local-server/cmd/dkl-local-server/auth.go

package main

import (
	"log"
	"net/http"
)

var adminToken string

func authorizeAdmin(r *http.Request) bool {
	return authorizeToken(r, adminToken)
}

func authorizeToken(r *http.Request, token string) bool {
	if token == "" {
		return false
	}

	reqToken := r.Header.Get("Authorization")
	if reqToken != "" {
		return reqToken == "Bearer "+token
	}

	return r.URL.Query().Get("token") == token
}

func forbidden(w http.ResponseWriter, r *http.Request) {
	log.Printf("denied access to %s from %s", r.URL.Path, r.RemoteAddr)
	http.Error(w, "Forbidden", http.StatusForbidden)
}

func requireToken(token *string, handler http.Handler) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
		if !authorizeToken(req, *token) {
			forbidden(w, req)
			return
		}
		handler.ServeHTTP(w, req)
	})
}

func requireAdmin(handler http.Handler) http.Handler {
	return requireToken(&adminToken, handler)
}
chore 2019-01-24 11:40:23 +13:00			`package main`

			`import (`
			`"log"`
			`"net/http"`
			`)`

cleanup hosts ws 2023-05-18 19:55:52 +02:00			`var adminToken string`
chore 2019-01-24 11:40:23 +13:00
			`func authorizeAdmin(r *http.Request) bool {`
cleanup hosts ws 2023-05-18 19:55:52 +02:00			`return authorizeToken(r, adminToken)`
chore 2019-01-24 11:40:23 +13:00			`}`

			`func authorizeToken(r *http.Request, token string) bool {`
			`if token == "" {`
fix login on open store 2024-02-26 11:21:29 +01:00			`return false`
chore 2019-01-24 11:40:23 +13:00			`}`

			`reqToken := r.Header.Get("Authorization")`
downloads API, UI 2023-02-07 21:29:19 +01:00			`if reqToken != "" {`
			`return reqToken == "Bearer "+token`
			`}`
chore 2019-01-24 11:40:23 +13:00
downloads API, UI 2023-02-07 21:29:19 +01:00			`return r.URL.Query().Get("token") == token`
chore 2019-01-24 11:40:23 +13:00			`}`

			`func forbidden(w http.ResponseWriter, r *http.Request) {`
named passphrases (+deletion by name) 2023-09-10 16:47:54 +02:00			`log.Printf("denied access to %s from %s", r.URL.Path, r.RemoteAddr)`
chore 2019-01-24 11:40:23 +13:00			`http.Error(w, "Forbidden", http.StatusForbidden)`
			`}`
downloads API, UI 2023-02-07 21:29:19 +01:00
fix login on open store 2024-02-26 11:21:29 +01:00			`func requireToken(token *string, handler http.Handler) http.Handler {`
downloads API, UI 2023-02-07 21:29:19 +01:00			`return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {`
fix login on open store 2024-02-26 11:21:29 +01:00			`if !authorizeToken(req, *token) {`
downloads API, UI 2023-02-07 21:29:19 +01:00			`forbidden(w, req)`
			`return`
			`}`
			`handler.ServeHTTP(w, req)`
			`})`
			`}`

			`func requireAdmin(handler http.Handler) http.Handler {`
fix login on open store 2024-02-26 11:21:29 +01:00			`return requireToken(&adminToken, handler)`
downloads API, UI 2023-02-07 21:29:19 +01:00			`}`