134 lines
3.3 KiB
Go
134 lines
3.3 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"log"
|
|
"os"
|
|
"net/http"
|
|
"net/url"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/emersion/go-webdav/caldav"
|
|
"nxcaldav/internal/backend"
|
|
"nxcaldav/internal/extra"
|
|
"nxcaldav/internal/config"
|
|
)
|
|
|
|
|
|
|
|
func main() {
|
|
path := "config.yaml";
|
|
if len(os.Args) == 3 {
|
|
if os.Args[1] == "-c" {
|
|
path = os.Args[2]
|
|
}
|
|
}
|
|
cfg, err := config.Load(path)
|
|
if err != nil {
|
|
log.Fatalf("failed to load config: %v", err)
|
|
}
|
|
|
|
ctx := context.Background()
|
|
be, err := backend.NewDBBackend(ctx, cfg)
|
|
if err != nil {
|
|
log.Fatalf("failed to initialize database backend: %v", err)
|
|
}
|
|
|
|
handler := &caldav.Handler{Backend: be}
|
|
|
|
publicURL, _ := url.Parse(cfg.Server.PublicURL)
|
|
|
|
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
|
|
// Proxy-aware normalization:
|
|
if publicURL != nil && publicURL.Host != "" {
|
|
r.Host = publicURL.Host
|
|
r.URL.Host = publicURL.Host
|
|
|
|
// Detect scheme: prioritize X-Forwarded-Proto, then PublicURL
|
|
scheme := publicURL.Scheme
|
|
if proto := r.Header.Get("X-Forwarded-Proto"); proto != "" {
|
|
scheme = proto
|
|
}
|
|
r.URL.Scheme = scheme
|
|
|
|
// Also rewrite WebDAV Destination header (used for MOVE/COPY)
|
|
if dest := r.Header.Get("Destination"); dest != "" {
|
|
destURL, err := url.Parse(dest)
|
|
if err == nil {
|
|
destURL.Host = publicURL.Host
|
|
destURL.Scheme = scheme
|
|
r.Header.Set("Destination", destURL.String())
|
|
}
|
|
}
|
|
}
|
|
|
|
// public ics access
|
|
prefix := cfg.Server.BasePath()
|
|
if strings.HasPrefix(r.URL.Path, prefix+"/public/") {
|
|
be.ServePublicICS(w, r)
|
|
return
|
|
}
|
|
|
|
// caldav access needs auth
|
|
user, password, ok := r.BasicAuth()
|
|
if !ok {
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="CalDAV Server"`)
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
// Verify via Database (bcrypt)
|
|
valid, err := be.VerifyUser(r.Context(), user, password)
|
|
if err != nil {
|
|
log.Printf("auth error for %s: %v", user, err)
|
|
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
if !valid {
|
|
log.Printf("auth failed for %s", user)
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
log.Printf("[user: %s] %s %s ", user, r.Method, r.URL.Path)
|
|
principalPath := prefix + fmt.Sprintf("/%s/", user)
|
|
ctx := context.WithValue(r.Context(), "principal", principalPath)
|
|
|
|
if r.URL.Path == "/.well-known/caldav" || r.URL.Path == prefix+"/.well-known/caldav" {
|
|
// If normalized request, use normalized host/scheme for redirect
|
|
if publicURL != nil && publicURL.Host != "" {
|
|
scheme := r.URL.Scheme
|
|
if scheme == "" {
|
|
scheme = "http"
|
|
}
|
|
target := fmt.Sprintf("%s://%s%s", scheme, r.Host, principalPath)
|
|
http.Redirect(w, r, target, http.StatusMovedPermanently)
|
|
} else {
|
|
http.Redirect(w, r, principalPath, http.StatusMovedPermanently)
|
|
}
|
|
return
|
|
}
|
|
|
|
|
|
// needed because color info is not RFC, so regex hack
|
|
if r.Method == "PROPFIND" {
|
|
extra.AddColorToCalendarPropfind(r, ctx, handler, w, be)
|
|
} else {
|
|
handler.ServeHTTP(w, r.WithContext(ctx))
|
|
}
|
|
})
|
|
|
|
fmt.Printf("Starting CalDAV server on %s...\n", cfg.Server.BindAddress)
|
|
server := &http.Server{
|
|
Addr: cfg.Server.BindAddress,
|
|
ReadTimeout: 30 * time.Second,
|
|
WriteTimeout: 30 * time.Second,
|
|
}
|
|
if err := server.ListenAndServe(); err != nil {
|
|
log.Fatalf("server failed: %v", err)
|
|
}
|
|
}
|