From 7dd5248a6e6c1343aae37cb4d2cab7a19b70b55c Mon Sep 17 00:00:00 2001 From: Roberto Alsina Date: Sun, 7 Jul 2024 13:29:12 -0300 Subject: [PATCH] Use password from config in basic auth --- TODO.md | 3 +++ shard.lock | 2 +- src/daemon/config.cr | 21 +++++++++++++++++++++ src/daemon/main.cr | 9 ++++++--- 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/TODO.md b/TODO.md index ce1ea75..d3f2fbc 100644 --- a/TODO.md +++ b/TODO.md @@ -19,6 +19,9 @@ * ✅ Streaming responses in slow operations like scaling down or building * Make more things configurable / remove hardcoded stuff + * ✅ Make server take options from file + * ✅ Make server take options from environment + * ✅ Make server password configurable * admin/admin auth * CD for binaries and images for at least arm64/x86 * Multi-container docker logs [faaso logs -f FUNKO] diff --git a/shard.lock b/shard.lock index 9353b2d..41ade99 100644 --- a/shard.lock +++ b/shard.lock @@ -26,7 +26,7 @@ shards: docr: git: https://github.com/ralsina/docr.git - version: 0.1.1+git.commit.18f15cc7111b1d0c63347c7cca07aee9ec87a7a8 + version: 0.1.1+git.commit.98a20178d5ae1391f1cd56e372530de6aa2b1ebc exception_page: git: https://github.com/crystal-loot/exception_page.git diff --git a/src/daemon/config.cr b/src/daemon/config.cr index baedb86..a20aba4 100644 --- a/src/daemon/config.cr +++ b/src/daemon/config.cr @@ -1,4 +1,5 @@ require "cr-config" +require "kemal-basic-auth" class Config include CrConfig @@ -17,3 +18,23 @@ class Config Config.set_instance config end end + +class ConfigAuthHandler < Kemal::BasicAuth::Handler + def initialize + # Ignored, just make the compiler happy + @credentials = Kemal::BasicAuth::Credentials.new({"foo" => "bar"}) + end + + def authorize?(value) : String? + username, password = Base64.decode_string(value[BASIC.size + 1..-1]).split(":") + if username == "admin" && password == Config.instance.password + username + else + nil + end + end +end + +# Tie auth to config + +add_handler ConfigAuthHandler.new diff --git a/src/daemon/main.cr b/src/daemon/main.cr index 57e5df4..27eaf4d 100644 --- a/src/daemon/main.cr +++ b/src/daemon/main.cr @@ -6,14 +6,11 @@ require "./terminal.cr" require "compress/gzip" require "crystar" require "docr" -require "kemal-basic-auth" require "kemal" require "uuid" Config.load -basic_auth "admin", Config.instance.password - macro version "{{ `grep version shard.yml | cut -d: -f2` }}".strip() end @@ -26,4 +23,10 @@ get "/version" do "#{version}" end +get "/reload" do + Log.info { "Reloading configuration" } + Config.load + "Config reloaded" +end + Kemal.run