$username])[0]; if (!in_array('ht', explode(',', $account['services']), true)) deny('Service not enabled for this user.'); const SFTPGO_DENY_PERMS = ['/' => ['list']]; const SFTPGO_ALLOW_PERMS = ['list', 'download', 'upload', 'overwrite', 'delete_files', 'delete_dirs', 'rename_files', 'rename_dirs', 'create_dirs', 'chmod', 'chtimes']; if ($auth_data['password'] !== '') { if (checkPassword($account['id'], $auth_data['password']) !== true) deny('Wrong password.'); $permissions['/'] = SFTPGO_ALLOW_PERMS; } else if ($auth_data['public_key'] !== '') { $permissions = SFTPGO_DENY_PERMS; foreach (query('select', 'ssh-keys', ['username' => $account['id']]) as $key) if (hash_equals('ssh-ed25519 ' . $key['key'] . LF, $auth_data['public_key'])) $permissions[$key['directory']] = SFTPGO_ALLOW_PERMS; if ($permissions === SFTPGO_DENY_PERMS) deny('No matching SSH key allowed.'); } else deny('Unknown authentication method.'); echo json_encode([ 'status' => 1, 'username' => $auth_data['username'], 'home_dir' => CONF['ht']['ht_path'] . '/fs/' . $account['id'], 'quota_size' => ($account['type'] === 'approved') ? CONF['ht']['user_quota_approved'] : CONF['ht']['user_quota_testing'], 'permissions' => $permissions, ], JSON_THROW_ON_ERROR | JSON_UNESCAPED_SLASHES); !DEBUG or file_put_contents(ROOT_PATH . '/db/debug.txt', ob_get_contents() . 'accepted'); http_response_code(200);