mirror/Gokapi
1
0
Fork 0
mirror of https://github.com/Forceu/Gokapi.git synced 2026-02-14 12:38:45 -06:00
Code Issues Packages Projects Releases Wiki Activity

Minor changes, added tests

Browse Source
This commit is contained in:
Marc Ole Bulling
2021-12-02 16:05:21 +01:00
parent 0e31aba457
commit 724489d2a4
5 changed files with 32 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/advanced.rst
View File

@@ -118,8 +118,9 @@ All values that are described in :ref:`cloudstorage` can be passed as environmen
+-----------------------+-------------------------+
********************************
External Authentication
------------------------
********************************
In order to use external authentication (eg. services like Authelia or Authentik), set the environment variable ``GOKAPI_DISABLE_LOGIN`` to ``true`` on the first start. *Warning:* This will diasable authentication for the admin menu, which can be dangerous if not set up correctly!

6
internal/environment/Environment_test.go
View File

@@ -48,3 +48,9 @@ func TestIsAwsProvided(t *testing.T) {
env = New()
test.IsEqualBool(t, env.IsAwsProvided(), true)
}
func TestToBool(t *testing.T) {
test.IsEqualBool(t, ToBool(IsTrue), true)
test.IsEqualBool(t, ToBool(IsFalse), false)
test.IsEqualBool(t, ToBool("invalid"), false)
}

16
internal/webserver/Webserver.go
View File

@@ -172,7 +172,7 @@ func forgotPassword(w http.ResponseWriter, r *http.Request) {
// If user is authenticated, this menu lists all uploads and enables uploading new files
func showApiAdmin(w http.ResponseWriter, r *http.Request) {
addNoCacheHeader(w)
if !isAuthenticated(w, r, false) {
if !isAuthenticatedOrRedirect(w, r, false) {
return
}
err := templateFolder.ExecuteTemplate(w, "api", (&UploadView{}).convertGlobalConfig(false))
@@ -182,7 +182,7 @@ func showApiAdmin(w http.ResponseWriter, r *http.Request) {
// Handling of /apiNew
func newApiKey(w http.ResponseWriter, r *http.Request) {
addNoCacheHeader(w)
if !isAuthenticated(w, r, false) {
if !isAuthenticatedOrRedirect(w, r, false) {
return
}
api.NewKey()
@@ -192,7 +192,7 @@ func newApiKey(w http.ResponseWriter, r *http.Request) {
// Handling of /apiDelete
func deleteApiKey(w http.ResponseWriter, r *http.Request) {
addNoCacheHeader(w)
if !isAuthenticated(w, r, false) {
if !isAuthenticatedOrRedirect(w, r, false) {
return
}
keys, ok := r.URL.Query()["id"]
@@ -305,7 +305,7 @@ func showHotlink(w http.ResponseWriter, r *http.Request) {
// User needs to be admin. Deletes the requested file
func deleteFile(w http.ResponseWriter, r *http.Request) {
addNoCacheHeader(w)
if !isAuthenticated(w, r, false) {
if !isAuthenticatedOrRedirect(w, r, false) {
return
}
keyId := queryUrl(w, r, "admin")
@@ -332,7 +332,7 @@ func queryUrl(w http.ResponseWriter, r *http.Request, redirectUrl string) string
// If user is authenticated, this menu lists all uploads and enables uploading new files
func showAdminMenu(w http.ResponseWriter, r *http.Request) {
addNoCacheHeader(w)
if !isAuthenticated(w, r, false) {
if !isAuthenticatedOrRedirect(w, r, false) {
return
}
err := templateFolder.ExecuteTemplate(w, "admin", (&UploadView{}).convertGlobalConfig(true))
@@ -419,7 +419,7 @@ func (u *UploadView) convertGlobalConfig(isMainView bool) *UploadView {
func uploadFile(w http.ResponseWriter, r *http.Request) {
addNoCacheHeader(w)
w.Header().Set("Content-Type", "application/json; charset=UTF-8")
if !isAuthenticated(w, r, true) {
if !isAuthenticatedOrRedirect(w, r, true) {
return
}
err := fileupload.Process(w, r, true, webserverMaxMemory)
@@ -452,8 +452,8 @@ func downloadFile(w http.ResponseWriter, r *http.Request) {
storage.ServeFile(savedFile, w, r, true)
}
// Checks if the user is logged in as an admin.
func isAuthenticated(w http.ResponseWriter, r *http.Request, isUpload bool) bool {
// Checks if the user is logged in as an admin. Redirects to login page if not authenticated
func isAuthenticatedOrRedirect(w http.ResponseWriter, r *http.Request, isUpload bool) bool {
if configuration.IsLoginDisabled() {
return true
}

4
internal/webserver/api/Api.go
View File

@@ -21,7 +21,7 @@ func Process(w http.ResponseWriter, r *http.Request, maxMemory int) {
w.Header().Set("cache-control", "no-store")
w.Header().Set("Content-Type", "application/json; charset=UTF-8")
request := parseRequest(r)
if !isAuthorised(w, request) {
if !isAuthorisedForApi(w, request) {
return
}
switch request.requestUrl {
@@ -132,7 +132,7 @@ func isValidKey(key string, modifyTime bool) bool {
return false
}
func isAuthorised(w http.ResponseWriter, request apiRequest) bool {
func isAuthorisedForApi(w http.ResponseWriter, request apiRequest) bool {
if isValidKey(request.apiKey, true) || sessionmanager.IsValidSession(w, request.request) {
return true
}

14
internal/webserver/api/Api_test.go
View File

@@ -80,6 +80,20 @@ func TestProcess(t *testing.T) {
test.ResponseBodyContains(t, w, "Invalid request")
}
func TestAuthDisabledLogin(t *testing.T) {
w, r := getRecorder("GET", "/api/auth/friendlyname", nil, nil, nil)
Process(w, r, maxMemory)
test.ResponseBodyContains(t, w, "{\"Result\":\"error\",\"ErrorMessage\":\"Unauthorized\"}")
settings := configuration.GetServerSettings()
settings.DisableLogin = true
configuration.Release()
w, r = getRecorder("GET", "/api/auth/friendlyname", nil, nil, nil)
Process(w, r, maxMemory)
test.ResponseBodyContains(t, w, "{\"Result\":\"error\",\"ErrorMessage\":\"Unauthorized\"}")
settings.DisableLogin = false
}
func TestChangeFriendlyName(t *testing.T) {
settings := configuration.GetServerSettings()
configuration.Release()