add webdav server for easier file access

package.json

@@ -45,7 +45,8 @@
     "serve-index": "^1.9.1",
     "superagent": "^1.7.2",
     "underscore": "^1.8.3",
-    "uuid": "^3.2.1"
+    "uuid": "^3.2.1",
+    "webdav-server": "^2.4.6"
   },
   "devDependencies": {
     "expect.js": "^0.3.1",

server.js

@@ -2,7 +2,6 @@
 
 'use strict';
 
-
 var express = require('express'),
     morgan = require('morgan'),
     passport = require('passport'),
@@ -19,6 +18,7 @@ var express = require('express'),
     mkdirp = require('mkdirp'),
     auth = require('./src/auth.js'),
     serveIndex = require('serve-index'),
+    webdav = require('webdav-server').v2,
     files = require('./src/files.js')(path.resolve(__dirname, process.argv[2] || 'files'));
 
 
@@ -63,6 +63,15 @@ if (typeof config.folderListingEnabled === 'undefined') config.folderListingEnab
 var app = express();
 var router = new express.Router();
 
+var webdavServer = new webdav.WebDAVServer({
+    requireAuthentification: true,
+    httpAuthentication: new webdav.HTTPBasicAuthentication(new auth.WebdavUserManager(), 'Cloudron Surfer')
+});
+
+webdavServer.setFileSystem('/', new webdav.PhysicalFileSystem(ROOT_FOLDER), function (success) {
+    console.log(`Mounting ${ROOT_FOLDER} as webdav resource`, success);
+});
+
 var multipart = multipart({ maxFieldsSize: 2 * 1024, limit: '512mb', timeout: 3 * 60 * 1000 });
 
 router.post  ('/api/login', auth.login);
@@ -78,6 +87,7 @@ router.get   ('/api/healthcheck', function (req, res) { res.status(200).send();
 
 app.use(morgan('dev'));
 app.use(compression());
+app.use(webdav.extensions.express('/webdav', webdavServer));
 app.use('/api', bodyParser.json());
 app.use('/api', bodyParser.urlencoded({ extended: false, limit: '100mb' }));
 app.use('/api', cookieParser());

src/auth.js

@@ -9,7 +9,8 @@ var passport = require('passport'),
     BearerStrategy = require('passport-http-bearer').Strategy,
     LdapStrategy = require('passport-ldapjs').Strategy,
     HttpError = require('connect-lastmile').HttpError,
-    HttpSuccess = require('connect-lastmile').HttpSuccess;
+    HttpSuccess = require('connect-lastmile').HttpSuccess,
+    webdavErrors = require('webdav-server').v2.Errors;
 
 const LOCAL_AUTH_FILE = path.resolve(process.env.LOCAL_AUTH_FILE || './.users.json');
 const TOKENSTORE_FILE = path.resolve(process.env.TOKENSTORE_FILE || './.tokens.json');
@@ -140,3 +141,39 @@ exports.logout = function (req, res, next) {
 exports.getProfile = function (req, res, next) {
     next(new HttpSuccess(200, { username: req.user.username }));
 };
+
+// webdav usermanager
+exports.WebdavUserManager = WebdavUserManager;
+
+// This implements the required interface only for the Basic Authentication for webdav-server
+function WebdavUserManager() {};
+
+WebdavUserManager.prototype.getDefaultUser = function (callback) {
+    // this is only a dummy user, since we always require authentication
+    var user = {
+        username: 'DefaultUser',
+        password: null,
+        isAdministrator: false,
+        isDefaultUser: true,
+        uid: 'DefaultUser'
+    };
+
+    callback(user);
+};
+
+WebdavUserManager.prototype.getUserByNamePassword = function (username, password, callback) {
+    var users = safe.JSON.parse(safe.fs.readFileSync(LOCAL_AUTH_FILE));
+    if (!users) return callback(webdavErrors.UserNotFound);
+    if (!users[username]) return callback(webdavErrors.UserNotFound);
+
+    bcrypt.compare(password, users[username].passwordHash, function (error, valid) {
+        if (error || !valid) return callback(webdavErrors.UserNotFound);
+
+        callback(null, {
+            username: username,
+            isAdministrator: true,
+            isDefaultUser: false,
+            uid: username
+        });
+    });
+};