TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-05-19 20:32:35 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

disabled auth by default (when no JWT secret is specified)

Browse source
This commit is contained in:
yusing 2024-11-04 00:32:19 +08:00
parent c6a9a816f6
commit b63ebfcb3b
3 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
internal/api/v1/auth/auth.go
View file

@ -90,7 +90,7 @@ func LogoutHandler(w http.ResponseWriter, r *http.Request) {
}
func RequireAuth(next http.HandlerFunc) http.HandlerFunc {
if common.IsDebugSkipAuth {
if common.IsDebugSkipAuth || common.APIJWTSecret == nil {
return next
}

3
internal/common/crypto.go
View file

@ -23,6 +23,9 @@ func generateJWTKey(size int) string {
}
func decodeJWTKey(key string) []byte {
if key == "" {
return nil
}
bytes, err := base64.StdEncoding.DecodeString(key)
if err != nil {
log.Panic().Err(err).Msg("failed to decode jwt key")

8
internal/common/env.go
View file

@ -33,12 +33,18 @@ var (
APIHTTPPort,
APIHTTPURL = GetAddrEnv("GOPROXY_API_ADDR", "127.0.0.1:8888", "http")
APIJWTSecret = decodeJWTKey(GetEnv("GOPROXY_API_JWT_SECRET", generateJWTKey(32)))
APIJWTSecret = decodeJWTKey(GetEnv("GOPROXY_API_JWT_SECRET", ""))
APIJWTTokenTTL = GetDurationEnv("GOPROXY_API_JWT_TOKEN_TTL", time.Hour)
APIUser = GetEnv("GOPROXY_API_USER", "admin")
APIPasswordHash = HashPassword(GetEnv("GOPROXY_API_PASSWORD", "password"))
)
func init() {
if APIJWTSecret == nil {
log.Warn().Msg("API JWT secret is empty, authentication is disabled")
}
}
func GetEnvBool(key string, defaultValue bool) bool {
value, ok := os.LookupEnv(key)
if !ok || value == "" {