forked from TrueCloudLab/rclone
httplib: make http serving with auth generate INFO messages on auth fail
2018/12/13 12:13:44 INFO : /: 127.0.0.1:39696: Basic auth challenge sent 2018/12/13 12:13:54 INFO : /: 127.0.0.1:40050: Unauthorized request from ncw Fixes #2834
This commit is contained in:
parent
5ee1816a71
commit
c1dd76788d
1 changed files with 24 additions and 1 deletions
|
@ -4,11 +4,13 @@ package httplib
|
|||
import (
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
auth "github.com/abbot/go-http-auth"
|
||||
|
@ -143,7 +145,28 @@ func NewServer(handler http.Handler, opt *Options) *Server {
|
|||
secretProvider = s.singleUserProvider
|
||||
}
|
||||
authenticator := auth.NewBasicAuthenticator(s.Opt.Realm, secretProvider)
|
||||
handler = auth.JustCheck(authenticator, handler.ServeHTTP)
|
||||
oldHandler := handler
|
||||
handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
if username := authenticator.CheckAuth(r); username == "" {
|
||||
authHeader := r.Header.Get(authenticator.Headers.V().Authorization)
|
||||
if authHeader != "" {
|
||||
s := strings.SplitN(authHeader, " ", 2)
|
||||
var userName = "UNKNOWN"
|
||||
if len(s) == 2 && s[0] == "Basic" {
|
||||
b, err := base64.StdEncoding.DecodeString(s[1])
|
||||
if err == nil {
|
||||
userName = strings.SplitN(string(b), ":", 2)[0]
|
||||
}
|
||||
}
|
||||
fs.Infof(r.URL.Path, "%s: Unauthorized request from %s", r.RemoteAddr, userName)
|
||||
} else {
|
||||
fs.Infof(r.URL.Path, "%s: Basic auth challenge sent", r.RemoteAddr)
|
||||
}
|
||||
authenticator.RequireAuth(w, r)
|
||||
} else {
|
||||
oldHandler.ServeHTTP(w, r)
|
||||
}
|
||||
})
|
||||
s.usingAuth = true
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue