Add the ability to disable http auth.
While here use better names fofr the flags
This commit is contained in:
parent
723e91e05d
commit
769dac74ea
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
widdler
|
widdler
|
||||||
|
.htpasswd
|
||||||
|
14
main.go
14
main.go
@ -29,6 +29,7 @@ var tiddly embed.FS
|
|||||||
var (
|
var (
|
||||||
davDir string
|
davDir string
|
||||||
listen string
|
listen string
|
||||||
|
auth bool
|
||||||
passPath string
|
passPath string
|
||||||
users map[string]string
|
users map[string]string
|
||||||
)
|
)
|
||||||
@ -40,9 +41,10 @@ func init() {
|
|||||||
log.Fatalln(err)
|
log.Fatalln(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
flag.StringVar(&davDir, "davdir", dir, "Directory to serve over WebDAV.")
|
flag.StringVar(&davDir, "wikis", dir, "Directory of TiddlyWikis to serve over WebDAV.")
|
||||||
flag.StringVar(&listen, "http", "127.0.0.1:8080", "Listen on")
|
flag.StringVar(&listen, "http", "127.0.0.1:8080", "Listen on")
|
||||||
flag.StringVar(&passPath, "htpass", fmt.Sprintf("%s/.htpasswd", dir), "Path to .htpasswd file..")
|
flag.StringVar(&passPath, "htpass", fmt.Sprintf("%s/.htpasswd", dir), "Path to .htpasswd file..")
|
||||||
|
flag.BoolVar(&auth, "auth", true, "Enable HTTP Basic Authentication.")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
// These are OpenBSD specific protections used to prevent unnecessary file access.
|
// These are OpenBSD specific protections used to prevent unnecessary file access.
|
||||||
@ -52,6 +54,13 @@ func init() {
|
|||||||
_ = protect.Unveil("/etc/resolv.conf", "r")
|
_ = protect.Unveil("/etc/resolv.conf", "r")
|
||||||
_ = protect.Pledge("stdio wpath rpath cpath inet dns")
|
_ = protect.Pledge("stdio wpath rpath cpath inet dns")
|
||||||
|
|
||||||
|
_, fErr := os.Stat(passPath)
|
||||||
|
if os.IsNotExist(fErr) {
|
||||||
|
if auth {
|
||||||
|
fmt.Println("No .htpasswd file found!")
|
||||||
|
os.Exit(1)
|
||||||
|
}
|
||||||
|
} else {
|
||||||
p, err := os.Open(passPath)
|
p, err := os.Open(passPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
@ -71,6 +80,7 @@ func init() {
|
|||||||
for _, parts := range entries {
|
for _, parts := range entries {
|
||||||
users[parts[0]] = parts[1]
|
users[parts[0]] = parts[1]
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func authenticate(user string, pass string) bool {
|
func authenticate(user string, pass string) bool {
|
||||||
@ -128,12 +138,14 @@ func main() {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if auth {
|
||||||
user, pass, ok := r.BasicAuth()
|
user, pass, ok := r.BasicAuth()
|
||||||
if !(ok && authenticate(user, pass)) {
|
if !(ok && authenticate(user, pass)) {
|
||||||
w.Header().Set("WWW-Authenticate", `Basic realm="davfs"`)
|
w.Header().Set("WWW-Authenticate", `Basic realm="davfs"`)
|
||||||
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
//wdav.Prefix = user
|
//wdav.Prefix = user
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user