rc: methods marked as AuthRequired need auth unless --rc-no-auth

Methods which can read or mutate external storage will require authorisation - enforce this. This can be overidden by `--rc-no-auth`.
2018-11-03 16:37:09 +00:00 · 2018-11-03 16:37:09 +00:00 · fa0a9653d2
commit fa0a9653d2
parent 181267e20e
8 changed files with 102 additions and 4 deletions
--- a/cmd/serve/httplib/httplib.go
+++ b/cmd/serve/httplib/httplib.go
@ -106,6 +106,7 @@ type Server struct {
 	httpServer      *http.Server
 	basicPassHashed string
 	useSSL          bool // if server is configured for SSL/TLS
+	usingAuth       bool // set if authentication is configured
 }

 // singleUserProvider provides the encrypted password for a single user
@ -143,6 +144,7 @@ func NewServer(handler http.Handler, opt *Options) *Server {
 		}
 		authenticator := auth.NewBasicAuthenticator(s.Opt.Realm, secretProvider)
 		handler = auth.JustCheck(authenticator, handler.ServeHTTP)
+		s.usingAuth = true
 	}

 	s.useSSL = s.Opt.SslKey != ""
@ -255,3 +257,8 @@ func (s *Server) URL() string {
 	}
 	return fmt.Sprintf("%s://%s/", proto, addr)
 }
+
+// UsingAuth returns true if authentication is required
+func (s *Server) UsingAuth() bool {
+	return s.usingAuth
+}