Browse Source

read authfile once only

Read the authfile upon initial server start and store the auth keys in
the auth struct, rather than reading the file for each page load.
pull/56/head
mutantmonkey 9 years ago
parent
commit
cc4e2ca0d9
  1. 37
      auth.go

37
auth.go

@ -3,6 +3,7 @@ package main
import ( import (
"bufio" "bufio"
"encoding/base64" "encoding/base64"
"log"
"net/http" "net/http"
"os" "os"
"strings" "strings"
@ -27,32 +28,25 @@ type AuthOptions struct {
type auth struct { type auth struct {
successHandler http.Handler successHandler http.Handler
failureHandler http.Handler failureHandler http.Handler
authKeys []string
o AuthOptions o AuthOptions
} }
func checkAuth(authFile string, decodedAuth []byte) (result bool, err error) {
f, err := os.Open(authFile)
if err != nil {
return
}
func checkAuth(authKeys []string, decodedAuth []byte) (result bool, err error) {
checkKey, err := scrypt.Key([]byte(decodedAuth), []byte(scryptSalt), scryptN, scryptr, scryptp, scryptKeyLen) checkKey, err := scrypt.Key([]byte(decodedAuth), []byte(scryptSalt), scryptN, scryptr, scryptp, scryptKeyLen)
if err != nil { if err != nil {
return return
} }
encodedKey := base64.StdEncoding.EncodeToString(checkKey) encodedKey := base64.StdEncoding.EncodeToString(checkKey)
scanner := bufio.NewScanner(bufio.NewReader(f))
for scanner.Scan() {
if encodedKey == scanner.Text() {
for _, v := range authKeys {
if encodedKey == v {
result = true result = true
return return
} }
} }
result = false result = false
err = scanner.Err()
return return
} }
@ -75,7 +69,7 @@ func (a auth) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return return
} }
result, err := checkAuth(a.o.AuthFile, decodedAuth)
result, err := checkAuth(a.authKeys, decodedAuth)
if err != nil || !result { if err != nil || !result {
a.failureHandler.ServeHTTP(w, r) a.failureHandler.ServeHTTP(w, r)
return return
@ -85,10 +79,29 @@ func (a auth) ServeHTTP(w http.ResponseWriter, r *http.Request) {
} }
func UploadAuth(o AuthOptions) func(http.Handler) http.Handler { func UploadAuth(o AuthOptions) func(http.Handler) http.Handler {
var authKeys []string
f, err := os.Open(o.AuthFile)
if err != nil {
log.Fatal("Failed to open authfile: ", err)
}
defer f.Close()
scanner := bufio.NewScanner(f)
for scanner.Scan() {
authKeys = append(authKeys, scanner.Text())
}
err = scanner.Err()
if err != nil {
log.Fatal("Scanner error while reading authfile: ", err)
}
fn := func(h http.Handler) http.Handler { fn := func(h http.Handler) http.Handler {
return auth{ return auth{
successHandler: h, successHandler: h,
failureHandler: http.HandlerFunc(badAuthorizationHandler), failureHandler: http.HandlerFunc(badAuthorizationHandler),
authKeys: authKeys,
o: o, o: o,
} }
} }

Loading…
Cancel
Save