BasicAuth Login/Logout eingebaut

2020-01-20 15:56:39 +01:00 · 2020-01-20 15:56:39 +01:00 · d7e91ebdba
commit d7e91ebdba
parent fa880cdaed
4 changed files with 59 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -17,7 +17,9 @@ Eine `config.json` könnte z.B. wie folgt aussehen:
    "Host":"http://127.0.0.1",
    "Port":"8000",
    "DataPath":"./data",
-    "DataPathFTS":"./FTSData"
+    "DataPathFTS":"./FTSData",
+    "WebUser":"admin",
+    "WebPasswd":"pwd"
 }
 ```

--- a/config.json
+++ b/config.json
@ -2,5 +2,7 @@
    "Host":"http://127.0.0.1",
    "Port":"8000",
    "DataPath":"./data",
-    "DataPathFTS":"./FTSData"
+    "DataPathFTS":"./FTSData",
+    "WebUser":"",
+    "WebPasswd":""
 }
--- a/main.go
+++ b/main.go
@ -2,6 +2,7 @@ package main

 import (
 	"bufio"
+	"crypto/subtle"
 	"encoding/json"
 	"fmt"
 	"html/template"
@ -29,6 +30,8 @@ type Configuration struct {
 	Port        string
 	DataPath    string
 	DataPathFTS string
+	WebUser     string
+	WebPasswd   string
 }

 // our main function
@ -131,12 +134,12 @@ func main() {
 	*/

 	router := mux.NewRouter()
-	router.HandleFunc("/_api/md/{pagename:.*}", getRawPage).Methods("GET")
-	router.HandleFunc("/_api/pdf/{pagename:.*}", getPDFPage).Methods("GET")
-	router.HandleFunc("/_api/pinfo/{pagename:.*}", getPageInfo).Methods("GET")
-	router.HandleFunc("/_api/fts/{searchterm:.*}", getFTS).Methods("GET")
-	router.HandleFunc("/{pagename:.*}", getHTMLPage).Methods("GET")
-	router.HandleFunc("/{pagename:.*}", postHTMLPage).Methods("POST")
+	router.HandleFunc("/_api/md/{pagename:.*}", basicAuth(getRawPage)).Methods("GET")
+	router.HandleFunc("/_api/pdf/{pagename:.*}", basicAuth(getPDFPage)).Methods("GET")
+	router.HandleFunc("/_api/pinfo/{pagename:.*}", basicAuth(getPageInfo)).Methods("GET")
+	router.HandleFunc("/_api/fts/{searchterm:.*}", basicAuth(getFTS)).Methods("GET")
+	router.HandleFunc("/{pagename:.*}", basicAuth(getHTMLPage)).Methods("GET")
+	router.HandleFunc("/{pagename:.*}", basicAuth(postHTMLPage)).Methods("POST")

 	log.Fatal(http.ListenAndServe(":"+config.Port, router))

@ -327,6 +330,27 @@ func getPageInfo(w http.ResponseWriter, r *http.Request) {
 	json.NewEncoder(w).Encode(data)
 }

+func basicAuth(handler http.HandlerFunc) http.HandlerFunc {
+
+	return func(w http.ResponseWriter, r *http.Request) {
+		if config.WebUser == "" && config.WebPasswd == "" {
+			handler(w, r)
+			return
+		}
+
+		user, pass, ok := r.BasicAuth()
+
+		if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(config.WebUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(config.WebPasswd)) != 1 {
+			w.Header().Set("WWW-Authenticate", `Basic realm="Login GoWiki"`)
+			w.WriteHeader(401)
+			w.Write([]byte("Unauthorised.\n"))
+			return
+		}
+
+		handler(w, r)
+	}
+}
+
 //--------------------------------------------------------------------------
 // Typen
 //--------------------------------------------------------------------------
@ -369,7 +393,7 @@ func directoryExists(filename string) bool {

 func readConfig(filename string) *Configuration {
 	// initialize conf with default values.
-	conf := &Configuration{Host: "http://127.0.0.1", Port: "8000", DataPath: "./data", DataPathFTS: ""}
+	conf := &Configuration{Host: "http://127.0.0.1", Port: "8000", DataPath: "./data", DataPathFTS: "", WebUser: "", WebPasswd: ""}

 	b, err := ioutil.ReadFile("./config.json")
 	if err != nil {
--- a/web/index.html
+++ b/web/index.html
@ -124,6 +124,7 @@ mark {
            <li id="btnPreviewpage"><a href="#" onclick="PreviewPage()">Preview</a></li>
            <li id="btnSavepage"><a href="#" onclick="SavePage()">Save</a></li>
            <li id="btnPDFgen"><a href="#" onclick="PDFGen()">PDF</a></li>
+            <li id="btnPDFgen"><a href="#" onclick="Logout()">Logout</a></li>
          </ul>
          <form class="navbar-form nav navbar-nav navbar-right" role="search">
            <div class="input-group">
@ -370,6 +371,27 @@ mark {
          });
        }

+        function Logout(){
+          try {
+            // Hack for Firefox/Chrome
+            $.ajax({
+                url: "/",
+                username: 'reset',
+                password: 'reset',
+                // If the return is 401, refresh the page to request new details.
+                statusCode: { 401: function() {
+                    location.reload();
+                    }
+                }
+            });
+        } catch (exception) {
+            // Hack for IE only
+            if (!document.execCommand("ClearAuthenticationCache")) {
+                document.location = "http://reset:reset@" + document.location.hostname + document.location.pathname;
+                location.reload();
+            }
+        }
+        }
    </script>
  <script>
 	//--------------------------------------------------------------------------