-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Attempt to add HTTP authentication for #40
- Loading branch information
Showing
6 changed files
with
100 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
package config | ||
|
||
import ( | ||
"flag" | ||
|
||
"github.com/ian-kent/envconf" | ||
) | ||
|
||
func DefaultConfig() *Config { | ||
return &Config{ | ||
AuthFile: "", | ||
} | ||
} | ||
|
||
type Config struct { | ||
AuthFile string | ||
} | ||
|
||
var cfg = DefaultConfig() | ||
|
||
func Configure() *Config { | ||
return cfg | ||
} | ||
|
||
func RegisterFlags() { | ||
flag.StringVar(&cfg.AuthFile, "auth-file", envconf.FromEnvP("MH_AUTH_FILE", "").(string), "A username:bcryptpw mapping file") | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
Authentication | ||
============== | ||
|
||
HTTP basic authentication is supported using a password file. | ||
|
||
See [example-auth](example-auth) for an example. | ||
|
||
Authentication applies to all HTTP requests, including static content | ||
and API endpoints. | ||
|
||
### Password file format | ||
|
||
The password file format is: | ||
|
||
* One user per line | ||
* `username:password` | ||
* Password is bcrypted | ||
|
||
By default, a bcrypt difficulty of 4 is used to reduce page load times. | ||
|
||
### Generating a bcrypted password | ||
|
||
You can use a MailHog shortcut to generate a bcrypted password: | ||
|
||
MailHog bcrypt <password> | ||
|
||
### Enabling HTTP authentication | ||
|
||
To enable authentication, pass an `-auth-file` flag to MailHog: | ||
|
||
MailHog -auth-file=docs/example-auth | ||
|
||
This also works if you're running MailHog-UI and MailHog-Server separately: | ||
|
||
MailHog-Server -auth-file=docs/example-auth | ||
MailHog-UI -auth-file=docs/example-auth | ||
|
||
## Future compatibility | ||
|
||
Authentication has been a bit of an experiment. | ||
|
||
The exact implementation may change over time, e.g. using sessions in the UI | ||
and tokens for the API to avoid frequently bcrypting passwords. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
test:$2a$04$qxRo.ftFoNep7ld/5jfKtuBTnGqff/fZVyj53mUC5sVf9dtDLAi/S |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters