Sven/GoWiki
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

BasicAuth Login/Logout eingebaut

Browse Source
This commit is contained in:
Sven Schmalle 2020-01-20 15:56:39 +01:00
parent fa880cdaed
commit d7e91ebdba
4 changed files with 59 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -17,7 +17,9 @@ Eine `config.json` könnte z.B. wie folgt aussehen:
"Host":"http://127.0.0.1", "Host":"http://127.0.0.1",
"Port":"8000", "Port":"8000",
"DataPath":"./data", "DataPath":"./data",
"DataPathFTS":"./FTSData" "DataPathFTS":"./FTSData",
"WebUser":"admin",
"WebPasswd":"pwd"
} }
``` ```

4
config.json
View File

@ -2,5 +2,7 @@
"Host":"http://127.0.0.1", "Host":"http://127.0.0.1",
"Port":"8000", "Port":"8000",
"DataPath":"./data", "DataPath":"./data",
"DataPathFTS":"./FTSData" "DataPathFTS":"./FTSData",
"WebUser":"",
"WebPasswd":""
} }

38
main.go
View File

@ -2,6 +2,7 @@ package main
import ( import (
"bufio" "bufio"
"crypto/subtle"
"encoding/json" "encoding/json"
"fmt" "fmt"
"html/template" "html/template"
@ -29,6 +30,8 @@ type Configuration struct {
Port string Port string
DataPath string DataPath string
DataPathFTS string DataPathFTS string
WebUser string
WebPasswd string
} }
// our main function // our main function
@ -131,12 +134,12 @@ func main() {
*/ */
router := mux.NewRouter() router := mux.NewRouter()
router.HandleFunc("/_api/md/{pagename:.*}", getRawPage).Methods("GET") router.HandleFunc("/_api/md/{pagename:.*}", basicAuth(getRawPage)).Methods("GET")
router.HandleFunc("/_api/pdf/{pagename:.*}", getPDFPage).Methods("GET") router.HandleFunc("/_api/pdf/{pagename:.*}", basicAuth(getPDFPage)).Methods("GET")
router.HandleFunc("/_api/pinfo/{pagename:.*}", getPageInfo).Methods("GET") router.HandleFunc("/_api/pinfo/{pagename:.*}", basicAuth(getPageInfo)).Methods("GET")
router.HandleFunc("/_api/fts/{searchterm:.*}", getFTS).Methods("GET") router.HandleFunc("/_api/fts/{searchterm:.*}", basicAuth(getFTS)).Methods("GET")
router.HandleFunc("/{pagename:.*}", getHTMLPage).Methods("GET") router.HandleFunc("/{pagename:.*}", basicAuth(getHTMLPage)).Methods("GET")
router.HandleFunc("/{pagename:.*}", postHTMLPage).Methods("POST") router.HandleFunc("/{pagename:.*}", basicAuth(postHTMLPage)).Methods("POST")
log.Fatal(http.ListenAndServe(":"+config.Port, router)) log.Fatal(http.ListenAndServe(":"+config.Port, router))
@ -327,6 +330,27 @@ func getPageInfo(w http.ResponseWriter, r *http.Request) {
json.NewEncoder(w).Encode(data) json.NewEncoder(w).Encode(data)
} }
func basicAuth(handler http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if config.WebUser == "" && config.WebPasswd == "" {
handler(w, r)
return
}
user, pass, ok := r.BasicAuth()
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(config.WebUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(config.WebPasswd)) != 1 {
w.Header().Set("WWW-Authenticate", `Basic realm="Login GoWiki"`)
w.WriteHeader(401)
w.Write([]byte("Unauthorised.\n"))
return
}
handler(w, r)
}
}
//-------------------------------------------------------------------------- //--------------------------------------------------------------------------
// Typen // Typen
//-------------------------------------------------------------------------- //--------------------------------------------------------------------------
@ -369,7 +393,7 @@ func directoryExists(filename string) bool {
func readConfig(filename string) *Configuration { func readConfig(filename string) *Configuration {
// initialize conf with default values. // initialize conf with default values.
conf := &Configuration{Host: "http://127.0.0.1", Port: "8000", DataPath: "./data", DataPathFTS: ""} conf := &Configuration{Host: "http://127.0.0.1", Port: "8000", DataPath: "./data", DataPathFTS: "", WebUser: "", WebPasswd: ""}
b, err := ioutil.ReadFile("./config.json") b, err := ioutil.ReadFile("./config.json")
if err != nil { if err != nil {

22
web/index.html
View File

@ -124,6 +124,7 @@ mark {
<li id="btnPreviewpage"><a href="#" onclick="PreviewPage()">Preview</a></li> <li id="btnPreviewpage"><a href="#" onclick="PreviewPage()">Preview</a></li>
<li id="btnSavepage"><a href="#" onclick="SavePage()">Save</a></li> <li id="btnSavepage"><a href="#" onclick="SavePage()">Save</a></li>
<li id="btnPDFgen"><a href="#" onclick="PDFGen()">PDF</a></li> <li id="btnPDFgen"><a href="#" onclick="PDFGen()">PDF</a></li>
<li id="btnPDFgen"><a href="#" onclick="Logout()">Logout</a></li>
</ul> </ul>
<form class="navbar-form nav navbar-nav navbar-right" role="search"> <form class="navbar-form nav navbar-nav navbar-right" role="search">
<div class="input-group"> <div class="input-group">
@ -370,6 +371,27 @@ mark {
}); });
} }
function Logout(){
try {
// Hack for Firefox/Chrome
$.ajax({
url: "/",
username: 'reset',
password: 'reset',
// If the return is 401, refresh the page to request new details.
statusCode: { 401: function() {
location.reload();
}
}
});
} catch (exception) {
// Hack for IE only
if (!document.execCommand("ClearAuthenticationCache")) {
document.location = "http://reset:reset@" + document.location.hostname + document.location.pathname;
location.reload();
}
}
}
</script> </script>
<script> <script>
//-------------------------------------------------------------------------- //--------------------------------------------------------------------------