From b10bdf21b53a3c8a7508084d967c2931f679474a Mon Sep 17 00:00:00 2001 From: jabuxas Date: Tue, 15 Oct 2024 15:21:05 -0300 Subject: [PATCH] feat: add check on whether to restrict text uploading --- abyss.go | 10 +++++++++- generate_config.sh | 8 ++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/abyss.go b/abyss.go index a820220..b968ca9 100644 --- a/abyss.go +++ b/abyss.go @@ -25,6 +25,8 @@ func main() { app.filesDir = os.Getenv("ABYSS_FILEDIR") app.port = os.Getenv("ABYSS_PORT") + auth := os.Getenv("SHOULD_AUTH") + if app.auth.username == "" { log.Fatal("basic auth username must be provided") } @@ -65,7 +67,13 @@ func main() { ), ) mux.HandleFunc("/last", app.lastUploadedHandler) - mux.HandleFunc("/upload", app.basicAuth(app.uploadHandler)) + if auth == "yes" { + mux.HandleFunc("/upload", app.basicAuth(app.uploadHandler)) + slog.Warn("text uploading through the browser will be restricted") + } else { + mux.HandleFunc("/upload", app.uploadHandler) + slog.Warn("text uploading through the browser will NOT be restricted") + } srv := &http.Server{ Addr: app.port, diff --git a/generate_config.sh b/generate_config.sh index a836a89..c18b23f 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -22,6 +22,11 @@ if [ -z $AUTH_PASSWORD ]; then AUTH_PASSWORD="admin" fi +read -p "Auth for upload form - should password be needed to upload text through the browser? [yes]: " -e SHOULD_AUTH +if [ -z $SHOULD_AUTH ]; then + SHOULD_AUTH="yes" +fi + cat << EOF > .env # This is the full name of the final domain for the server. Example: paste.abyss.dev ABYSS_URL=$ABYSS_URL @@ -38,6 +43,9 @@ AUTH_USERNAME=$AUTH_USERNAME # This is the password of the user for accessing /tree AUTH_PASSWORD=$AUTH_PASSWORD +# This is whether you need a password to upload text through the browser +SHOULD_AUTH=$SHOULD_AUTH + # This is the key needed to make uploads. Include it as X-Auth in curl. # Tip: Save it somewhere and use it in curl with \$(cat /path/to/key) UPLOAD_KEY=$UPLOAD_KEY