b0esche/b0esche_cloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor viewmodels and enhance security documentation; remove unused viewmodels, add path sanitization, and implement rate limiting

Browse Source
This commit is contained in:
Leon Bösche
2026-01-13 22:11:02 +01:00
parent 804e994e76
commit 47e94995b5
8 changed files with 274 additions and 164 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
go_cloud/internal/storage/nextcloud.go
View File

@@ -17,16 +17,12 @@ func CreateNextcloudUser(nextcloudBaseURL, adminUser, adminPass, username, passw
baseURL := strings.Split(nextcloudBaseURL, "/remote.php")[0]
urlStr := fmt.Sprintf("%s/ocs/v1.php/cloud/users", baseURL)
fmt.Printf("[DEBUG-PASSWORD-FLOW] CreateNextcloudUser called with password: %s\n", password)
// OCS API expects form-encoded data with proper URL encoding
formData := url.Values{
"userid": {username},
"password": {password},
}.Encode()
fmt.Printf("[DEBUG-PASSWORD-FLOW] Form data being sent to OCS API: %s\n", formData)
req, err := http.NewRequest("POST", urlStr, bytes.NewBufferString(formData))
if err != nil {
return fmt.Errorf("failed to create request: %w", err)
@@ -70,9 +66,6 @@ func NewUserWebDAVClient(nextcloudBaseURL, username, password string) *WebDAVCli
// Build the full WebDAV URL for this user
fullURL := fmt.Sprintf("%s/remote.php/dav/files/%s", baseURL, username)
fmt.Printf("[WEBDAV-USER] Input URL: %s, Base: %s, Full: %s, User: %s\n", nextcloudBaseURL, baseURL, fullURL, username)
fmt.Printf("[DEBUG-PASSWORD-FLOW] NewUserWebDAVClient called with password: %s\n", password)
return &WebDAVClient{
baseURL: fullURL,
user: username,