestHeader('Authorization', `Bearer ${this.$store.state.jwt}`)
+        if (!this.$store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${this.$store.state.jwt}`)
        request.setRequestHeader('Archetype', encodeURIComponent(type))

        request.onload = () => {
--- a/assets/src/store/index.js
+++ b/assets/src/store/index.js
@ -14,6 +14,7 @@ const state = {
  },
  staticGen: document.querySelector('meta[name="staticgen"]').getAttribute('content'),
  baseURL: document.querySelector('meta[name="base"]').getAttribute('content'),
+  noAuth: (document.querySelector('meta[name="noauth"]').getAttribute('content') === 'true'),
  jwt: '',
  progress: 0,
  schedule: '',
--- a/assets/src/utils/api.js
+++ b/assets/src/utils/api.js
@ -18,7 +18,7 @@ export function fetch (url) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/resource${url}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -41,7 +41,7 @@ export function remove (url) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('DELETE', `${store.state.baseURL}/api/resource${url}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      if (request.status === 200) {
@ -62,7 +62,7 @@ export function post (url, content = '', overwrite = false, onupload) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('POST', `${store.state.baseURL}/api/resource${url}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    if (typeof onupload === 'function') {
      request.upload.onprogress = onupload
@ -95,7 +95,7 @@ export function put (url, content = '', publish = false, date = '') {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('PUT', `${store.state.baseURL}/api/resource${url}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
    request.setRequestHeader('Publish', publish)

    if (date !== '') {
@ -125,7 +125,7 @@ function moveCopy (items, copy = false) {
    promises.push(new Promise((resolve, reject) => {
      let request = new window.XMLHttpRequest()
      request.open('PATCH', `${store.state.baseURL}/api/resource${from}`, true)
-      request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+      if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
      request.setRequestHeader('Destination', to)

      if (copy) {
@ -162,7 +162,7 @@ export function checksum (url, algo) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/checksum${url}?algo=${algo}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      if (request.status === 200) {
@ -226,7 +226,7 @@ export function getSettings () {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/settings/`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -255,7 +255,7 @@ export function updateSettings (param, which) {

    let request = new window.XMLHttpRequest()
    request.open('PUT', `${store.state.baseURL}/api/settings/`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -278,7 +278,7 @@ export function getUsers () {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/users/`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -299,7 +299,7 @@ export function getUser (id) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/users/${id}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -320,7 +320,7 @@ export function newUser (user) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('POST', `${store.state.baseURL}/api/users/`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -345,7 +345,7 @@ export function updateUser (user, which) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('PUT', `${store.state.baseURL}/api/users/${user.ID}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -370,7 +370,7 @@ export function deleteUser (id) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('DELETE', `${store.state.baseURL}/api/users/${id}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      switch (request.status) {
@ -395,7 +395,7 @@ export function getShare (url) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/share${url}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      if (request.status === 200) {
@ -414,7 +414,7 @@ export function deleteShare (hash) {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('DELETE', `${store.state.baseURL}/api/share/${hash}`, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      if (request.status === 200) {
@ -439,7 +439,7 @@ export function share (url, expires = '', unit = 'hours') {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('POST', url, true)
-    request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${store.state.jwt}`)

    request.onload = () => {
      if (request.status === 200) {
--- a/assets/src/utils/auth.js
+++ b/assets/src/utils/auth.js
@ -16,7 +16,7 @@ function loggedIn () {
  return new Promise((resolve, reject) => {
    let request = new window.XMLHttpRequest()
    request.open('GET', `${store.state.baseURL}/api/auth/renew`, true)
-    request.setRequestHeader('Authorization', `Bearer ${cookie('auth')}`)
+    if (!store.state.noAuth) request.setRequestHeader('Authorization', `Bearer ${cookie('auth')}`)

    request.onload = () => {
      if (request.status === 200) {
--- a/http/auth.go
+++ b/http/auth.go
@ -59,7 +59,6 @@ func renewAuthHandler(c *fm.Context, w http.ResponseWriter, r *http.Request) (in
 // claims is the JWT claims.
 type claims struct {
 	fm.User
-	NoAuth bool `json:"noAuth"`
 	jwt.StandardClaims
 }

@ -74,7 +73,6 @@ func printToken(c *fm.Context, w http.ResponseWriter) (int, error) {
 	// Builds the claims.
 	claims := claims{
 		u,
-		c.NoAuth,
 		jwt.StandardClaims{
 			ExpiresAt: time.Now().Add(time.Hour * 24).Unix(),
 			Issuer:    "File Manager",
--- a/http/http.go
+++ b/http/http.go
@ -223,7 +223,10 @@ func renderFile(c *fm.Context, w http.ResponseWriter, file string, contentType s
 	tpl := template.Must(template.New("file").Parse(file))
 	w.Header().Set("Content-Type", contentType+"; charset=utf-8")

-	data := map[string]interface{}{"BaseURL": c.RootURL()}
+	data := map[string]interface{}{
+		"BaseURL": c.RootURL(),
+		"NoAuth":  c.NoAuth,
+	}

 	if c.StaticGen != nil {
 		data["StaticGen"] = c.StaticGen.Name()
--- a/rice-box.go.REMOVED.git-id
+++ b/rice-box.go.REMOVED.git-id
@ -1 +1 @@
-6a08f1e90218ebb33745a5034efe896329ee9675
+7ef84c6326cbac0b4baba0591c4669ed50c8bfec