mirror of
https://github.com/rclone/rclone.git
synced 2024-11-23 08:54:10 +01:00
124 lines
3.5 KiB
Go
124 lines
3.5 KiB
Go
// Package httplib provides common functionality for http servers
|
|
package httplib
|
|
|
|
import (
|
|
"fmt"
|
|
"log"
|
|
"net/http"
|
|
|
|
auth "github.com/abbot/go-http-auth"
|
|
"github.com/ncw/rclone/fs"
|
|
"github.com/spf13/pflag"
|
|
)
|
|
|
|
// Globals
|
|
var (
|
|
bindAddress = "localhost:8080"
|
|
htPasswdFile = ""
|
|
realm = "rclone"
|
|
basicUser = ""
|
|
basicPass = ""
|
|
)
|
|
|
|
// AddFlags adds the http server specific flags
|
|
func AddFlags(flagSet *pflag.FlagSet) {
|
|
flagSet.StringVarP(&bindAddress, "addr", "", bindAddress, "IPaddress:Port to bind server to.")
|
|
flagSet.StringVarP(&htPasswdFile, "htpasswd", "", htPasswdFile, "File to use for htpasswd authentication.")
|
|
flagSet.StringVarP(&realm, "realm", "", realm, "Realm name for authentication.")
|
|
flagSet.StringVarP(&basicUser, "user", "", basicUser, "User name for authentication.")
|
|
flagSet.StringVarP(&basicPass, "pass", "", basicPass, "Password for authentication.")
|
|
}
|
|
|
|
// Help contains text describing the http server to add to the command
|
|
// help.
|
|
var Help = `
|
|
### Server options
|
|
|
|
Use --addr to specify which IP address and port the server should
|
|
listen on, eg --addr 1.2.3.4:8000 or --addr :8080 to listen to all
|
|
IPs. By default it only listens on localhost.
|
|
|
|
#### Authentication
|
|
|
|
By default this will serve files without needing a login.
|
|
|
|
You can either use an htpasswd file which can take lots of users, or
|
|
set a single username and password with the --user and --pass flags.
|
|
|
|
Use --htpasswd /path/to/htpasswd to provide an htpasswd file. This is
|
|
in standard apache format and supports MD5, SHA1 and BCrypt for basic
|
|
authentication. Bcrypt is recommended.
|
|
|
|
To create an htpasswd file:
|
|
|
|
touch htpasswd
|
|
htpasswd -B htpasswd user
|
|
htpasswd -B htpasswd anotherUser
|
|
|
|
Use --realm to set the authentication realm.`
|
|
|
|
// Server contains info about the running http server
|
|
type Server struct {
|
|
bindAddress string
|
|
httpServer *http.Server
|
|
basicUser string
|
|
basicPassHashed string
|
|
}
|
|
|
|
// singleUserProvider provides the encrypted password for a single user
|
|
func (s *Server) singleUserProvider(user, realm string) string {
|
|
if user == s.basicUser {
|
|
return s.basicPassHashed
|
|
}
|
|
return ""
|
|
}
|
|
|
|
// NewServer creates an http server
|
|
func NewServer(handler http.Handler) *Server {
|
|
s := &Server{
|
|
bindAddress: bindAddress,
|
|
}
|
|
|
|
// Use htpasswd if required on everything
|
|
if htPasswdFile != "" || basicUser != "" {
|
|
var secretProvider auth.SecretProvider
|
|
if htPasswdFile != "" {
|
|
fs.Infof(nil, "Using %q as htpasswd storage", htPasswdFile)
|
|
secretProvider = auth.HtpasswdFileProvider(htPasswdFile)
|
|
} else {
|
|
fs.Infof(nil, "Using --user %s --pass XXXX as authenticated user", basicUser)
|
|
s.basicUser = basicUser
|
|
s.basicPassHashed = string(auth.MD5Crypt([]byte(basicPass), []byte("dlPL2MqE"), []byte("$1$")))
|
|
secretProvider = s.singleUserProvider
|
|
}
|
|
authenticator := auth.NewBasicAuthenticator(realm, secretProvider)
|
|
handler = auth.JustCheck(authenticator, handler.ServeHTTP)
|
|
}
|
|
|
|
// FIXME make a transport?
|
|
s.httpServer = &http.Server{
|
|
Addr: s.bindAddress,
|
|
Handler: handler,
|
|
MaxHeaderBytes: 1 << 20,
|
|
}
|
|
// go version specific initialisation
|
|
initServer(s.httpServer)
|
|
return s
|
|
}
|
|
|
|
// SetBindAddress overrides the config flag
|
|
func (s *Server) SetBindAddress(addr string) {
|
|
s.bindAddress = addr
|
|
s.httpServer.Addr = addr
|
|
}
|
|
|
|
// Serve runs the server - doesn't return
|
|
func (s *Server) Serve() {
|
|
log.Fatal(s.httpServer.ListenAndServe())
|
|
}
|
|
|
|
// URL returns the serving address of this server
|
|
func (s *Server) URL() string {
|
|
return fmt.Sprintf("http://%s/", s.bindAddress)
|
|
}
|