discourse
/
discourse-auth-proxy
mirror of https://github.com/discourse/discourse-auth-proxy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

option for whitelisted /path

This commit is contained in:
Andrew Schleifer 2018-09-20 15:28:14 +08:00
parent deaf725bae
commit 8bea12489d
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
main.go
View File

@ -34,6 +34,7 @@ type Config struct {
TimeoutPtr *int TimeoutPtr *int
CookieSecret string CookieSecret string
AllowAllPtr *bool AllowAllPtr *bool
WhitelistPtr *string
} }
func main() { func main() {
@ -49,6 +50,7 @@ func main() {
config.UsernameHeaderPtr = flag.String("username-header", "Discourse-User-Name", "Request header to pass authenticated username into") config.UsernameHeaderPtr = flag.String("username-header", "Discourse-User-Name", "Request header to pass authenticated username into")
config.GroupsHeaderPtr = flag.String("groups-header", "Discourse-User-Groups", "Request header to pass authenticated groups into") config.GroupsHeaderPtr = flag.String("groups-header", "Discourse-User-Groups", "Request header to pass authenticated groups into")
config.TimeoutPtr = flag.Int("timeout", 10, "Read/write timeout") config.TimeoutPtr = flag.Int("timeout", 10, "Read/write timeout")
config.WhitelistPtr = flag.String("whitelist", "", "Path which does not require authorization")
flag.Parse() flag.Parse()
@ -107,6 +109,9 @@ func main() {
func authProxyHandler(handler http.Handler, config *Config) http.Handler { func authProxyHandler(handler http.Handler, config *Config) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if checkWhitelist(handler, r, w, config) {
return
}
if checkAuthorizationHeader(handler, r, w, config) { if checkAuthorizationHeader(handler, r, w, config) {
return return
} }
@ -148,6 +153,15 @@ func checkAuthorizationHeader(handler http.Handler, r *http.Request, w http.Resp
return false return false
} }
func checkWhitelist(handler http.Handler, r *http.Request, w http.ResponseWriter, config *Config) bool {
if r.URL.Path == *(config.WhitelistPtr) {
handler.ServeHTTP(w, r)
return true
}
return false
}
func redirectIfNoCookie(handler http.Handler, r *http.Request, w http.ResponseWriter, config *Config) { func redirectIfNoCookie(handler http.Handler, r *http.Request, w http.ResponseWriter, config *Config) {
cookie, err := r.Cookie("__discourse_proxy") cookie, err := r.Cookie("__discourse_proxy")
var username, groups string var username, groups string