added basic auth
This commit is contained in:
parent
6f693d48c1
commit
2ae7923efc
@ -13,6 +13,8 @@ type args struct {
|
|||||||
S3SecretKey string `arg:"--s3-secret-key,required,env:S3_SECRET_KEY" placeholder:"SECRET_KEY"`
|
S3SecretKey string `arg:"--s3-secret-key,required,env:S3_SECRET_KEY" placeholder:"SECRET_KEY"`
|
||||||
S3DisableSSL bool `arg:"--s3-disable-ssl,env:S3_DISABLE_SSL" default:"false"`
|
S3DisableSSL bool `arg:"--s3-disable-ssl,env:S3_DISABLE_SSL" default:"false"`
|
||||||
Address string `arg:"--address,env:ADDRESS" default:":3000" help:"what address to listen on" placeholder:"ADDRESS"`
|
Address string `arg:"--address,env:ADDRESS" default:":3000" help:"what address to listen on" placeholder:"ADDRESS"`
|
||||||
|
APIUsername string `arg:"--api-username,required,env:API_USERNAME" help:"username for API" placeholder:"USERNAME"`
|
||||||
|
APIPassword string `arg:"--api-password,required,env:API_PASSWORD" help:"password for API" placeholder:"PASSWORD"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (args) Version() string {
|
func (args) Version() string {
|
||||||
@ -31,5 +33,7 @@ func main() {
|
|||||||
S3SSL: !args.S3DisableSSL,
|
S3SSL: !args.S3DisableSSL,
|
||||||
S3Bucket: args.S3Bucket,
|
S3Bucket: args.S3Bucket,
|
||||||
Address: args.Address,
|
Address: args.Address,
|
||||||
|
APIUsername: args.APIUsername,
|
||||||
|
APIPassword: args.APIPassword,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|||||||
@ -23,7 +23,7 @@ func Start(config *types.AppConfig) {
|
|||||||
|
|
||||||
client := client.NewClient(db, s3Client)
|
client := client.NewClient(db, s3Client)
|
||||||
|
|
||||||
err = web.StartWebserver(config.Address, *client)
|
err = web.StartWebserver(config.Address, *client, config.APIUsername, config.APIPassword)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.Fatal(err.Error())
|
logrus.Fatal(err.Error())
|
||||||
}
|
}
|
||||||
|
|||||||
@ -12,6 +12,8 @@ type AppConfig struct {
|
|||||||
S3SSL bool
|
S3SSL bool
|
||||||
S3Bucket string
|
S3Bucket string
|
||||||
Address string
|
Address string
|
||||||
|
APIUsername string
|
||||||
|
APIPassword string
|
||||||
}
|
}
|
||||||
|
|
||||||
type Metadata struct {
|
type Metadata struct {
|
||||||
|
|||||||
@ -2,6 +2,7 @@ package web
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"errors"
|
||||||
"io"
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
"strconv"
|
"strconv"
|
||||||
@ -20,7 +21,11 @@ type deleteShare struct {
|
|||||||
Slug string `json:"slug"`
|
Slug string `json:"slug"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func StartWebserver(addr string, client client.Client) error {
|
func StartWebserver(addr string, client client.Client, username, password string) error {
|
||||||
|
if username == "" || password == "" {
|
||||||
|
return errors.New("API username and password must be set")
|
||||||
|
}
|
||||||
|
|
||||||
r := mux.NewRouter()
|
r := mux.NewRouter()
|
||||||
|
|
||||||
r.HandleFunc("/{slug:[a-zA-Z0-9]{6}}", func(w http.ResponseWriter, r *http.Request) {
|
r.HandleFunc("/{slug:[a-zA-Z0-9]{6}}", func(w http.ResponseWriter, r *http.Request) {
|
||||||
@ -53,11 +58,16 @@ func StartWebserver(addr string, client client.Client) error {
|
|||||||
}).Methods("HEAD")
|
}).Methods("HEAD")
|
||||||
|
|
||||||
r.HandleFunc("/api/share", func(w http.ResponseWriter, r *http.Request) {
|
r.HandleFunc("/api/share", func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
if !checkAuth(w, r, username, password) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
}).Methods("GET")
|
}).Methods("GET")
|
||||||
|
|
||||||
r.HandleFunc("/api/share", func(w http.ResponseWriter, r *http.Request) {
|
r.HandleFunc("/api/share", func(w http.ResponseWriter, r *http.Request) {
|
||||||
// TODO: check auth
|
if !checkAuth(w, r, username, password) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
var shareParams createShare
|
var shareParams createShare
|
||||||
err := json.NewDecoder(r.Body).Decode(&shareParams)
|
err := json.NewDecoder(r.Body).Decode(&shareParams)
|
||||||
@ -81,7 +91,9 @@ func StartWebserver(addr string, client client.Client) error {
|
|||||||
}).Methods("POST")
|
}).Methods("POST")
|
||||||
|
|
||||||
r.HandleFunc("/api/share", func(w http.ResponseWriter, r *http.Request) {
|
r.HandleFunc("/api/share", func(w http.ResponseWriter, r *http.Request) {
|
||||||
//TODO: check auth
|
if !checkAuth(w, r, username, password) {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
var shareParams deleteShare
|
var shareParams deleteShare
|
||||||
err := json.NewDecoder(r.Body).Decode(&shareParams)
|
err := json.NewDecoder(r.Body).Decode(&shareParams)
|
||||||
@ -136,3 +148,18 @@ func getShareHead(client client.Client, w http.ResponseWriter, r *http.Request)
|
|||||||
|
|
||||||
return share
|
return share
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func checkAuth(w http.ResponseWriter, r *http.Request, username, password string) bool {
|
||||||
|
username, password, ok := r.BasicAuth()
|
||||||
|
if !ok {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
if username != username || password != password {
|
||||||
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user