feat(serverhandler): skip further action on auth failed

Author: marjune163

src/serverHandler/auth.go

@@ -2,20 +2,21 @@ package serverHandler
 
 import "net/http"
 
-func (h *handler) auth(w http.ResponseWriter, r *http.Request, data *responseData) (success bool) {
-	header := w.Header()
-	header.Set("WWW-Authenticate", "Basic realm=\""+r.URL.Path+"\"")
+func (h *handler) needAuth(w http.ResponseWriter, r *http.Request) {
+	w.Header().Set("WWW-Authenticate", "Basic realm=\""+r.URL.Path+"\"")
+}
 
-	username, password, hasAuthReq := r.BasicAuth()
+func (h *handler) verifyAuth(r *http.Request) (username string, success bool) {
+	var password string
+	var hasAuthReq bool
+	username, password, hasAuthReq = r.BasicAuth()
 	if hasAuthReq {
 		success = h.users.Auth(username, password)
 	}
 
-	if success {
-		data.AuthUserName = username
-	} else {
-		w.WriteHeader(http.StatusUnauthorized)
-	}
-
 	return
 }
+
+func (h *handler) authFailed(w http.ResponseWriter) {
+	w.WriteHeader(http.StatusUnauthorized)
+}

src/serverHandler/handler.go

@@ -93,7 +93,11 @@ func (h *handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 		defer file.Close()
 	}
 
-	if data.NeedAuth && !h.auth(w, r, data) {
+	if data.NeedAuth {
+		h.needAuth(w, r)
+	}
+	if !data.AuthSuccess {
+		h.authFailed(w)
 		return
 	}
 

src/serverHandler/json.go

@@ -17,6 +17,9 @@ type jsonItem struct {
 }
 
 type jsonResponseData struct {
+	NeedAuth           bool         `json:"needAuth"`
+	AuthUserName       string       `json:"authUserName"`
+	AuthSuccess        bool         `json:"authSuccess"`
 	IsRoot             bool         `json:"isRoot"`
 	Path               string       `json:"path"`
 	Paths              []*pathEntry `json:"paths"`
@@ -27,7 +30,6 @@ type jsonResponseData struct {
 	CanDelete          bool         `json:"canDelete"`
 	CanArchive         bool         `json:"canArchive"`
 	CanCors            bool         `json:"canCors"`
-	NeedAuth           bool         `json:"needAuth"`
 
 	Item     *jsonItem   `json:"item"`
 	SubItems []*jsonItem `json:"subItems"`
@@ -57,6 +59,9 @@ func getJsonData(data *responseData) *jsonResponseData {
 	}
 
 	return &jsonResponseData{
+		NeedAuth:           data.NeedAuth,
+		AuthUserName:       data.AuthUserName,
+		AuthSuccess:        data.AuthSuccess,
 		IsRoot:             data.IsRoot,
 		Path:               data.Path,
 		Paths:              data.Paths,
@@ -67,7 +72,6 @@ func getJsonData(data *responseData) *jsonResponseData {
 		CanDelete:          data.CanDelete,
 		CanArchive:         data.CanArchive,
 		CanCors:            data.CanCors,
-		NeedAuth:           data.NeedAuth,
 
 		Item:     item,
 		SubItems: subItems,

src/serverHandler/responseData.go

@@ -28,6 +28,10 @@ type responseData struct {
 	rawReqPath     string
 	handlerReqPath string
 
+	NeedAuth     bool
+	AuthUserName string
+	AuthSuccess  bool
+
 	errors []error
 	Status int
 
@@ -51,8 +55,6 @@ type responseData struct {
 	HasDeletable bool
 	CanArchive   bool
 	CanCors      bool
-	NeedAuth     bool
-	AuthUserName string
 
 	IsDownload bool
 	IsUpload   bool
@@ -269,10 +271,18 @@ func (h *handler) getResponseData(r *http.Request) *responseData {
 
 	rawReqPath := util.CleanUrlPath(requestUri)
 	reqPath := util.CleanUrlPath(rawReqPath[len(h.urlPrefix):]) // strip url prefix path
+	reqFsPath, _ := util.NormalizeFsPath(h.root + reqPath)
+
+	needAuth := h.getNeedAuth(rawReqPath, reqFsPath)
+	authUserName := ""
+	authSuccess := true
+	if needAuth {
+		authUserName, authSuccess = h.verifyAuth(r)
+	}
+
 	errs := []error{}
 	status := http.StatusOK
 	isRoot := rawReqPath == "/"
-
 	rawQuery := r.URL.RawQuery
 
 	pathEntries := getPathEntries(rawReqPath, tailSlash)
@@ -283,9 +293,7 @@ func (h *handler) getResponseData(r *http.Request) *responseData {
 		rootRelPath = "./"
 	}
 
-	reqFsPath, _ := util.NormalizeFsPath(h.root + reqPath)
-
-	file, item, _statErr := stat(reqFsPath, !h.emptyRoot)
+	file, item, _statErr := stat(reqFsPath, authSuccess && !h.emptyRoot)
 	if _statErr != nil {
 		errs = append(errs, _statErr)
 		status = getStatusByErr(_statErr)
@@ -307,7 +315,7 @@ func (h *handler) getResponseData(r *http.Request) *responseData {
 
 	itemName := getItemName(item, r)
 
-	subItems, _readdirErr := readdir(file, item, needResponseBody(r.Method))
+	subItems, _readdirErr := readdir(file, item, authSuccess && needResponseBody(r.Method))
 	if _readdirErr != nil {
 		errs = append(errs, _readdirErr)
 		status = http.StatusInternalServerError
@@ -334,7 +342,6 @@ func (h *handler) getResponseData(r *http.Request) *responseData {
 	hasDeletable := canDelete && len(subItems) > len(aliasSubItems)
 	canArchive := h.getCanArchive(subItems, rawReqPath, reqFsPath)
 	canCors := h.getCanCors(rawReqPath, reqFsPath)
-	needAuth := h.getNeedAuth(rawReqPath, reqFsPath)
 
 	isDownload := false
 	isUpload := false
@@ -366,6 +373,10 @@ func (h *handler) getResponseData(r *http.Request) *responseData {
 		rawReqPath:     rawReqPath,
 		handlerReqPath: reqPath,
 
+		NeedAuth:     needAuth,
+		AuthUserName: authUserName,
+		AuthSuccess:  authSuccess,
+
 		errors: errs,
 		Status: status,
 
@@ -389,7 +400,6 @@ func (h *handler) getResponseData(r *http.Request) *responseData {
 		HasDeletable: hasDeletable,
 		CanArchive:   canArchive,
 		CanCors:      canCors,
-		NeedAuth:     needAuth,
 
 		IsDownload: isDownload,
 		IsUpload:   isUpload,