2015-05-04 12:04:17 -05:00
|
|
|
package setup
|
|
|
|
|
|
|
|
import (
|
2015-08-30 13:07:43 -05:00
|
|
|
"strings"
|
|
|
|
|
2015-05-04 12:04:17 -05:00
|
|
|
"github.com/mholt/caddy/middleware"
|
|
|
|
"github.com/mholt/caddy/middleware/basicauth"
|
|
|
|
)
|
|
|
|
|
|
|
|
// BasicAuth configures a new BasicAuth middleware instance.
|
|
|
|
func BasicAuth(c *Controller) (middleware.Middleware, error) {
|
2015-09-05 17:04:30 -05:00
|
|
|
root := c.Root
|
|
|
|
|
2015-05-04 12:04:17 -05:00
|
|
|
rules, err := basicAuthParse(c)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
basic := basicauth.BasicAuth{Rules: rules}
|
|
|
|
|
|
|
|
return func(next middleware.Handler) middleware.Handler {
|
|
|
|
basic.Next = next
|
2015-09-05 17:04:30 -05:00
|
|
|
basic.SiteRoot = root
|
2015-05-04 12:04:17 -05:00
|
|
|
return basic
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func basicAuthParse(c *Controller) ([]basicauth.Rule, error) {
|
|
|
|
var rules []basicauth.Rule
|
|
|
|
|
2015-08-30 13:07:43 -05:00
|
|
|
var err error
|
2015-05-04 12:04:17 -05:00
|
|
|
for c.Next() {
|
|
|
|
var rule basicauth.Rule
|
|
|
|
|
|
|
|
args := c.RemainingArgs()
|
|
|
|
|
|
|
|
switch len(args) {
|
|
|
|
case 2:
|
|
|
|
rule.Username = args[0]
|
2015-09-05 17:04:30 -05:00
|
|
|
if rule.Password, err = passwordMatcher(rule.Username, args[1], c.Root); err != nil {
|
2015-08-30 13:07:43 -05:00
|
|
|
return rules, c.Errf("Get password matcher from %s: %v", c.Val(), err)
|
|
|
|
}
|
|
|
|
|
2015-05-04 12:04:17 -05:00
|
|
|
for c.NextBlock() {
|
|
|
|
rule.Resources = append(rule.Resources, c.Val())
|
|
|
|
if c.NextArg() {
|
|
|
|
return rules, c.Errf("Expecting only one resource per line (extra '%s')", c.Val())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
case 3:
|
|
|
|
rule.Resources = append(rule.Resources, args[0])
|
|
|
|
rule.Username = args[1]
|
2015-09-05 17:04:30 -05:00
|
|
|
if rule.Password, err = passwordMatcher(rule.Username, args[2], c.Root); err != nil {
|
2015-08-30 13:07:43 -05:00
|
|
|
return rules, c.Errf("Get password matcher from %s: %v", c.Val(), err)
|
|
|
|
}
|
2015-05-04 12:04:17 -05:00
|
|
|
default:
|
|
|
|
return rules, c.ArgErr()
|
|
|
|
}
|
|
|
|
|
|
|
|
rules = append(rules, rule)
|
|
|
|
}
|
|
|
|
|
|
|
|
return rules, nil
|
|
|
|
}
|
2015-08-30 13:07:43 -05:00
|
|
|
|
2015-09-05 17:04:30 -05:00
|
|
|
func passwordMatcher(username, passw, siteRoot string) (basicauth.PasswordMatcher, error) {
|
2015-08-30 13:07:43 -05:00
|
|
|
if !strings.HasPrefix(passw, "htpasswd=") {
|
|
|
|
return basicauth.PlainMatcher(passw), nil
|
|
|
|
}
|
|
|
|
|
2015-09-05 17:04:30 -05:00
|
|
|
return basicauth.GetHtpasswdMatcher(passw[9:], username, siteRoot)
|
2015-08-30 13:07:43 -05:00
|
|
|
}
|