Skip to content
This repository was archived by the owner on Sep 23, 2021. It is now read-only.

#14 Optional basic auth #16

Merged
merged 2 commits into from
Nov 12, 2017
Merged

#14 Optional basic auth #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e7112ad
Add basic auth middleware
msoedov Nov 12, 2017
cb7ee99
Update readme with basic auth
msoedov Nov 12, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 16 additions & 1 deletion Readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ This repo is a reworked version of [Sandstorm Hacker Slides](https://github.com/
- Pdf print
- [Demo version](https://murmuring-sierra-54081.herokuapp.com)
- Tiny 10 Mb docker image
- Optional Basic auth


| Edit mode | Published |
Expand Down Expand Up @@ -45,9 +46,23 @@ And then you can just open [http://127.0.0.1:8080](http://127.0.0.1:8080) and it
Run with docker

```shell
docker run -it -p 8080:8080 -v $(pwd)/slides:/app/slides msoedov/hacker-slides
docker run -it -p 8080:8080 -v $(pwd)/slides:/app/slides msoedov/hacker-slides
```

Basic auth (disabled by default)
```shell
USER=bob PASSWORD=password1 go run main.go
[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
- using env: export GIN_MODE=release
- using code: gin.SetMode(gin.ReleaseMode)

WARN[0000] Auth mode enabled
WARN[0000] Visit http://bob:password1@0.0.0.0:8080
```

```shell
docker run -it -p 8080:8080 -e USER=bob -e PASSWORD=password1 -v $(pwd)/slides:/app/slides msoedov/hacker-slides
```

Getting Help
------------
Expand Down
48 changes: 48 additions & 0 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,12 @@
package main

import (
"encoding/base64"
"errors"
"fmt"
"io/ioutil"
"os"
"strconv"
"strings"

log "github.com/Sirupsen/logrus"
Expand All @@ -15,12 +17,58 @@ import (

const sessionHeader = "slide-session"

func Header(c *gin.Context, key string) string {
if values, _ := c.Request.Header[key]; len(values) > 0 {
return values[0]
}
return ""
}

func BasicAuth() gin.HandlerFunc {
realm := "Authorization Required"
realm = "Basic realm=" + strconv.Quote(realm)
user := os.Getenv("USER")
password := os.Getenv("PASSWORD")
enabled := isEnabled(user, password)
if enabled {
log.Warn("Auth mode enabled")
log.Warn(fmt.Sprintf("Visit http://%s:%s@0.0.0.0:8080", user, password))
}
return func(c *gin.Context) {
header := Header(c, "Authorization")
if enabled && header != authorizationHeader(user, password) {
// Credentials doesn't match, we return 401 and abort handlers chain.
c.Header("WWW-Authenticate", realm)
c.AbortWithStatus(401)
return
}
c.Next()
}
}

func isEnabled(user, password string) bool {
switch {
case user == "":
return false
case password == "":
return false
default:
return true
}
}

func authorizationHeader(user, password string) string {
base := user + ":" + password
return "Basic " + base64.StdEncoding.EncodeToString([]byte(base))
}

func NewApp() *gin.Engine {

r := gin.Default()

store := sessions.NewCookieStore([]byte("secret"))
r.Use(sessions.Sessions(sessionHeader, store))
r.Use(BasicAuth())

r.LoadHTMLGlob("templates/*.tmpl")
r.Static("/static", "./static")
Expand Down