diff --git a/main.go b/main.go index d205ff4..214742f 100755 --- a/main.go +++ b/main.go @@ -31,6 +31,7 @@ var ( func main() { fs = args.NewArgSet() fs.Append(args.STRING, "p", "port to serve", "8100") + fs.Append(args.STRING, "u", "user:pass for basic auth", "") fs.Append(args.BOOL, "md", "whether to render markdown as html", true) fs.Append(args.BOOL, "ro", "read only mode", false) fs.Append(args.BOOL, "https", "https only", false) @@ -42,6 +43,7 @@ func main() { } d := fs.Get("d").GetString() + userPass := fs.Get("u").GetString() md := fs.Get("md").GetBool() ro := fs.Get("ro").GetBool() https := fs.Get("https").GetBool() @@ -93,15 +95,15 @@ func main() { } p := strings.TrimPrefix(fs.Get("p").GetString(), ":") - http.Handle("/", http.HandlerFunc(handler(https, ro, d, md, mdCss, mdClass))) + http.Handle("/", http.HandlerFunc(handler(userPass, https, ro, d, md, mdCss, mdClass))) log.Printf("Serving %s on HTTP port: %s\n", d, p) log.Fatal(http.ListenAndServe(":"+p, nil)) } -func handler(https, ro bool, d string, md bool, mdCss, mdClass string) http.HandlerFunc { - return httpsOnly(https, gzip(endpoints(ro, withDel(ro, withMD(d, md, mdCss, mdClass, fserve(d)))))) +func handler(userPass string, https, ro bool, d string, md bool, mdCss, mdClass string) http.HandlerFunc { + return httpsOnly(https, gzip(basicAuth(userPass, endpoints(ro, withDel(ro, withMD(d, md, mdCss, mdClass, fserve(d))))))) } func writeMeta(w http.ResponseWriter) { @@ -122,6 +124,20 @@ func writeForm(w http.ResponseWriter) { `, ENDPOINT_UPLOAD) } +func basicAuth(userPass string, foo http.HandlerFunc) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + if userPass != "" { + u, p, ok := r.BasicAuth() + if !ok || u+":"+p != userPass { + w.Header().Set("WWW-Authenticate", "Basic") + w.WriteHeader(401) + return + } + } + foo(w, r) + } +} + func httpsOnly(https bool, foo http.HandlerFunc) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { if https && r.URL.Scheme != "https" {