Rethought login

This commit is contained in:
Roberto Alsina 2024-07-08 13:34:54 -03:00
parent fe52566872
commit a896f2e032
3 changed files with 26 additions and 8 deletions

View File

@ -18,12 +18,12 @@
* Sanitize all inputs
* ✅ Streaming responses in slow operations like scaling down
or building
* Make more things configurable / remove hardcoded stuff
* Make more things configurable / remove hardcoded stuff
* ✅ Make server take options from file
* ✅ Make server take options from environment
* ✅ Make server password configurable
* admin/admin auth client side [WIP, broke everything]
* `faaso login` is not working properly yet with proxy
* admin/admin auth client side
* `faaso login` is not working properly yet with proxy
* CD for binaries and images for at least arm64/x86
* Multi-container docker logs [faaso logs -f FUNKO]
* ✅ Direct error and above to stderr, others to stdout,

View File

@ -9,10 +9,28 @@ module Faaso
else
password = STDIN.gets.to_s
end
# Testing with auth/ which is guaranteed locked
Crest.get(
"#{server}auth/", \
user: "admin", password: password).body
# This is tricky. If the service is running behind a reverse proxy
# then /version is locked, but if it's not, only /auth is locked.
# So we try /version first without a password, and if it succeeds
# we try /auth with the password. If /version fails, we try /version
# with the password
#
begin
# Version without password.
Crest.get("#{server}version/")
# Auth with password
begin
Crest.get("#{server}auth/", user: "admin", password: password)
rescue ex : Crest::Unauthorized
# Failed with auth/
Log.error { "Wrong password" }
return 1
end
rescue ex : Crest::Unauthorized
# Version with password
Crest.get("#{server}version/", user: "admin", password: password)
end
# If we got here the password is ok
CONFIG.hosts[server] = {"admin", password}
Config.save

View File

@ -20,7 +20,7 @@ class Config
end
class ConfigAuthHandler < Kemal::BasicAuth::Handler
only ["/auth"]
only ["/auth", "/auth/*"]
def call(context)
return call_next(context) unless only_match?(context)