From 44c3e728d11ba22fd99e4b4f3644b074d6bf23f9 Mon Sep 17 00:00:00 2001 From: f Date: Wed, 18 Sep 2019 11:00:26 -0300 Subject: [PATCH] public downloads --- config.ru | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/config.ru b/config.ru index 8d3f596..c6074bd 100644 --- a/config.ru +++ b/config.ru @@ -6,9 +6,37 @@ Geminabox.data = '/srv/http' Geminabox.rubygems_proxy = true Geminabox.allow_remote_failure = true -use Rack::Auth::Basic, 'Gems' do |username, password| - username == ENV.fetch('HTTP_BASIC_USER', SecureRandom.hex) && - password == ENV.fetch('HTTP_BASIC_PASSWORD', SecureRandom.hex) +# https://github.com/geminabox/geminabox/wiki/Http-Basic-Auth +Geminabox::Server.helpers do + def protected! + unless authorized? + response['WWW-Authenticate'] = %(Basic realm="Geminabox") + halt 401, "No pushing or deleting without auth.\n" + end + end + + def authorized? + @auth ||= Rack::Auth::Basic::Request.new(request.env) + @auth.provided? && + @auth.basic? && + @auth.credentials && + @auth.credentials == [ENV.fetch('HTTP_BASIC_USER', SecureRandom.hex), + ENV.fetch('HTTP_BASIC_PASSWORD', SecureRandom.hex)] + end +end + +Geminabox::Server.before '/upload' do + protected! +end + +Geminabox::Server.before do + protected! if request.delete? +end + +Geminabox::Server.before '/api/v1/gems' do + unless ENV['HTTP_AUTHORIZATION'] == 'API_KEY' + halt 401, "Access Denied. Api_key invalid or missing.\n" + end end use Rack::Session::Redis, redis_server: 'redis://redis:6379/2'