From 79e7f85a579c031a60e31d8788201d5abf58b3ba Mon Sep 17 00:00:00 2001 From: Ilja Neumann Date: Wed, 18 Nov 2020 12:48:31 +0100 Subject: [PATCH] Show basic_auth warning only on startup --- changelog/unreleased/dont-nag-about-basicauth.md | 6 ++++++ proxy/pkg/middleware/basic_auth.go | 5 +++-- 2 files changed, 9 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/dont-nag-about-basicauth.md diff --git a/changelog/unreleased/dont-nag-about-basicauth.md b/changelog/unreleased/dont-nag-about-basicauth.md new file mode 100644 index 000000000..ee2fc4cac --- /dev/null +++ b/changelog/unreleased/dont-nag-about-basicauth.md @@ -0,0 +1,6 @@ +Enhancement: Show basic-auth warning only once + +Show basic-auth warning only on startup instead on every request. + + +https://github.com/owncloud/ocis/pull/886 diff --git a/proxy/pkg/middleware/basic_auth.go b/proxy/pkg/middleware/basic_auth.go index 607efa758..58e0d7a08 100644 --- a/proxy/pkg/middleware/basic_auth.go +++ b/proxy/pkg/middleware/basic_auth.go @@ -15,6 +15,9 @@ const publicFilesEndpoint = "/remote.php/dav/public-files/" // BasicAuth provides a middleware to check if BasicAuth is provided func BasicAuth(optionSetters ...Option) func(next http.Handler) http.Handler { options := newOptions(optionSetters...) + if options.EnableBasicAuth { + options.Logger.Warn().Msg("basic auth enabled, use only for testing or development") + } return func(next http.Handler) http.Handler { return &basicAuth{ @@ -41,8 +44,6 @@ func (m basicAuth) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } - m.logger.Warn().Msg("basic auth enabled, use only for testing or development") - login, password, _ := req.BasicAuth() account, status := getAccount(m.logger, m.accountsClient, fmt.Sprintf("login eq '%s' and password eq '%s'", strings.ReplaceAll(login, "'", "''"), strings.ReplaceAll(password, "'", "''")))