Use password from config in basic auth

TODO.md

@@ -19,6 +19,9 @@
 * ✅ Streaming responses in slow operations like scaling down
   or building
 * Make more things configurable / remove hardcoded stuff
+  * ✅ Make server take options from file
+  * ✅ Make server take options from environment
+  * ✅ Make server password configurable
   * admin/admin auth
 * CD for binaries and images for at least arm64/x86
 * Multi-container docker logs [faaso logs -f FUNKO]

shard.lock

@@ -26,7 +26,7 @@ shards:
 
   docr:
     git: https://github.com/ralsina/docr.git
-    version: 0.1.1+git.commit.18f15cc7111b1d0c63347c7cca07aee9ec87a7a8
+    version: 0.1.1+git.commit.98a20178d5ae1391f1cd56e372530de6aa2b1ebc
 
   exception_page:
     git: https://github.com/crystal-loot/exception_page.git

src/daemon/config.cr

@@ -1,4 +1,5 @@
 require "cr-config"
+require "kemal-basic-auth"
 
 class Config
   include CrConfig
@@ -17,3 +18,23 @@ class Config
     Config.set_instance config
   end
 end
+
+class ConfigAuthHandler < Kemal::BasicAuth::Handler
+  def initialize
+    # Ignored, just make the compiler happy
+    @credentials = Kemal::BasicAuth::Credentials.new({"foo" => "bar"})
+  end
+
+  def authorize?(value) : String?
+    username, password = Base64.decode_string(value[BASIC.size + 1..-1]).split(":")
+    if username == "admin" && password == Config.instance.password
+      username
+    else
+      nil
+    end
+  end
+end
+
+# Tie auth to config
+
+add_handler ConfigAuthHandler.new

src/daemon/main.cr

@@ -6,14 +6,11 @@ require "./terminal.cr"
 require "compress/gzip"
 require "crystar"
 require "docr"
-require "kemal-basic-auth"
 require "kemal"
 require "uuid"
 
 Config.load
 
-basic_auth "admin", Config.instance.password
-
 macro version
   "{{ `grep version shard.yml | cut -d: -f2` }}".strip()
 end
@@ -26,4 +23,10 @@ get "/version" do
   "#{version}"
 end
 
+get "/reload" do
+  Log.info { "Reloading configuration" }
+  Config.load
+  "Config reloaded"
+end
+
 Kemal.run