From 5ff18af95648a5bef1ebac63b6ddb5287f54dfcb Mon Sep 17 00:00:00 2001 From: Henrique Dias Date: Tue, 23 Jul 2024 08:39:01 +0200 Subject: [PATCH] feat!: remove Auth option --- README.md | 6 +----- cmd/root.go | 1 - lib/config.go | 12 +++--------- lib/config_test.go | 6 +----- 4 files changed, 5 insertions(+), 20 deletions(-) diff --git a/README.md b/README.md index ac7c0a5..4ba949b 100644 --- a/README.md +++ b/README.md @@ -68,10 +68,6 @@ prefix: / # Enable or disable debug logging. Default is false. debug: false -# Whether or not to have authentication. With authentication on, you need to -# define one or more users. Default is false. -auth: true - # The directory that will be able to be accessed by the users when connecting. # This directory will be used by users unless they have their own 'scope' defined. # Default is "." (current directory). @@ -83,7 +79,7 @@ modify: true # Default permissions rules to apply at the paths. rules: [] -# The list of users. Must be defined if auth is set to true. +# The list of users. If users is empty, then there will be no authentication. users: # Example 'admin' user with plaintext password. - username: admin diff --git a/cmd/root.go b/cmd/root.go index 8750993..7a1b9a8 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -20,7 +20,6 @@ func init() { flags := rootCmd.Flags() flags.StringP("config", "c", "", "config file path") flags.BoolP("tls", "t", lib.DefaultTLS, "enable TLS") - flags.Bool("auth", lib.DefaultAuth, "enable authentication") flags.String("cert", lib.DefaultCert, "path to TLS certificate") flags.String("key", lib.DefaultKey, "path to TLS key") flags.StringP("address", "a", lib.DefaultAddress, "address to listen on") diff --git a/lib/config.go b/lib/config.go index 7cea95d..ebd4f87 100644 --- a/lib/config.go +++ b/lib/config.go @@ -9,6 +9,7 @@ import ( "github.com/go-viper/mapstructure/v2" "github.com/spf13/pflag" "github.com/spf13/viper" + "go.uber.org/zap" ) const ( @@ -17,7 +18,6 @@ const ( DefaultDebug = false DefaultNoSniff = false DefaultTLS = false - DefaultAuth = false DefaultCert = "cert.pem" DefaultKey = "key.pem" DefaultAddress = "0.0.0.0" @@ -37,7 +37,6 @@ type Config struct { Prefix string NoSniff bool LogFormat string `mapstructure:"log_format"` - Auth bool CORS CORS Users []User } @@ -84,7 +83,6 @@ func ParseConfig(filename string, flags *pflag.FlagSet) (*Config, error) { v.SetDefault("Key", DefaultKey) v.SetDefault("Address", DefaultAddress) v.SetDefault("Port", DefaultPort) - v.SetDefault("Auth", DefaultAuth) v.SetDefault("Prefix", DefaultPrefix) v.SetDefault("Log_Format", DefaultLogFormat) @@ -137,12 +135,8 @@ func ParseConfig(filename string, flags *pflag.FlagSet) (*Config, error) { func (c *Config) Validate() error { var err error - if c.Auth && len(c.Users) == 0 { - return errors.New("invalid config: auth cannot be enabled without users") - } - - if !c.Auth && len(c.Users) != 0 { - return errors.New("invalid config: auth cannot be disabled with users defined") + if len(c.Users) == 0 { + zap.L().Warn("unprotected config: no users have been set, so no authentication will be used") } c.Scope, err = filepath.Abs(c.Scope) diff --git a/lib/config_test.go b/lib/config_test.go index 87378e6..bd3b93c 100644 --- a/lib/config_test.go +++ b/lib/config_test.go @@ -28,7 +28,6 @@ func TestConfigDefaults(t *testing.T) { cfg := writeAndParseConfig(t, "", ".yml") require.NoError(t, cfg.Validate()) - require.EqualValues(t, DefaultAuth, cfg.Auth) require.EqualValues(t, DefaultTLS, cfg.TLS) require.EqualValues(t, DefaultAddress, cfg.Address) require.EqualValues(t, DefaultPort, cfg.Port) @@ -65,7 +64,6 @@ func TestConfigCascade(t *testing.T) { t.Run("YAML", func(t *testing.T) { content := ` -auth: true scope: / modify: true rules: @@ -89,7 +87,6 @@ users: t.Run("JSON", func(t *testing.T) { content := `{ - "auth": true, "scope": "/", "modify": true, "rules": [ @@ -120,7 +117,7 @@ users: }) t.Run("`TOML", func(t *testing.T) { - content := `auth = true + content := ` scope = "/" modify = true @@ -175,7 +172,6 @@ cors: func TestConfigRules(t *testing.T) { content := ` -auth: false scope: / modify: true rules: