mirror of
https://github.com/dutchcoders/transfer.sh.git
synced 2024-11-26 22:20:18 +01:00
ISSUE-92 added http basic auth handler for upload
This commit is contained in:
parent
8a0e3d39f2
commit
baa2fdc86c
4 changed files with 58 additions and 6 deletions
|
@ -59,6 +59,8 @@ force-https | redirect to https | false |
|
||||||
tls-listener | port to use for https (:443) | |
|
tls-listener | port to use for https (:443) | |
|
||||||
tls-cert-file | path to tls certificate | |
|
tls-cert-file | path to tls certificate | |
|
||||||
tls-private-key | path to tls private key | |
|
tls-private-key | path to tls private key | |
|
||||||
|
http-auth-user | user for basic http auth on upload | |
|
||||||
|
http-auth-pass | pass for basic http auth on upload | |
|
||||||
temp-path | path to temp folder | system temp |
|
temp-path | path to temp folder | system temp |
|
||||||
web-path | path to static web files (for development) | |
|
web-path | path to static web files (for development) | |
|
||||||
provider | which storage provider to use | (s3, grdrive or local) |
|
provider | which storage provider to use | (s3, grdrive or local) |
|
||||||
|
|
19
cmd/cmd.go
19
cmd/cmd.go
|
@ -105,13 +105,11 @@ var globalFlags = []cli.Flag{
|
||||||
Name: "gdrive-client-json-filepath",
|
Name: "gdrive-client-json-filepath",
|
||||||
Usage: "",
|
Usage: "",
|
||||||
Value: "",
|
Value: "",
|
||||||
EnvVar: "",
|
|
||||||
},
|
},
|
||||||
cli.StringFlag{
|
cli.StringFlag{
|
||||||
Name: "gdrive-local-config-path",
|
Name: "gdrive-local-config-path",
|
||||||
Usage: "",
|
Usage: "",
|
||||||
Value: "",
|
Value: "",
|
||||||
EnvVar: "",
|
|
||||||
},
|
},
|
||||||
cli.IntFlag{
|
cli.IntFlag{
|
||||||
Name: "rate-limit",
|
Name: "rate-limit",
|
||||||
|
@ -151,6 +149,16 @@ var globalFlags = []cli.Flag{
|
||||||
Name: "profiler",
|
Name: "profiler",
|
||||||
Usage: "enable profiling",
|
Usage: "enable profiling",
|
||||||
},
|
},
|
||||||
|
cli.StringFlag{
|
||||||
|
Name: "http-auth-user",
|
||||||
|
Usage: "user for http basic auth",
|
||||||
|
Value: "",
|
||||||
|
},
|
||||||
|
cli.StringFlag{
|
||||||
|
Name: "http-auth-pass",
|
||||||
|
Usage: "pass for http basic auth",
|
||||||
|
Value: "",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
type Cmd struct {
|
type Cmd struct {
|
||||||
|
@ -232,6 +240,13 @@ func New() *Cmd {
|
||||||
options = append(options, server.ForceHTTPs())
|
options = append(options, server.ForceHTTPs())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if httpAuthUser := c.String("http-auth-user"); httpAuthUser == "" {
|
||||||
|
} else if httpAuthPass := c.String("http-auth-pass"); httpAuthPass == "" {
|
||||||
|
} else {
|
||||||
|
options = append(options, server.HttpAuthCredentials(httpAuthUser, httpAuthPass))
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
switch provider := c.String("provider"); provider {
|
switch provider := c.String("provider"); provider {
|
||||||
case "s3":
|
case "s3":
|
||||||
if accessKey := c.String("aws-access-key"); accessKey == "" {
|
if accessKey := c.String("aws-access-key"); accessKey == "" {
|
||||||
|
|
|
@ -775,3 +775,27 @@ func LoveHandler(h http.Handler) http.HandlerFunc {
|
||||||
h.ServeHTTP(w, r)
|
h.ServeHTTP(w, r)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Server) BasicAuthHandler(h http.Handler) http.HandlerFunc {
|
||||||
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
if s.AuthUser == "" || s.AuthPass == "" {
|
||||||
|
h.ServeHTTP(w, r)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
w.Header().Set("WWW-Authenticate", "Basic realm=\"Restricted\"")
|
||||||
|
|
||||||
|
username, password, authOK := r.BasicAuth()
|
||||||
|
if authOK == false {
|
||||||
|
http.Error(w, "Not authorized", 401)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
if username != s.AuthUser || password != s.AuthPass {
|
||||||
|
http.Error(w, "Not authorized", 401)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
h.ServeHTTP(w, r)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -181,7 +181,18 @@ func TLSConfig(cert, pk string) OptionFn {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
func HttpAuthCredentials(user string, pass string) OptionFn {
|
||||||
|
return func(srvr *Server) {
|
||||||
|
srvr.AuthUser = user
|
||||||
|
srvr.AuthPass = pass
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
type Server struct {
|
type Server struct {
|
||||||
|
AuthUser string
|
||||||
|
AuthPass string
|
||||||
|
|
||||||
tlsConfig *tls.Config
|
tlsConfig *tls.Config
|
||||||
|
|
||||||
profilerEnabled bool
|
profilerEnabled bool
|
||||||
|
@ -317,10 +328,10 @@ func (s *Server) Run() {
|
||||||
|
|
||||||
r.HandleFunc("/{filename}/virustotal", s.virusTotalHandler).Methods("PUT")
|
r.HandleFunc("/{filename}/virustotal", s.virusTotalHandler).Methods("PUT")
|
||||||
r.HandleFunc("/{filename}/scan", s.scanHandler).Methods("PUT")
|
r.HandleFunc("/{filename}/scan", s.scanHandler).Methods("PUT")
|
||||||
r.HandleFunc("/put/{filename}", s.putHandler).Methods("PUT")
|
r.HandleFunc("/put/{filename}", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("PUT")
|
||||||
r.HandleFunc("/upload/{filename}", s.putHandler).Methods("PUT")
|
r.HandleFunc("/upload/{filename}", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("PUT")
|
||||||
r.HandleFunc("/{filename}", s.putHandler).Methods("PUT")
|
r.HandleFunc("/{filename}", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("PUT")
|
||||||
r.HandleFunc("/", s.postHandler).Methods("POST")
|
r.HandleFunc("/", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("POST")
|
||||||
// r.HandleFunc("/{page}", viewHandler).Methods("GET")
|
// r.HandleFunc("/{page}", viewHandler).Methods("GET")
|
||||||
|
|
||||||
r.NotFoundHandler = http.HandlerFunc(s.notFoundHandler)
|
r.NotFoundHandler = http.HandlerFunc(s.notFoundHandler)
|
||||||
|
|
Loading…
Reference in a new issue