func Hook(ctx *middleware.Context) { if ctx.Query("secret") != setting.Docs.Secret { ctx.Error(403) return } log.Info("Incoming hook update request") if err := models.ReloadDocs(); err != nil { ctx.Error(500) return } ctx.Status(200) }
func DocsStatic(ctx *middleware.Context) { if len(ctx.Params("*")) > 0 { f, err := os.Open(path.Join(models.Tocs[setting.Docs.Langs[0]].RootPath, "images", ctx.Params("*"))) if err != nil { ctx.JSON(500, map[string]interface{}{ "error": err.Error(), }) return } defer f.Close() _, err = io.Copy(ctx.Resp, f) if err != nil { ctx.JSON(500, map[string]interface{}{ "error": err.Error(), }) return } return } ctx.Error(404) }
func Protect(ctx *middleware.Context) { if !models.Protector.HasProtection { return } // Check if resource is protected. allows, yes := models.Protector.Resources[strings.TrimPrefix(ctx.Req.URL.Path, "/docs/")] if !yes { return } // Check if auth is presented. authHead := ctx.Req.Header.Get("Authorization") if len(authHead) == 0 { authRequired(ctx) return } auths := strings.Fields(authHead) if len(auths) != 2 || auths[0] != "Basic" { ctx.Error(401) return } uname, passwd, err := basicAuthDecode(auths[1]) if err != nil { ctx.Error(401) return } // Check if auth is valid. if models.Protector.Users[uname] != encodeMd5(passwd) { ctx.Error(401) return } // Check if user has access to the resource. if !allows[uname] { ctx.Error(403) return } }
func authRequired(ctx *middleware.Context) { ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"") ctx.Error(401) }