Esempio n. 1
0
func doServeHostBucket(w http.ResponseWriter, req *http.Request) (err error) {
	log.Printf("Serving: %s %s", req.Method, req.RequestURI)
	if req.Method != "GET" {
		http.NotFound(w, req)
		return
	}

	host, bucket := recogniseHostBucket(req)
	if bucket == "" || host == "" {
		http.NotFound(w, req)
		return
	}

	creds, err := cbauth.AuthWebCreds(req)
	if err != nil {
		return
	}
	log.Printf("User name: `%s'", creds.Name())
	canAccess, err := creds.CanAccessBucket(bucket)
	if err != nil {
		return
	}
	if !canAccess {
		cbauth.SendUnauthorized(w)
		return
	}

	payload, err := performBucketRequest(bucket, "http://"+host+"/")
	if err != nil {
		return
	}

	w.Write(payload)
	return
}
Esempio n. 2
0
func (h *CBAuthBasicLogin) ServeHTTP(
	w http.ResponseWriter, req *http.Request) {

	authType := ""
	if h.mgr != nil && h.mgr.Options() != nil {
		authType = h.mgr.Options()["authType"]
	}

	if authType == "cbauth" {
		creds, err := cbauth.AuthWebCreds(req)
		if err != nil {
			http.Error(w, fmt.Sprintf("rest_auth: cbauth.AuthWebCreds,"+
				" err: %v ", err), 403)
			return
		}

		if creds.Source() == "anonymous" {
			// force basic auth login by sending 401
			cbauth.SendUnauthorized(w)
			return
		}
	}

	// redirect to /
	http.Redirect(w, req, "/", http.StatusMovedPermanently)
}
Esempio n. 3
0
func checkAuth(w http.ResponseWriter, req *http.Request) (admin bool) {
	switch {
	case authType == "cbauth":
		creds, err := cbauth.AuthWebCreds(req)
		if err != nil {
			http.Error(w, fmt.Sprintf("auth err: %v ", err), 403)
			return
		}
		admin, err = creds.IsAdmin()
		if err != nil {
			http.Error(w, fmt.Sprintf("auth err: %v ", err), 403)
			return
		}
		if !admin {
			cbauth.SendUnauthorized(w)
			return
		}
		return
	case authType == "":
		return true
	}
	return true
}