Commit cbc02270 authored by Bengfort's avatar Bengfort
Browse files

add shared-secret authorization

parent e3232dce
Pipeline #11035 passed with stages
in 1 minute and 52 seconds
......@@ -23,6 +23,7 @@ type ResponseMsg struct {
var mux = &sync.RWMutex{}
var verbose = false
var secret = ""
var connected = false
var lastId = 1
var jobs = make(map[int](chan ResponseMsg))
......@@ -170,7 +171,9 @@ func handler(w http.ResponseWriter, r *http.Request) {
log.Println(r.Method, r.URL)
}
if r.URL.Path == "/castellum/" {
if secret != "" && r.Header.Get("Authorization") != fmt.Sprintf("token %s", secret) {
http.Error(w, "", http.StatusForbidden)
} else if r.URL.Path == "/castellum/" {
if r.Method == http.MethodGet {
castellumGet(w, r)
} else if r.Method == http.MethodPost {
......@@ -198,6 +201,7 @@ func main() {
}
_, verbose = os.LookupEnv("BROKER_VERBOSE")
secret = os.Getenv("BROKER_SECRET")
http.HandleFunc("/", handler)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment