Stowage/rest-server
2
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-10-19 07:33:21 +00:00
Code Issues Projects Releases Packages Wiki Activity

Metrics: require user 'metrics' for private repo mode

Browse source 
To match previous behaviour, require username 'metrics' when private
repo mode is enabled.
This commit is contained in:
Konrad Wojas 2021-01-07 14:36:33 +08:00 committed by Alexander Neumann
parent aef955c513
commit e3b1c5d612
1 changed files with 8 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

11
mux.go
View file

@ -45,9 +45,14 @@ func (s *Server) checkAuth(r *http.Request) (username string, ok bool) {
return username, true
}
func (s *Server) wrapAuth(f http.HandlerFunc) http.HandlerFunc {
func (s *Server) wrapMetricsAuth(f http.HandlerFunc) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if _, ok := s.checkAuth(r); !ok {
username, ok := s.checkAuth(r)
if !ok {
httpDefaultError(w, http.StatusUnauthorized)
return
}
if s.PrivateRepos && username != "metrics" {
httpDefaultError(w, http.StatusUnauthorized)
return
}
@ -80,7 +85,7 @@ func NewHandler(server *Server) (http.Handler, error) {
if server.PrometheusNoAuth {
mux.Handle("/metrics", promhttp.Handler())
} else {
mux.HandleFunc("/metrics", server.wrapAuth(promhttp.Handler().ServeHTTP))
mux.HandleFunc("/metrics", server.wrapMetricsAuth(promhttp.Handler().ServeHTTP))
}
}
mux.Handle("/", server)