Basic auth login

aunefyren · Oct 24, 2023 · 160da68 · 160da68
1 parent 4338ce7
commit 160da68
Show file tree

Hide file tree

Showing 5 changed files with 69 additions and 30 deletions.
diff --git a/config_default.json b/config_default.json
@@ -116,5 +116,6 @@
 	"use_logs": true,
 	"create_share_links": true,
 	"plex_auth": true,
-	"winter_theme": true
+	"winter_theme": true,
+    "basic_auth": true
 }
diff --git a/files/config.go b/files/config.go
@@ -132,6 +132,7 @@ func CreateConfigFile() error {
 
 	config.CreateShareLinks = true
 	config.WinterTheme = true
+	config.BasicAuth = false
 	config.WrapperrCustomize.StatsTopListLength = 10
 	config.WrapperrCustomize.ObfuscateOtherUsers = true
 	config.WrapperrCustomize.StatsOrderByDuration = true

diff --git a/models/models.go b/models/models.go
@@ -55,6 +55,7 @@ type WrapperrConfig struct {
 	WrappedEnd        int               `json:"wrapped_end"`
 	WrapperrPort      int               `json:"wrapperr_port"`
 	PlexAuth          bool              `json:"plex_auth"`
+	BasicAuth         bool              `json:"basic_auth"`
 	WinterTheme       bool              `json:"winter_theme"`
 }
 
@@ -212,6 +213,7 @@ type WrapperrVersion struct {
 	ClientKey                 string `json:"client_key"`
 	WrapperrConfigured        bool   `json:"wrapperr_configured"`
 	WinterTheme               bool   `json:"winter_theme"`
+	BasicAuth                 bool   `json:"basic_auth"`
 	Message                   string `json:"message"`
 	Error                     bool   `json:"error"`
 }

diff --git a/routes/no_auth.go b/routes/no_auth.go
@@ -49,6 +49,7 @@ func ApiGetWrapperrVersion(w http.ResponseWriter, r *http.Request) {
 		Message:                   "Retrieved Wrapperr version.",
 		Error:                     false,
 		WrapperrRoot:              config.WrapperrRoot,
+		BasicAuth:                 config.BasicAuth,
 	}
 
 	ip_string := utilities.GetOriginIPString(w, r)
@@ -217,6 +218,13 @@ func ApiLogInAdmin(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	config, err := files.GetConfig()
+	if err != nil {
+		log.Println("Failed to load configuration file. Error: " + err.Error())
+		fmt.Println("Failed to load configuration file.")
+		return
+	}
+
 	if !admin {
 		log.Println("Admin login failed. Admin is not configured.")
 		utilities.RespondDefaultError(w, r, errors.New("No admin configured."), 400)
@@ -231,30 +239,48 @@ func ApiLogInAdmin(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		// Read payload from Post input
-		reqBody, _ := ioutil.ReadAll(r.Body)
-		var admin_payload models.AdminConfig
-		json.Unmarshal(reqBody, &admin_payload)
+		var username string
+		var password string
+
+		if !config.BasicAuth {
+			// Read payload from Post input
+			reqBody, _ := ioutil.ReadAll(r.Body)
+			var admin_payload models.AdminConfig
+			json.Unmarshal(reqBody, &admin_payload)
+
+			username = admin_payload.AdminUsername
+			password = admin_payload.AdminPassword
+		} else {
+			usernameTwo, passwordTwo, okay := r.BasicAuth()
+			if !okay {
+				w.Header().Add("WWW-Authenticate", `Basic realm="Give username and password"`)
+				w.WriteHeader(http.StatusUnauthorized)
+				w.Write([]byte(`{"message": "No basic auth present"}`))
+				return
+			}
+			username = usernameTwo
+			password = passwordTwo
+		}
 
 		// Confirm username length
-		if len(admin_payload.AdminUsername) < 4 {
+		if len(username) < 4 {
 			log.Println("Admin creation failed. Admin username requires four or more characters.")
 			utilities.RespondDefaultError(w, r, errors.New("Admin username is too short. Four characters or more required."), 500)
 			return
 		}
 
 		// Confirm password length
-		if len(admin_payload.AdminPassword) < 8 {
+		if len(password) < 8 {
 			log.Println("Admin creation failed. Admin password requires eight or more characters.")
 			utilities.RespondDefaultError(w, r, errors.New("Admin password is too short. Eight characters or more required."), 500)
 			return
 		}
 
 		// Hash new password
-		password_validity := utilities.ComparePasswords(admin_config.AdminPassword, admin_payload.AdminPassword)
+		password_validity := utilities.ComparePasswords(admin_config.AdminPassword, password)
 
 		// Validate admin username and password
-		if !password_validity || admin_config.AdminUsername != admin_payload.AdminUsername {
+		if !password_validity || admin_config.AdminUsername != username {
 			ip_string := utilities.GetOriginIPString(w, r)
 			log.Println("Admin login failed. Incorrect admin username or password." + ip_string)
 			fmt.Println("Admin login failed. Incorrect admin username or password." + ip_string)

diff --git a/web/js/admin.js b/web/js/admin.js
@@ -3,21 +3,26 @@ function topFunction() {
   document.documentElement.scrollTop = 0; // For Chrome, Firefox, IE and Opera
 }
 
-function login_menu() {
+function login_menu(basic_auth) {
     topFunction();
     var html = '<h2>Admin Login</h2>';
 
-    html += '<form id="password_login_form" onsubmit="log_in();return false">'
+    html += '<form id="password_login_form" onsubmit="log_in(' + basic_auth + ');return false">'
 
-    html += '<div class="form-group newline">';
-    html += '<label for="username" title="The username chosen during first-time setup.">Username:</label>';
-    html += '<input type="text" class="form-control" id="username" value="" placeholder="" minlength=4 autocomplete="on" required />';
-    html += '</div>';
 
-    html += '<div class="form-group newline">';
-    html += '<label for="password" title="The password chosen during first-time setup.">Password:</label>';
-    html += '<input type="password" class="form-control" id="password" value="" autocomplete="off" required />';
-    html += '</div>';
+    if(!basic_auth) {
+
+        html += '<div class="form-group newline">';
+        html += '<label for="username" title="The username chosen during first-time setup.">Username:</label>';
+        html += '<input type="text" class="form-control" id="username" value="" placeholder="" minlength=4 autocomplete="on" required />';
+        html += '</div>';
+
+        html += '<div class="form-group newline">';
+        html += '<label for="password" title="The password chosen during first-time setup.">Password:</label>';
+        html += '<input type="password" class="form-control" id="password" value="" autocomplete="off" required />';
+        html += '</div>';
+
+    }
 
     html += '<div class="form-group newline">';
     html += '<div id="password_login_form_error"></div>';
@@ -31,19 +36,23 @@ function login_menu() {
     document.getElementById("setup").innerHTML = html;
 }
 
-function log_in() {
+function log_in(basic_auth) {
 
     // Disable button
     document.getElementById("log_in_button").disabled = true;
     document.getElementById("log_in_button").style.opacity = '0.5';
 
     // Get variables
-    password = document.getElementById('password').value;
-    username = document.getElementById('username').value;
+    if(!basic_auth) {
+        password = document.getElementById('password').value;
+        username = document.getElementById('username').value;
 
-    admin_login_form = {"admin_password" : password, "admin_username" : username};
+        admin_login_form = {"admin_password" : password, "admin_username" : username};
 
-    var admin_login_data = JSON.stringify(admin_login_form);
+        var admin_login_data = JSON.stringify(admin_login_form);
+    } else {
+        var admin_login_data = ""
+    }
 
     var xhttp = new XMLHttpRequest();
     xhttp.onreadystatechange = function() {
@@ -2451,7 +2460,7 @@ function get_wrapper_version() {
                     console.log("URL: " + api_url)
                 }
 
-                get_admin_state();
+                get_admin_state(result.basic_auth);
             }
 
         } else if(this.readyState == 4 && this.status !== 200) {
@@ -2478,7 +2487,7 @@ function get_wrapper_version() {
 }
 
 // Get admin configuration state
-function get_admin_state() {
+function get_admin_state(basic_auth) {
     var xhttp = new XMLHttpRequest();
     xhttp.onreadystatechange = function() {
         if (this.readyState == 4) {
@@ -2499,9 +2508,9 @@ function get_admin_state() {
                 cookie = get_cookie('wrapperr-admin');
 
                 if(cookie) {
-                    validate_cookie_admin(cookie);
+                    validate_cookie_admin(cookie, basic_auth);
                 } else {
-                    login_menu();
+                    login_menu(basic_auth);
                 }
             }
 
@@ -2514,7 +2523,7 @@ function get_admin_state() {
 }
 
 // Validate admin login
-function validate_cookie_admin(cookie) {
+function validate_cookie_admin(cookie, basic_auth) {
     var xhttp = new XMLHttpRequest();
     xhttp.onreadystatechange = function() {
         if (this.readyState == 4) {
@@ -2527,7 +2536,7 @@ function validate_cookie_admin(cookie) {
 
             if(result.error) {
                 set_cookie("wrapperr-admin", "", 1);
-                login_menu();
+                login_menu(basic_auth);
                 document.getElementById("password_login_form_error").innerHTML = result.message;
             } else {
                 get_config(get_cookie('wrapperr-admin'));