refactor to handler for git backend, use mux, and middle

author: Max Resnick <max@ofmax.li> 2022-10-30 21:21:52 -0700
committer: Max Resnick <max@ofmax.li> 2022-10-30 21:21:52 -0700
commit: e3010e016c716d3f95936752846550e47771cd51 (patch)
tree: 2f65a8b17a8272b36d8f78088278c6cbb2b26c1d
parent: d0cb5e2318d1859f2dc9027151b4e4f1c973c6a1 (diff)
download: go-git-server-e3010e016c716d3f95936752846550e47771cd51.tar.gz
1 files changed, 39 insertions, 39 deletions
diff --git a/main.go b/main.go
index 0db6ee1..e786c9b 100644
--- a/main.go
+++ b/main.go
@@ -63,46 +63,43 @@ func NewToken() (string, string, error) {
 	return token, hash, nil
 }
 
-type Handler struct {
-	cgiHandler *cgi.Handler
-}
-
-func NewHandler(reposDir, backendCommand string) *Handler {
-	return &Handler{
-		&cgi.Handler{
-			Path: "/bin/sh",
-			Args: []string{"-c", backendCommand},
-			Dir:  ".",
-			Env: []string{
-				fmt.Sprintf("GIT_PROJECT_ROOT=%v", reposDir),
-				"GIT_HTTP_EXPORT_ALL=1",
-			},
+// GitHttpBackendHandler a handler for git cgi
+func GitHttpBackendHandler(reposDir, backendCommand string) http.Handler {
+	return &cgi.Handler{
+		Path: "/bin/sh",
+		Args: []string{"-c", backendCommand},
+		Dir:  ".",
+		Env: []string{
+			fmt.Sprintf("GIT_PROJECT_ROOT=%v", reposDir),
+			"GIT_HTTP_EXPORT_ALL=1",
 		},
 	}
 }
 
-func (h *Handler) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-	u, p, ok := req.BasicAuth()
-	if !ok {
-		rw.Header().Set("WWW-Authenticate", `Basic realm="git"`)
-		http.Error(rw, "Authentication Required", 401)
-		return
-	}
-	hash, ok := authMap[fmt.Sprintf("user:%s", u)]
-	if !ok {
-		http.Error(rw, "Bad Request", 400)
-		return
-	}
-	token, err := base64.URLEncoding.DecodeString(p)
-	if err != nil {
-		http.Error(rw, "Bad Request", 400)
-		return
-	}
-	if err := bcrypt.CompareHashAndPassword([]byte(hash), token); err != nil {
-		http.Error(rw, "Bad Request", 400)
-		return
-	}
-	h.cgiHandler.ServeHTTP(rw, req)
+// Authentication middleware to enforce authentication of all requests.
+func Authentication(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
+		u, p, ok := req.BasicAuth()
+		if !ok {
+			rw.Header().Set("WWW-Authenticate", `Basic realm="git"`)
+			http.Error(rw, "Authentication Required", 401)
+			return
+		}
+		hash, ok := authMap[fmt.Sprintf("user:%s", u)]
+		if !ok {
+			http.Error(rw, "Bad Request", 400)
+			return
+		}
+		token, err := base64.URLEncoding.DecodeString(p)
+		if err != nil {
+			http.Error(rw, "Bad Request", 400)
+			return
+		}
+		if err := bcrypt.CompareHashAndPassword([]byte(hash), token); err != nil {
+			http.Error(rw, "Bad Request", 400)
+			return
+		}
+	})
 }
 
 func main() {
@@ -116,11 +113,14 @@ func main() {
 		return
 	}
 	tokens, err := LoadTokens()
-	fmt.Println(tokens)
 	if err != nil {
 		log.Fatal(err)
 	}
+	router := http.NewServeMux()
+	// TODO we don't want to use a global
 	authMap = tokens
-	http.Handle("/", NewHandler(*reposDir, *backendCommand))
-	log.Fatal(http.ListenAndServe(":8080", nil))
+	// de-reference args
+	router.Handle("/", GitHttpBackendHandler(*reposDir, *backendCommand))
+	mux := Authentication(router)
+	log.Fatal(http.ListenAndServe(":8080", mux))
 }
author	Max Resnick <max@ofmax.li>	2022-10-30 21:21:52 -0700
committer	Max Resnick <max@ofmax.li>	2022-10-30 21:21:52 -0700
commit	e3010e016c716d3f95936752846550e47771cd51 (patch)
tree	2f65a8b17a8272b36d8f78088278c6cbb2b26c1d
parent	d0cb5e2318d1859f2dc9027151b4e4f1c973c6a1 (diff)
download	go-git-server-e3010e016c716d3f95936752846550e47771cd51.tar.gz