Translate all user-facing output to English
- Scripts: start-webdav.cmd, stop-webdav.cmd (echo messages, REM comments) - Server: server.js (console.log, HTTP error messages) - Token tools: token-test.js, token-refresh.js - Other: auth-poc.js, debug-name-decrypt.js, internxt-client.js, upload.js - Docs: README, .env.example, docs/*.md Made-with: Cursor
This commit is contained in:
@@ -1,44 +1,44 @@
|
||||
# Browser-Token-Authentifizierung (Ansatz B)
|
||||
# Browser Token Authentication (Approach B)
|
||||
|
||||
Da der API-Login für Ihren Account-Typ blockiert ist, können Sie sich im Browser einloggen und die Session-Daten für den WebDAV-Wrapper verwenden.
|
||||
Since API login is blocked for your account type, you can log in via the browser and use the session data for the WebDAV wrapper.
|
||||
|
||||
## Ablauf
|
||||
## Flow
|
||||
|
||||
1. Auf https://drive.internxt.com einloggen
|
||||
2. Token und Mnemonic aus dem Browser extrahieren
|
||||
3. In `.env` eintragen
|
||||
4. WebDAV-Server starten
|
||||
1. Log in at https://drive.internxt.com
|
||||
2. Extract token and mnemonic from the browser
|
||||
3. Add to `.env`
|
||||
4. Start WebDAV server
|
||||
|
||||
## Token extrahieren
|
||||
## Extracting Tokens
|
||||
|
||||
### Schritt 1: Alle gespeicherten Keys anzeigen
|
||||
### Step 1: Show all stored keys
|
||||
|
||||
Auf **https://drive.internxt.com** eingeloggt sein. DevTools (F12) → **Console**:
|
||||
Be logged in at **https://drive.internxt.com**. DevTools (F12) → **Console**:
|
||||
|
||||
```javascript
|
||||
// Alle localStorage-Keys anzeigen
|
||||
// Show all localStorage keys
|
||||
Object.keys(localStorage).filter(k => k.includes('x') || k.includes('token') || k.includes('Token')).forEach(k => console.log(k));
|
||||
```
|
||||
|
||||
Damit sehen Sie, welche Keys es gibt (z.B. `xNewToken`, `xMnemonic`, `xUser`).
|
||||
This shows which keys exist (e.g. `xNewToken`, `xMnemonic`, `xUser`).
|
||||
|
||||
### Schritt 2: Token und Mnemonic auslesen
|
||||
### Step 2: Read token and mnemonic
|
||||
|
||||
```javascript
|
||||
// Token und Mnemonic anzeigen
|
||||
console.log('Token:', localStorage.getItem('xNewToken') || localStorage.getItem('xToken') || '(nicht gefunden)');
|
||||
console.log('Mnemonic:', localStorage.getItem('xMnemonic') || '(nicht gefunden)');
|
||||
// Display token and mnemonic
|
||||
console.log('Token:', localStorage.getItem('xNewToken') || localStorage.getItem('xToken') || '(not found)');
|
||||
console.log('Mnemonic:', localStorage.getItem('xMnemonic') || '(not found)');
|
||||
```
|
||||
|
||||
### Schritt 3: Falls nichts gefunden wird
|
||||
### Step 3: If nothing is found
|
||||
|
||||
- **Application-Tab prüfen:** DevTools → **Application** (oder **Anwendung**) → links **Local Storage** → **https://drive.internxt.com** auswählen. Dort alle Einträge durchsehen.
|
||||
- **Richtige URL:** Sie müssen auf `https://drive.internxt.com` sein (nicht internxt.com) und **eingeloggt** sein – nach dem Login auf `/drive` oder `/app`.
|
||||
- **Session vs. Local:** Manche Werte liegen in `sessionStorage`. Testen mit:
|
||||
- **Check Application tab:** DevTools → **Application** (or **Storage**) → **Local Storage** → select **https://drive.internxt.com**. Inspect all entries.
|
||||
- **Correct URL:** You must be on `https://drive.internxt.com` (not internxt.com) and **logged in** – after login, on `/drive` or `/app`.
|
||||
- **Session vs Local:** Some values may be in `sessionStorage`. Test with:
|
||||
```javascript
|
||||
console.log('sessionStorage:', Object.keys(sessionStorage));
|
||||
```
|
||||
- **Alle Keys anzeigen:** Zum Debuggen alle Keys mit Werten:
|
||||
- **Show all keys:** For debugging, list all keys with values:
|
||||
```javascript
|
||||
for (let i = 0; i < localStorage.length; i++) {
|
||||
const k = localStorage.key(i);
|
||||
@@ -46,40 +46,40 @@ console.log('Mnemonic:', localStorage.getItem('xMnemonic') || '(nicht gefunden)'
|
||||
}
|
||||
```
|
||||
|
||||
## .env eintragen
|
||||
## Add to .env
|
||||
|
||||
```
|
||||
INXT_TOKEN=eyJhbGciOiJIUzI1NiIs...
|
||||
INXT_MNEMONIC=word1 word2 word3 ...
|
||||
# Namensentschlüsselung: CRYPTO_SECRET oder CRYPTO_SECRET2 (CLI-Default: 6KYQBP847D4ATSFA)
|
||||
# Name decryption: CRYPTO_SECRET or CRYPTO_SECRET2 (CLI default: 6KYQBP847D4ATSFA)
|
||||
CRYPTO_SECRET=6KYQBP847D4ATSFA
|
||||
# Optional: WebDAV-Credentials erzwingen (sonst beliebige Credentials akzeptiert)
|
||||
# Optional: Enforce WebDAV credentials (otherwise any credentials accepted)
|
||||
# WEBDAV_USER=backup
|
||||
# WEBDAV_PASS=geheim
|
||||
# WEBDAV_PASS=secret
|
||||
```
|
||||
|
||||
## Duplicati Pre-/Post-Scripts (optional)
|
||||
## Duplicati Pre/Post Scripts (optional)
|
||||
|
||||
Falls der WebDAV-Server nicht dauerhaft läuft, kann Duplicati ihn vor dem Backup starten und danach beenden:
|
||||
If the WebDAV server does not run permanently, Duplicati can start it before backup and stop it after:
|
||||
|
||||
| Script | Duplicati-Einstellung | Pfad |
|
||||
|--------|------------------------|------|
|
||||
| Start | Vor dem Backup ausführen | `scripts\start-webdav.cmd` |
|
||||
| Stop | Nach dem Backup ausführen | `scripts\stop-webdav.cmd` |
|
||||
| Script | Duplicati setting | Path |
|
||||
|--------|-------------------|------|
|
||||
| Start | Run before backup | `scripts\start-webdav.cmd` |
|
||||
| Stop | Run after backup | `scripts\stop-webdav.cmd` |
|
||||
|
||||
**Einstellungen → Erweitert → Scripts** – jeweils den vollen Pfad eintragen, z.B.:
|
||||
**Settings → Advanced → Scripts** – enter full path, e.g.:
|
||||
```
|
||||
C:\Pfad\zu\internxt-webdav\scripts\start-webdav.cmd
|
||||
C:\Pfad\zu\internxt-webdav\scripts\stop-webdav.cmd
|
||||
C:\Path\to\internxt-webdav\scripts\start-webdav.cmd
|
||||
C:\Path\to\internxt-webdav\scripts\stop-webdav.cmd
|
||||
```
|
||||
|
||||
Optional Port als Argument (Standard: 3005):
|
||||
Optional port as argument (default: 3005):
|
||||
```
|
||||
C:\Pfad\zu\internxt-webdav\scripts\start-webdav.cmd 8080
|
||||
C:\Pfad\zu\internxt-webdav\scripts\stop-webdav.cmd 8080
|
||||
C:\Path\to\internxt-webdav\scripts\start-webdav.cmd 8080
|
||||
C:\Path\to\internxt-webdav\scripts\stop-webdav.cmd 8080
|
||||
```
|
||||
|
||||
Der Server startet im Hintergrund und ist nach ~5 Sekunden bereit.
|
||||
The server starts in the background and is ready after ~5 seconds.
|
||||
|
||||
## Restic + rclone
|
||||
|
||||
@@ -87,65 +87,65 @@ Der Server startet im Hintergrund und ist nach ~5 Sekunden bereit.
|
||||
restic -r rclone:internxt-webdav:repo-name init
|
||||
```
|
||||
|
||||
Der Server erstellt fehlende Ordner rekursiv (MKCOL). Bei 500-Fehlern: Server-Log prüfen (`PUT Fehler:`), Token mit `npm run token-refresh` erneuern.
|
||||
The server creates missing folders recursively (MKCOL). On 500 errors: check server log (`PUT Fehler:`), renew token with `npm run token-refresh`.
|
||||
|
||||
### Restic „object not found“ / 500
|
||||
### Restic "object not found" / 500
|
||||
|
||||
1. **Port prüfen:** rclone-URL muss exakt dem Server-Port entsprechen. Steht in der Konsole z.B. `http://127.0.0.1:3010`, dann in rclone `url = http://127.0.0.1:3010` eintragen.
|
||||
2. **Nur einen Server:** `npm start` beenden (Ctrl+C), dann nur `scripts\start-webdav.cmd` nutzen – sonst antwortet evtl. ein alter Prozess.
|
||||
3. **rclone config:** `rclone config` → Remote `internxt-webdav` → `url` = `http://127.0.0.1:PORT` (PORT aus Server-Start).
|
||||
4. **Logs:** `WEBDAV_LOG=debug` in `.env` setzen, Server neu starten, dann `logs\webdav-errors.log` und `logs\webdav-debug.log` prüfen.
|
||||
1. **Check port:** rclone URL must match server port exactly. If console shows e.g. `http://127.0.0.1:3010`, set `url = http://127.0.0.1:3010` in rclone.
|
||||
2. **Single server only:** Stop `npm start` (Ctrl+C), then use only `scripts\start-webdav.cmd` – otherwise an old process may respond.
|
||||
3. **rclone config:** `rclone config` → Remote `internxt-webdav` → `url` = `http://127.0.0.1:PORT` (PORT from server startup).
|
||||
4. **Logs:** Set `WEBDAV_LOG=debug` in `.env`, restart server, then check `logs\webdav-errors.log` and `logs\webdav-debug.log`.
|
||||
|
||||
## WebDAV-Credentials (für Duplicati, Explorer)
|
||||
## WebDAV Credentials (for Duplicati, Explorer)
|
||||
|
||||
Der Server erwartet **Basic Auth**. Ohne `WEBDAV_USER`/`WEBDAV_PASS` in `.env` akzeptiert er **beliebige** Credentials – Sie können in Duplicati z.B. Benutzername `backup` und Passwort `geheim` eintragen. Mit `WEBDAV_USER` und `WEBDAV_PASS` werden nur diese Credentials akzeptiert.
|
||||
The server expects **Basic Auth**. Without `WEBDAV_USER`/`WEBDAV_PASS` in `.env`, it accepts **any** credentials – you can use e.g. username `backup` and password `secret` in Duplicati. With `WEBDAV_USER` and `WEBDAV_PASS` set, only those credentials are accepted.
|
||||
|
||||
## WebDAV-Server starten
|
||||
## Start WebDAV Server
|
||||
|
||||
```bash
|
||||
npm start
|
||||
```
|
||||
|
||||
Server läuft auf `http://127.0.0.1:3005`. Phase 1–4 aktiv: PROPFIND, MKCOL, DELETE, MOVE, GET, PUT. Für GET und PUT wird INXT_MNEMONIC benötigt.
|
||||
Server runs at `http://127.0.0.1:3005`. Phase 1–4 active: PROPFIND, MKCOL, DELETE, MOVE, GET, PUT. INXT_MNEMONIC required for GET and PUT.
|
||||
|
||||
### PowerShell Copy-Item: „Null character in path“
|
||||
### PowerShell Copy-Item: "Null character in path"
|
||||
|
||||
Windows/.NET fügt bei WebDAV-Pfaden manchmal Null-Bytes ein. **Workaround:**
|
||||
Windows/.NET sometimes adds null bytes to WebDAV paths. **Workaround:**
|
||||
|
||||
```powershell
|
||||
# Variante 1: Direkt per HTTP (umgeht WebDAV-Bugs, UUID aus dir i: übernehmen)
|
||||
# Option 1: Direct HTTP (bypasses WebDAV bugs, use UUID from dir i:)
|
||||
Invoke-WebRequest -Uri "http://127.0.0.1:3005/_.69942103-e16f-4714-89bb-9f9f7d3b1bd5" -OutFile test.md
|
||||
|
||||
# Upload per PUT (PowerShell)
|
||||
Invoke-WebRequest -Uri "http://127.0.0.1:3005/meine-datei.txt" -Method PUT -Body "Inhalt" -ContentType "application/octet-stream"
|
||||
# Upload via PUT (PowerShell)
|
||||
Invoke-WebRequest -Uri "http://127.0.0.1:3005/my-file.txt" -Method PUT -Body "Content" -ContentType "application/octet-stream"
|
||||
|
||||
# Variante 2: Robocopy (kopiert alle Dateien aus Root)
|
||||
# Option 2: Robocopy (copy all files from root)
|
||||
robocopy "i:\" "." /NFL /NDL
|
||||
|
||||
# Variante 3: Explorer – Datei per Drag & Drop kopieren
|
||||
``` Windows Explorer: Netzlaufwerk verbinden → `http://127.0.0.1:3005`.
|
||||
# Option 3: Explorer – drag & drop file
|
||||
# Windows Explorer: Map network drive → http://127.0.0.1:3005
|
||||
|
||||
## Token erneuern (bei 401 / abgelaufen)
|
||||
## Renew Token (on 401 / expired)
|
||||
|
||||
Tokens laufen nach einiger Zeit ab (typisch Stunden). Bei 401-Fehlern oder „Nicht autorisiert“:
|
||||
Tokens expire after some time (typically hours). On 401 errors or "Unauthorized":
|
||||
|
||||
### Option A: Automatisch (Chromium)
|
||||
### Option A: Automatic (Chromium)
|
||||
|
||||
```bash
|
||||
npm run token-refresh
|
||||
```
|
||||
|
||||
Öffnet einen Browser mit drive.internxt.com. Einloggen – die Tokens werden extrahiert und `.env` automatisch aktualisiert. Server neu starten.
|
||||
Opens a browser with drive.internxt.com. Log in – tokens are extracted and `.env` updated automatically. Restart server.
|
||||
|
||||
### Option B: Manuell
|
||||
### Option B: Manual
|
||||
|
||||
1. **[https://drive.internxt.com](https://drive.internxt.com)** öffnen und erneut einloggen
|
||||
2. Token und Mnemonic wie oben (Schritt 2) aus der Console auslesen
|
||||
3. `.env` mit den neuen Werten aktualisieren
|
||||
4. WebDAV-Server neu starten
|
||||
1. Open **[https://drive.internxt.com](https://drive.internxt.com)** and log in again
|
||||
2. Read token and mnemonic from Console as in Step 2 above
|
||||
3. Update `.env` with new values
|
||||
4. Restart WebDAV server
|
||||
|
||||
## Hinweise
|
||||
## Notes
|
||||
|
||||
- **Bridge-API**: Der Download nutzt die Internxt Bridge mit `x-api-version: 2` und den Headern `internxt-version`/`internxt-client`. Ohne diese liefert die Bridge 400.
|
||||
- **Sicherheit**: Mnemonic und Token sind hochsensibel. Nicht in Git committen, `.env` in `.gitignore` belassen.
|
||||
- **Nur für Sie**: Die Tokens sind an Ihre Session gebunden. Für andere Nutzer funktioniert dieser Ansatz nicht.
|
||||
- **Bridge API:** Download uses Internxt Bridge with `x-api-version: 2` and headers `internxt-version`/`internxt-client`. Without these, Bridge returns 400.
|
||||
- **Security:** Mnemonic and token are highly sensitive. Do not commit to Git, keep `.env` in `.gitignore`.
|
||||
- **Personal only:** Tokens are bound to your session. This approach does not work for other users.
|
||||
|
||||
Reference in New Issue
Block a user