Ai686Leo
diff --git a/‎backend/docker-server.js‎
Lines changed: 35 additions & 29 deletions b/‎backend/docker-server.js‎
Lines changed: 35 additions & 29 deletions
diff --git a/‎backend/package.json‎
Lines changed: 1 addition & 1 deletion b/‎backend/package.json‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/src/index.js‎
Lines changed: 24 additions & 3 deletions b/‎backend/src/index.js‎
Lines changed: 24 additions & 3 deletions
diff --git a/‎backend/src/middlewares/authGatewayMiddleware.js‎
Lines changed: 17 additions & 1 deletion b/‎backend/src/middlewares/authGatewayMiddleware.js‎
Lines changed: 17 additions & 1 deletion
diff --git a/‎backend/src/routes/systemRoutes.js‎
Lines changed: 1 addition & 1 deletion b/‎backend/src/routes/systemRoutes.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/src/routes/webdavRoutes.js‎
Lines changed: 2 additions & 2 deletions b/‎backend/src/routes/webdavRoutes.js‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎backend/src/services/authService.js‎
Lines changed: 24 additions & 4 deletions b/‎backend/src/services/authService.js‎
Lines changed: 24 additions & 4 deletions
@@ -18,7 +18,8 @@ import { checkAndInitDatabase } from "./src/utils/database.js";
 import app from "./src/index.js";
 import { ApiStatus } from "./src/constants/index.js";
 
-import { getWebDAVConfig, getPlatformConfig } from "./src/webdav/auth/index.js";
+import { setExpressWebDAVHeaders } from "./src/webdav/utils/headerUtils.js";
+import { getWebDAVConfig } from "./src/webdav/auth/config/WebDAVConfig.js";
 
 // ES模块兼容性处理：获取__dirname
 const __filename = fileURLToPath(import.meta.url);
@@ -222,9 +223,6 @@ function createErrorResponse(error, status = ApiStatus.INTERNAL_ERROR, defaultMe
 const server = express();
 const PORT = process.env.PORT || 8787;
 
-// 获取Express平台配置（仅用于代理设置）
-const platformConfig = getPlatformConfig("express");
-
 // 数据目录和数据库设置
 const dataDir = process.env.DATA_DIR || path.join(__dirname, "data");
 if (!fs.existsSync(dataDir)) {
@@ -245,28 +243,22 @@ let isDbInitialized = false;
 // 获取WebDAV配置
 const webdavConfig = getWebDAVConfig();
 
-// 应用Express平台配置
-if (platformConfig.TRUST_PROXY) {
-  server.set("trust proxy", true);
-  console.log("Express: 已启用代理信任");
-}
-
-// CORS配置 - 使用统一配置
+// CORS配置
 const corsOptions = {
-  origin: webdavConfig.CORS.ALLOW_ORIGIN,
-  methods: webdavConfig.SUPPORTED_METHODS.join(","),
+  origin: "*",
+  methods: webdavConfig.METHODS.join(","),
   credentials: true,
   optionsSuccessStatus: 204,
   maxAge: 86400,
-  exposedHeaders: webdavConfig.CORS.ALLOW_HEADERS,
+  exposedHeaders: webdavConfig.HEADERS["Access-Control-Expose-Headers"],
 };
 
 // ==========================================
 // 中间件和服务器配置
 // ==========================================
 
 // 明确告知Express处理WebDAV方法
-webdavConfig.SUPPORTED_METHODS.forEach((method) => {
+webdavConfig.METHODS.forEach((method) => {
   server[method.toLowerCase()] = function (path, ...handlers) {
     return server.route(path).all(function (req, res, next) {
       if (req.method === method) {
@@ -278,7 +270,7 @@ webdavConfig.SUPPORTED_METHODS.forEach((method) => {
 });
 
 // 为WebDAV方法添加直接路由，确保它们能被正确处理
-webdavConfig.SUPPORTED_METHODS.forEach((method) => {
+webdavConfig.METHODS.forEach((method) => {
   server[method.toLowerCase()]("/dav*", (req, res, next) => {
     logMessage("debug", `直接WebDAV路由处理: ${method} ${req.path}`);
     next();
@@ -291,10 +283,11 @@ webdavConfig.SUPPORTED_METHODS.forEach((method) => {
 
 // 1. 基础中间件 - CORS和HTTP方法处理
 // ==========================================
-// 智能CORS处理：跳过WebDAV OPTIONS请求，让后续中间件处理
+// 智能CORS处理：跳过WebDAV OPTIONS请求和根路径OPTIONS请求，让后续中间件处理
 server.use((req, res, next) => {
-  // 对于WebDAV路径的OPTIONS请求，跳过CORS自动处理
-  if (req.method === "OPTIONS" && (req.path === "/dav" || req.path.startsWith("/dav/"))) {
+  // 对于WebDAV路径和根路径的OPTIONS请求，跳过CORS自动处理
+  if (req.method === "OPTIONS" && (req.path === "/" || req.path === "/dav" || req.path.startsWith("/dav/"))) {
+    logMessage("debug", `跳过CORS处理: ${req.method} ${req.path}`);
     return next();
   }
   // 其他请求使用标准CORS处理
@@ -305,11 +298,11 @@ server.use(methodOverride("X-HTTP-Method"));
 server.use(methodOverride("X-Method-Override"));
 server.disable("x-powered-by");
 
-// WebDAV基础方法支持 - 使用统一配置
+// WebDAV基础方法支持
 server.use((req, res, next) => {
   if (req.path === "/dav" || req.path.startsWith("/dav/")) {
-    res.setHeader("Access-Control-Allow-Methods", webdavConfig.SUPPORTED_METHODS.join(","));
-    res.setHeader("Allow", webdavConfig.SUPPORTED_METHODS.join(","));
+    // 使用统一的WebDAV头部设置工具
+    setExpressWebDAVHeaders(res);
 
     // 区分CORS预检请求和WebDAV OPTIONS请求
     if (req.method === "OPTIONS") {
@@ -319,12 +312,6 @@ server.use((req, res, next) => {
       if (isCORSPreflight) {
         // CORS预检请求：在Express层直接处理
         return res.status(204).end();
-      } else {
-        // WebDAV OPTIONS请求：传递给Hono层处理认证和能力发现
-        // 添加WebDAV特定的响应头（为了兼容性）
-        res.setHeader("DAV", webdavConfig.PROTOCOL.RESPONSE_HEADERS.DAV);
-        res.setHeader("MS-Author-Via", webdavConfig.PROTOCOL.RESPONSE_HEADERS["MS-Author-Via"]);
-        // 继续传递给Hono层处理
       }
     }
   }
@@ -505,7 +492,7 @@ server.use((req, res, next) => {
 // WebDAV请求日志记录 - 认证由Hono层处理
 server.use("/dav", (req, res, next) => {
   // 明确设置允许的方法
-  res.setHeader("Allow", webdavConfig.SUPPORTED_METHODS.join(","));
+  res.setHeader("Allow", webdavConfig.METHODS.join(","));
 
   // 记录WebDAV请求信息
   logMessage("info", `WebDAV请求: ${req.method} ${req.path}`, {
@@ -549,6 +536,25 @@ server.use(async (req, res, next) => {
 // 路由处理
 // ==========================================
 
+// 根路径WebDAV OPTIONS兼容性处理器
+// 为1Panel等客户端提供WebDAV能力发现支持
+server.options("/", (req, res) => {
+  // 返回标准WebDAV能力声明，与/dav路径保持一致
+  const headers = {
+    Allow: "OPTIONS, PROPFIND, GET, HEAD, PUT, DELETE, MKCOL, COPY, MOVE, LOCK, UNLOCK, PROPPATCH",
+    DAV: "1, 2",
+    "MS-Author-Via": "DAV",
+    "Access-Control-Allow-Origin": "*",
+    "Access-Control-Allow-Methods": "OPTIONS, PROPFIND, GET, HEAD, PUT, DELETE, MKCOL, COPY, MOVE, LOCK, UNLOCK, PROPPATCH",
+    "Access-Control-Allow-Headers": "Authorization, Content-Type, Depth, Destination, If, Lock-Token, Overwrite, X-Custom-Auth-Key",
+    "Access-Control-Expose-Headers": "DAV, Lock-Token, MS-Author-Via",
+    "Access-Control-Max-Age": "86400",
+  };
+
+  logMessage("info", "根路径WebDAV OPTIONS请求 - 客户端兼容性支持");
+  res.set(headers).status(200).end();
+});
+
 // 通配符路由 - 处理所有其他API请求
 server.use("*", async (req, res) => {
   try {
 
@@ -1,6 +1,6 @@
 {
   "name": "cloudpaste-api",
-  "version": "0.8.0",
+  "version": "0.8.1",
   "description": "CloudPaste API基于Cloudflare Workers和D1数据库",
   "main": "workers.js",
   "scripts": {
 
@@ -32,10 +32,11 @@ import { WEBDAV_BASE_PATH } from "./webdav/auth/config/WebDAVConfig.js";
 // 统一CORS中间件
 app.use("*", async (c, next) => {
   const isWebDAVPath = c.req.path === WEBDAV_BASE_PATH || c.req.path.startsWith(WEBDAV_BASE_PATH + "/");
+  const isRootPath = c.req.path === "/";
 
-  if (c.req.method === "OPTIONS" && isWebDAVPath) {
-    // WebDAV OPTIONS请求跳过CORS自动处理，进入WebDAV认证流程
-    console.log("WebDAV OPTIONS请求，进入认证流程:", c.req.path);
+  if (c.req.method === "OPTIONS" && (isWebDAVPath || isRootPath)) {
+    // WebDAV OPTIONS请求和根路径OPTIONS请求跳过CORS自动处理
+    console.log("WebDAV OPTIONS请求:", c.req.method, c.req.path);
     await next();
     return;
   } else {
@@ -69,6 +70,26 @@ app.use("*", async (c, next) => {
   }
 });
 
+// 根路径WebDAV OPTIONS兼容性处理器
+// 为1Panel等客户端提供WebDAV能力发现支持
+// 必须在其他路由注册之前，确保优先匹配
+app.options("/", (c) => {
+  // 返回标准WebDAV能力声明，与/dav路径保持一致
+  const headers = {
+    Allow: "OPTIONS, PROPFIND, GET, HEAD, PUT, DELETE, MKCOL, COPY, MOVE, LOCK, UNLOCK, PROPPATCH",
+    DAV: "1, 2",
+    "MS-Author-Via": "DAV",
+    "Access-Control-Allow-Origin": "*",
+    "Access-Control-Allow-Methods": "OPTIONS, PROPFIND, GET, HEAD, PUT, DELETE, MKCOL, COPY, MOVE, LOCK, UNLOCK, PROPPATCH",
+    "Access-Control-Allow-Headers": "Authorization, Content-Type, Depth, Destination, If, Lock-Token, Overwrite, X-Custom-Auth-Key",
+    "Access-Control-Expose-Headers": "DAV, Lock-Token, MS-Author-Via",
+    "Access-Control-Max-Age": "86400",
+  };
+
+  console.log("根路径WebDAV OPTIONS请求 - 客户端兼容性支持");
+  return new Response("", { status: 200, headers });
+});
+
 // 注册路由
 app.route("/", adminRoutes);
 app.route("/", apiKeyRoutes);
 
@@ -108,7 +108,7 @@ async function performAuthentication(c) {
     const authHeader = c.req.header("Authorization");
     authResult = await authService.authenticate(authHeader);
 
-    // 如果标准认证失败，尝试自定义授权头（向后兼容）
+    // 如果标准认证失败，尝试自定义授权头
     if (!authResult.isAuthenticated) {
       const customAuthKey = c.req.header("X-Custom-Auth-Key");
       if (customAuthKey) {
@@ -250,6 +250,17 @@ const gatewayUtils = {
     return authResult.isAdmin() ? "admin" : "apikey";
   },
 
+  /**
+   * 获取用户类型（类型系统用）
+   */
+  getUserType: (c) => {
+    const authResult = c.get("authResult");
+    if (!authResult || !authResult.isAuthenticated) {
+      return null;
+    }
+    return authResult.getUserType();
+  },
+
   /**
    * 检查操作权限（委托给认证服务）
    */
@@ -486,3 +497,8 @@ authGateway.utils = gatewayUtils;
  * 创建认证服务实例
  */
 authGateway.createAuthService = createAuthService;
+
+/**
+ * 执行认证处理 - 供WebDAV等协议层调用
+ */
+authGateway.performAuth = performAuthentication;
@@ -68,7 +68,7 @@ systemRoutes.get("/api/version", async (c) => {
   const isDocker = runtimeEnv === "docker";
 
   // 统一的默认版本配置
-  const DEFAULT_VERSION = "0.8.0";
+  const DEFAULT_VERSION = "0.8.1";
   const DEFAULT_NAME = "cloudpaste-api";
 
   let version = DEFAULT_VERSION;
 
@@ -1,5 +1,5 @@
 /**
- * WebDAV路由定义 - 支持配置化路径
+ * WebDAV路由定义
  */
 import { Hono } from "hono";
 import { webdavAuthMiddleware, handleWebDAV } from "../webdav/index.js";
@@ -10,7 +10,7 @@ import { createErrorResponse } from "../utils/common.js";
 // 创建WebDAV路由处理程序
 const webdavRoutes = new Hono();
 
-// WebDAV认证中间件应用到WebDAV路径
+// WebDAV认证和权限检查
 webdavRoutes.use(WEBDAV_BASE_PATH, webdavAuthMiddleware);
 webdavRoutes.use(`${WEBDAV_BASE_PATH}/*`, webdavAuthMiddleware);
 
 
@@ -51,6 +51,20 @@ export class AuthResult {
     return this.userId;
   }
 
+  /**
+   * 获取用户类型
+   * WebDAV认证需要的方法
+   */
+  getUserType() {
+    if (this._isAdmin) {
+      return "admin";
+    }
+    if (this.keyInfo) {
+      return "apiKey";
+    }
+    return "unknown";
+  }
+
   /**
    * 检查是否有任一权限
    * 网关权限验证需要的方法
@@ -259,16 +273,22 @@ export class AuthService {
       return new AuthResult();
     }
 
+    let result;
     switch (type) {
       case "bearer":
-        return await this.validateAdminAuth(token);
+        result = await this.validateAdminAuth(token);
+        break;
       case "apikey":
-        return await this.validateApiKeyAuth(token);
+        result = await this.validateApiKeyAuth(token);
+        break;
       case "basic":
-        return await this.validateBasicAuth(token);
+        result = await this.validateBasicAuth(token);
+        break;
       default:
-        return new AuthResult();
+        result = new AuthResult();
     }
+
+    return result;
   }
 
   /**
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "cloudpaste-api",`
`3`		`- "version": "0.8.0",`
	`3`	`+ "version": "0.8.1",`
`4`	`4`	`"description": "CloudPaste API基于Cloudflare Workers和D1数据库",`
`5`	`5`	`"main": "workers.js",`
`6`	`6`	`"scripts": {`