diff --git a/client/client_test.go b/client/client_test.go index 0729f18..119cbc5 100644 --- a/client/client_test.go +++ b/client/client_test.go @@ -3029,12 +3029,12 @@ func TestWebUi(t *testing.T) { tester.RunInteractiveShell(t, `echo foobar`) // Start the server - require.NoError(t, tester.RunInteractiveShellBackground(t, `hishtory start-web-ui --force-creds hishtory:my_password`)) + require.NoError(t, tester.RunInteractiveShellBackground(t, `hishtory start-web-ui --port 8001 --force-creds hishtory:my_password`)) time.Sleep(time.Second) defer tester.RunInteractiveShell(t, `killall hishtory`) // And check that the server seems to be returning valid data - req, err := http.NewRequest("GET", "http://localhost:8000?q=foobar", nil) + req, err := http.NewRequest("GET", "http://localhost:8001?q=foobar", nil) require.NoError(t, err) req.SetBasicAuth("hishtory", "my_password") resp, err := http.DefaultClient.Do(req) @@ -3046,12 +3046,12 @@ func TestWebUi(t *testing.T) { require.Contains(t, string(respBody), "echo foobar") // And that it rejects requests without auth - resp, err = http.Get("http://localhost:8000?q=foobar") + resp, err = http.Get("http://localhost:8001?q=foobar") require.NoError(t, err) require.Equal(t, 401, resp.StatusCode) // And requests with incorrect auth - req, err = http.NewRequest("GET", "http://localhost:8000?q=foobar", nil) + req, err = http.NewRequest("GET", "http://localhost:8001?q=foobar", nil) require.NoError(t, err) req.SetBasicAuth("hishtory", "wrong-password") resp, err = http.DefaultClient.Do(req) diff --git a/client/cmd/webui.go b/client/cmd/webui.go index 5469a56..46e2be2 100644 --- a/client/cmd/webui.go +++ b/client/cmd/webui.go @@ -13,6 +13,7 @@ import ( var disableAuth *bool var forceCreds *string +var port *int var webUiCmd = &cobra.Command{ Use: "start-web-ui", @@ -32,7 +33,7 @@ var webUiCmd = &cobra.Command{ if *disableAuth && *forceCreds != "" { lib.CheckFatalError(fmt.Errorf("cannot specify both --disable-auth and --force-creds")) } - lib.CheckFatalError(webui.StartWebUiServer(hctx.MakeContext(), *disableAuth, overridenUsername, overridenPassword)) + lib.CheckFatalError(webui.StartWebUiServer(hctx.MakeContext(), *port, *disableAuth, overridenUsername, overridenPassword)) os.Exit(1) }, } @@ -41,4 +42,5 @@ func init() { rootCmd.AddCommand(webUiCmd) disableAuth = webUiCmd.Flags().Bool("disable-auth", false, "Disable authentication for the Web UI (Warning: This means your entire shell history will be accessible from the local web server)") forceCreds = webUiCmd.Flags().String("force-creds", "", "Specify the credentials to use for basic auth in the form `user:password`") + port = webUiCmd.Flags().Int("port", 8000, "The port for the web server to listen on") } diff --git a/client/webui/webui.go b/client/webui/webui.go index 837edf3..a702f71 100644 --- a/client/webui/webui.go +++ b/client/webui/webui.go @@ -126,7 +126,7 @@ func secureStringEquals(s1, s2 string) bool { return subtle.ConstantTimeCompare([]byte(s1), []byte(s2)) == 1 } -func StartWebUiServer(ctx context.Context, disableAuth bool, overridenUsername, overridenPassword string) error { +func StartWebUiServer(ctx context.Context, port int, disableAuth bool, overridenUsername, overridenPassword string) error { username := "hishtory" // Note that uuid.NewRandom() uses crypto/rand and returns a UUID with 122 bits of security password := uuid.Must(uuid.NewRandom()).String() @@ -144,7 +144,7 @@ func StartWebUiServer(ctx context.Context, disableAuth bool, overridenUsername, server := http.Server{ BaseContext: func(l net.Listener) context.Context { return ctx }, - Addr: ":8000", + Addr: fmt.Sprintf(":%d", port), } fmt.Printf("Starting web server on %s...\n", server.Addr) fmt.Printf("Username: %s\nPassword: %s\n", username, password)