Stowage/rest-server
2
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-10-19 07:33:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

basic auth

Browse source
This commit is contained in:
Chapuis Bertil 2015-08-25 11:35:49 +02:00
parent 59621ca2d6
commit 5c4323a168
5 changed files with 52 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

23
auth.go
View file

@ -1,9 +1,28 @@
package main
import (
"errors"
"net/http"
)
func Authorize(r *http.Request) bool {
return true
func Authorize(r *http.Request) error {
username, password, ok := r.BasicAuth()
if !ok {
return errors.New("malformed basic auth credentials")
}
repo, err := RepositoryName(r.RequestURI)
if err != nil {
return err
}
if username != "user" || password != "pass" {
return errors.New("unknown user")
}
if username != repo {
return errors.New("unauthorized")
}
return nil
}

11
handlers.go
View file

@ -84,7 +84,7 @@ func ListBlob(w http.ResponseWriter, r *http.Request, c *Context) {
return
}
bt := BackendType(uri)
if bt.IsNull() {
if string(bt) == "" {
http.NotFound(w, r)
return
}
@ -114,7 +114,7 @@ func HeadBlob(w http.ResponseWriter, r *http.Request, c *Context) {
return
}
bt := BackendType(uri)
if bt.IsNull() {
if string(bt) == "" {
http.NotFound(w, r)
return
}
@ -142,7 +142,7 @@ func GetBlob(w http.ResponseWriter, r *http.Request, c *Context) {
return
}
bt := BackendType(uri)
if bt.IsNull() {
if string(bt) == "" {
http.NotFound(w, r)
return
}
@ -172,7 +172,7 @@ func PostBlob(w http.ResponseWriter, r *http.Request, c *Context) {
return
}
bt := BackendType(uri)
if bt.IsNull() {
if string(bt) == "" {
http.NotFound(w, r)
return
}
@ -191,6 +191,7 @@ func PostBlob(w http.ResponseWriter, r *http.Request, c *Context) {
http.NotFound(w, r)
return
}
w.WriteHeader(201)
}
func DeleteBlob(w http.ResponseWriter, r *http.Request, c *Context) {
@ -206,7 +207,7 @@ func DeleteBlob(w http.ResponseWriter, r *http.Request, c *Context) {
return
}
bt := BackendType(uri)
if bt.IsNull() {
if string(bt) == "" {
http.NotFound(w, r)
return
}

3
repository.go
View file

@ -1,6 +1,7 @@
package main
import (
"io"
"io/ioutil"
"os"
"path/filepath"
@ -74,7 +75,7 @@ func (r *Repository) HasBlob(bt backend.Type, id backend.ID) bool {
return true
}
func (r *Repository) ReadBlob(bt backend.Type, id backend.ID) (*os.File, error) {
func (r *Repository) ReadBlob(bt backend.Type, id backend.ID) (io.ReadSeeker, error) {
file := filepath.Join(r.path, string(bt), id.String())
f, err := os.Open(file)
if err != nil {

6
router.go
View file

@ -18,14 +18,14 @@ func (router Router) ServeHTTP(w http.ResponseWriter, r *http.Request) {
log.Printf("%s %s", m, u)
if Authorize(r) {
if err := Authorize(r); err == nil {
if handler := RestAPI(m, u); handler != nil {
handler(w, r, &router.Context)
} else {
http.Error(w, "not found", 404)
}
} else {
http.Error(w, "unauthorized", 403)
http.Error(w, err.Error(), 403)
}
}
@ -54,7 +54,7 @@ func RestAPI(m string, u string) Handler {
// Route blob requests
id := BlobID(u)
if len(s) == 4 && !bt.IsNull() && bt != backend.Config {
if len(s) == 4 && string(bt) != "" && bt != backend.Config {
if s[3] == "" && m == "GET" {
return ListBlob
} else if !id.IsNull() {

21
variables.go
View file

@ -33,11 +33,30 @@ func BackendType(u string) backend.Type {
s := strings.Split(u, "/")
var bt backend.Type
if len(s) > 2 {
bt, _ = backend.ParseType(s[2])
bt = parseBackendType(s[2])
}
return bt
}
func parseBackendType(u string) backend.Type {
switch u {
case string(backend.Config):
return backend.Config
case string(backend.Data):
return backend.Data
case string(backend.Snapshot):
return backend.Snapshot
case string(backend.Key):
return backend.Key
case string(backend.Index):
return backend.Index
case string(backend.Lock):
return backend.Lock
default:
return ""
}
}
// Returns the blob ID for a given path
func BlobID(u string) backend.ID {
s := strings.Split(u, "/")