mirror of https://github.com/vector-im/riot-web
rageshake: Add file server with basic auth
Set via environment variables on startup.pull/3169/head
parent
b080e5797b
commit
64eb1f08a9
|
@ -1,12 +1,13 @@
|
||||||
// Run a web server capable of dumping bug reports sent by Riot.
|
// Run a web server capable of dumping bug reports sent by Riot.
|
||||||
// Requires Go 1.5+
|
// Requires Go 1.5+
|
||||||
// Usage: go run rageshake.go PORT
|
// Usage: BUGS_USER=user BUGS_PASS=password go run rageshake.go PORT
|
||||||
// Example: go run rageshake.go 8080
|
// Example: BUGS_USER=alice BUGS_PASS=secret go run rageshake.go 8080
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"compress/gzip"
|
"compress/gzip"
|
||||||
|
"crypto/subtle"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
@ -61,6 +62,22 @@ func gzipAndSave(data []byte, dirname, fpath string) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func basicAuth(handler http.Handler, username, password, realm string) http.Handler {
|
||||||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
user, pass, ok := r.BasicAuth() // pull creds from the request
|
||||||
|
|
||||||
|
// check user and pass securely
|
||||||
|
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(password)) != 1 {
|
||||||
|
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
|
||||||
|
w.WriteHeader(401)
|
||||||
|
w.Write([]byte("Unauthorised.\n"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
handler.ServeHTTP(w, r)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
http.HandleFunc("/api/submit", func(w http.ResponseWriter, req *http.Request) {
|
http.HandleFunc("/api/submit", func(w http.ResponseWriter, req *http.Request) {
|
||||||
if req.Method != "POST" && req.Method != "OPTIONS" {
|
if req.Method != "POST" && req.Method != "OPTIONS" {
|
||||||
|
@ -110,6 +127,20 @@ func main() {
|
||||||
// Make sure bugs directory exists
|
// Make sure bugs directory exists
|
||||||
_ = os.Mkdir("bugs", os.ModePerm)
|
_ = os.Mkdir("bugs", os.ModePerm)
|
||||||
|
|
||||||
|
// serve files under "bugs"
|
||||||
|
fs := http.FileServer(http.Dir("bugs"))
|
||||||
|
fs = http.StripPrefix("/api/listing/", fs)
|
||||||
|
|
||||||
|
// set auth if env vars exist
|
||||||
|
usr := os.Getenv("BUGS_USER")
|
||||||
|
pass := os.Getenv("BUGS_PASS")
|
||||||
|
if usr == "" || pass == "" {
|
||||||
|
fmt.Println("BUGS_USER and BUGS_PASS env vars not found. No authentication is running for /api/listing")
|
||||||
|
} else {
|
||||||
|
fs = basicAuth(fs, usr, pass, "Enter username and password")
|
||||||
|
}
|
||||||
|
http.Handle("/api/listing/", fs)
|
||||||
|
|
||||||
port := os.Args[1]
|
port := os.Args[1]
|
||||||
log.Fatal(http.ListenAndServe(":"+port, nil))
|
log.Fatal(http.ListenAndServe(":"+port, nil))
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue