local
/
entropy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

stupid basic auth

master
Bel LaPointe 2020-05-12 06:31:16 -06:00
parent 433e47e3f5
commit e1ee647767
5 changed files with 55 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
cookie.go Normal file
View File

@ -0,0 +1,23 @@
package main
import (
"net/http"
"time"
)
func getCookie(r *http.Request, k string) string {
c, err := r.Cookie(k)
if err != nil {
return ""
}
return c.Value
}
func setCookie(w *http.ResponseWriter, k, v string) {
http.SetCookie(*w, &http.Cookie{
Name: k,
Value: v,
MaxAge: int(time.Now().Unix() + int64(60*60*24)),
Secure: true,
})
}

1
pool.go
View File

@ -19,6 +19,7 @@ func NewPool() *Pool {
} }
func (p *Pool) Broadcast(mt int, r io.Reader) error { func (p *Pool) Broadcast(mt int, r io.Reader) error {
// io.MultiWriter exists but I like this
b, err := ioutil.ReadAll(r) b, err := ioutil.ReadAll(r)
if err != nil { if err != nil {
return err return err

2
public/index.html
View File

@ -18,7 +18,7 @@
border: 1px solid black; border: 1px solid black;
display: inline-block; display: inline-block;
} }
#preview { display: none; } #preview { display: block; max-width: 150px; position: absolute; top: 0; right: 0; z-index: 1; }
</style> </style>
</head> </head>

33
server.go
View File

@ -1,26 +1,39 @@
package main package main
import ( import (
"fmt"
"log" "log"
"net/http" "net/http"
"os" "os"
"path" "path"
"time"
"github.com/google/uuid"
"golang.org/x/time/rate"
) )
type Server struct { type Server struct {
fs http.Handler fs http.Handler
ws *WS ws *WS
limiter *rate.Limiter
uuid string
} }
func New() *Server { func New() *Server {
fs := http.FileServer(http.Dir(config().GetString("d"))) fs := http.FileServer(http.Dir(config().GetString("d")))
return &Server{ return &Server{
fs: fs, fs: fs,
ws: NewWS(), ws: NewWS(),
limiter: rate.NewLimiter(rate.Every(time.Second), 2),
uuid: uuid.New().String(),
} }
} }
func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if !s.Authorize(w, r) {
return
}
log.Println("ext", path.Ext(r.URL.Path)) log.Println("ext", path.Ext(r.URL.Path))
if path.Ext(r.URL.Path) != "" { if path.Ext(r.URL.Path) != "" {
s.fs.ServeHTTP(w, r) s.fs.ServeHTTP(w, r)
@ -30,3 +43,15 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
s.fs.ServeHTTP(w, r) s.fs.ServeHTTP(w, r)
} }
} }
func (s *Server) Authorize(w http.ResponseWriter, r *http.Request) bool {
if u, p, ok := r.BasicAuth(); !ok || u != "Q" || p != "Q" {
s.limiter.Wait(r.Context())
w.Header().Set("WWW-Authenticate", fmt.Sprintf("Basic realm=%q", r.Host))
w.Header().Set("Content-Type", "text/plain")
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte("Unauthorized"))
return false
}
return true
}

3
ws.go
View File

@ -3,7 +3,6 @@ package main
import ( import (
"log" "log"
"net/http" "net/http"
"strings"
"sync" "sync"
"github.com/google/uuid" "github.com/google/uuid"
@ -34,7 +33,7 @@ func (ws *WS) ServeHTTP(w http.ResponseWriter, r *http.Request) {
} }
func (ws *WS) serveHTTP(w http.ResponseWriter, r *http.Request) error { func (ws *WS) serveHTTP(w http.ResponseWriter, r *http.Request) error {
id := strings.Split(r.Header.Get("Cookie"), "=")[1] id := getCookie(r, "id")
if len(id) == 0 { if len(id) == 0 {
id = uuid.New().String() id = uuid.New().String()
} }