Skip to content
Snippets Groups Projects
Commit b0ad2920 authored by Christian Pointner's avatar Christian Pointner
Browse files

allow setting authorization info for passwd backend

parent ea29eadf
No related branches found
No related tags found
No related merge requests found
......@@ -60,7 +60,8 @@ func (b *PasswdBackend) NewSession(ctx context.Context, arguments json.RawMessag
return nil, errors.New("mandatory arguments missing")
}
if b.userDB[args.Username].Password != args.Password {
user, exists := b.userDB[args.Username]
if !exists || user.Password != args.Password {
return nil, errors.New("invalid username and or password")
}
......@@ -69,10 +70,9 @@ func (b *PasswdBackend) NewSession(ctx context.Context, arguments json.RawMessag
}
// TODO: setting this directly is probably fine but rather ugly...
s.Username = args.Username
// TODO: handle authorization
s.ReadOnly = true
s.AllShows = true
s.ReadOnly = user.ReadOnly
s.AllShows = user.AllShows
s.Shows = user.Shows
s.setState(SessionStateLoggedIn)
return
......
......@@ -42,8 +42,10 @@ type OIDCConfig struct {
}
type PasswdUserConfig struct {
Password string `json:"password" yaml:"password" toml:"password"`
// TODO: add authorization info
Password string `json:"password" yaml:"password" toml:"password"`
ReadOnly bool `json:"readonly" yaml:"readonly" toml:"readonly"`
AllShows bool `json:"all-shows" yaml:"all-shows" toml:"all-shows"`
Shows []string `json:"shows" yaml:"shows" toml:"shows"`
}
type Config struct {
......
......@@ -29,21 +29,30 @@ importer:
normalizer: ffmpeg
### uncomment to enable authentication
auth:
sessions:
## defaults to 24h
max-age: 12h
oidc:
issuer-url: http://localhost:8000/openid
client-id: ${OIDC_CLIENT_ID}
client-secret: ${OIDC_CLIENT_SECRET}
callback-url: http://localhost:8040/auth/oidc/callback
login-timeout: 10m # defaults to 5 Minutes
passwd:
hugo:
password: secret
someuser:
password: changeme
# auth:
# sessions:
# ## defaults to 24h
# max-age: 12h
# oidc:
# issuer-url: http://localhost:8000/openid
# client-id: ${OIDC_CLIENT_ID}
# client-secret: ${OIDC_CLIENT_SECRET}
# callback-url: http://localhost:8040/auth/oidc/callback
# login-timeout: 10m # defaults to 5 Minutes
# passwd:
# admin:
# password: very-secret
# all-shows: true
# engine:
# password: rather-secret
# readonly: true
# all-shows: true
# hugo:
# password: changeme
# readonly: true
# shows:
# - hugo
# - yet-another-hugo-show
### uncomment to enable CORS headers
### see: https://godoc.org/github.com/rs/cors#Options
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment