@@ -59,6 +59,8 @@ force-https | redirect to https | false | | |||||
tls-listener | port to use for https (:443) | | | tls-listener | port to use for https (:443) | | | ||||
tls-cert-file | path to tls certificate | | | tls-cert-file | path to tls certificate | | | ||||
tls-private-key | path to tls private key | | | tls-private-key | path to tls private key | | | ||||
http-auth-user | user for basic http auth on upload | | | |||||
http-auth-pass | pass for basic http auth on upload | | | |||||
temp-path | path to temp folder | system temp | | temp-path | path to temp folder | system temp | | ||||
web-path | path to static web files (for development) | | | web-path | path to static web files (for development) | | | ||||
provider | which storage provider to use | (s3, grdrive or local) | | provider | which storage provider to use | (s3, grdrive or local) | | ||||
@@ -105,13 +105,11 @@ var globalFlags = []cli.Flag{ | |||||
Name: "gdrive-client-json-filepath", | Name: "gdrive-client-json-filepath", | ||||
Usage: "", | Usage: "", | ||||
Value: "", | Value: "", | ||||
EnvVar: "", | |||||
}, | }, | ||||
cli.StringFlag{ | cli.StringFlag{ | ||||
Name: "gdrive-local-config-path", | Name: "gdrive-local-config-path", | ||||
Usage: "", | Usage: "", | ||||
Value: "", | Value: "", | ||||
EnvVar: "", | |||||
}, | }, | ||||
cli.IntFlag{ | cli.IntFlag{ | ||||
Name: "rate-limit", | Name: "rate-limit", | ||||
@@ -151,6 +149,16 @@ var globalFlags = []cli.Flag{ | |||||
Name: "profiler", | Name: "profiler", | ||||
Usage: "enable profiling", | Usage: "enable profiling", | ||||
}, | }, | ||||
cli.StringFlag{ | |||||
Name: "http-auth-user", | |||||
Usage: "user for http basic auth", | |||||
Value: "", | |||||
}, | |||||
cli.StringFlag{ | |||||
Name: "http-auth-pass", | |||||
Usage: "pass for http basic auth", | |||||
Value: "", | |||||
}, | |||||
} | } | ||||
type Cmd struct { | type Cmd struct { | ||||
@@ -232,6 +240,13 @@ func New() *Cmd { | |||||
options = append(options, server.ForceHTTPs()) | options = append(options, server.ForceHTTPs()) | ||||
} | } | ||||
if httpAuthUser := c.String("http-auth-user"); httpAuthUser == "" { | |||||
} else if httpAuthPass := c.String("http-auth-pass"); httpAuthPass == "" { | |||||
} else { | |||||
options = append(options, server.HttpAuthCredentials(httpAuthUser, httpAuthPass)) | |||||
} | |||||
switch provider := c.String("provider"); provider { | switch provider := c.String("provider"); provider { | ||||
case "s3": | case "s3": | ||||
if accessKey := c.String("aws-access-key"); accessKey == "" { | if accessKey := c.String("aws-access-key"); accessKey == "" { | ||||
@@ -775,3 +775,27 @@ func LoveHandler(h http.Handler) http.HandlerFunc { | |||||
h.ServeHTTP(w, r) | h.ServeHTTP(w, r) | ||||
} | } | ||||
} | } | ||||
func (s *Server) BasicAuthHandler(h http.Handler) http.HandlerFunc { | |||||
return func(w http.ResponseWriter, r *http.Request) { | |||||
if s.AuthUser == "" || s.AuthPass == "" { | |||||
h.ServeHTTP(w, r) | |||||
return | |||||
} | |||||
w.Header().Set("WWW-Authenticate", "Basic realm=\"Restricted\"") | |||||
username, password, authOK := r.BasicAuth() | |||||
if authOK == false { | |||||
http.Error(w, "Not authorized", 401) | |||||
return | |||||
} | |||||
if username != s.AuthUser || password != s.AuthPass { | |||||
http.Error(w, "Not authorized", 401) | |||||
return | |||||
} | |||||
h.ServeHTTP(w, r) | |||||
} | |||||
} |
@@ -181,7 +181,18 @@ func TLSConfig(cert, pk string) OptionFn { | |||||
} | } | ||||
} | } | ||||
func HttpAuthCredentials(user string, pass string) OptionFn { | |||||
return func(srvr *Server) { | |||||
srvr.AuthUser = user | |||||
srvr.AuthPass = pass | |||||
} | |||||
} | |||||
type Server struct { | type Server struct { | ||||
AuthUser string | |||||
AuthPass string | |||||
tlsConfig *tls.Config | tlsConfig *tls.Config | ||||
profilerEnabled bool | profilerEnabled bool | ||||
@@ -317,10 +328,10 @@ func (s *Server) Run() { | |||||
r.HandleFunc("/{filename}/virustotal", s.virusTotalHandler).Methods("PUT") | r.HandleFunc("/{filename}/virustotal", s.virusTotalHandler).Methods("PUT") | ||||
r.HandleFunc("/{filename}/scan", s.scanHandler).Methods("PUT") | r.HandleFunc("/{filename}/scan", s.scanHandler).Methods("PUT") | ||||
r.HandleFunc("/put/{filename}", s.putHandler).Methods("PUT") | |||||
r.HandleFunc("/upload/{filename}", s.putHandler).Methods("PUT") | |||||
r.HandleFunc("/{filename}", s.putHandler).Methods("PUT") | |||||
r.HandleFunc("/", s.postHandler).Methods("POST") | |||||
r.HandleFunc("/put/{filename}", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("PUT") | |||||
r.HandleFunc("/upload/{filename}", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("PUT") | |||||
r.HandleFunc("/{filename}", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("PUT") | |||||
r.HandleFunc("/", s.BasicAuthHandler(http.HandlerFunc(s.putHandler))).Methods("POST") | |||||
// r.HandleFunc("/{page}", viewHandler).Methods("GET") | // r.HandleFunc("/{page}", viewHandler).Methods("GET") | ||||
r.NotFoundHandler = http.HandlerFunc(s.notFoundHandler) | r.NotFoundHandler = http.HandlerFunc(s.notFoundHandler) | ||||