feat!: remove Auth option

README.md

@@ -68,10 +68,6 @@ prefix: /
 # Enable or disable debug logging. Default is false.
 debug: false
 
-# Whether or not to have authentication. With authentication on, you need to
-# define one or more users. Default is false.
-auth: true
-
 # The directory that will be able to be accessed by the users when connecting.
 # This directory will be used by users unless they have their own 'scope' defined.
 # Default is "." (current directory).
@@ -83,7 +79,7 @@ modify: true
 # Default permissions rules to apply at the paths.
 rules: []
 
-# The list of users. Must be defined if auth is set to true.
+# The list of users. If users is empty, then there will be no authentication.
 users:
   # Example 'admin' user with plaintext password.
   - username: admin

cmd/root.go

@@ -20,7 +20,6 @@ func init() {
 	flags := rootCmd.Flags()
 	flags.StringP("config", "c", "", "config file path")
 	flags.BoolP("tls", "t", lib.DefaultTLS, "enable TLS")
-	flags.Bool("auth", lib.DefaultAuth, "enable authentication")
 	flags.String("cert", lib.DefaultCert, "path to TLS certificate")
 	flags.String("key", lib.DefaultKey, "path to TLS key")
 	flags.StringP("address", "a", lib.DefaultAddress, "address to listen on")

lib/config.go

@@ -9,6 +9,7 @@ import (
 	"github.com/go-viper/mapstructure/v2"
 	"github.com/spf13/pflag"
 	"github.com/spf13/viper"
+	"go.uber.org/zap"
 )
 
 const (
@@ -17,7 +18,6 @@ const (
 	DefaultDebug     = false
 	DefaultNoSniff   = false
 	DefaultTLS       = false
-	DefaultAuth      = false
 	DefaultCert      = "cert.pem"
 	DefaultKey       = "key.pem"
 	DefaultAddress   = "0.0.0.0"
@@ -37,7 +37,6 @@ type Config struct {
 	Prefix      string
 	NoSniff     bool
 	LogFormat   string `mapstructure:"log_format"`
-	Auth        bool
 	CORS        CORS
 	Users       []User
 }
@@ -84,7 +83,6 @@ func ParseConfig(filename string, flags *pflag.FlagSet) (*Config, error) {
 	v.SetDefault("Key", DefaultKey)
 	v.SetDefault("Address", DefaultAddress)
 	v.SetDefault("Port", DefaultPort)
-	v.SetDefault("Auth", DefaultAuth)
 	v.SetDefault("Prefix", DefaultPrefix)
 	v.SetDefault("Log_Format", DefaultLogFormat)
 
@@ -138,12 +136,8 @@ func ParseConfig(filename string, flags *pflag.FlagSet) (*Config, error) {
 func (c *Config) Validate() error {
 	var err error
 
-	if c.Auth && len(c.Users) == 0 {
-		return errors.New("invalid config: auth cannot be enabled without users")
-	}
-
-	if !c.Auth && len(c.Users) != 0 {
-		return errors.New("invalid config: auth cannot be disabled with users defined")
+	if len(c.Users) == 0 {
+		zap.L().Warn("unprotected config: no users have been set, so no authentication will be used")
 	}
 
 	c.Scope, err = filepath.Abs(c.Scope)

lib/config_test.go

@@ -28,7 +28,6 @@ func TestConfigDefaults(t *testing.T) {
 	cfg := writeAndParseConfig(t, "", ".yml")
 	require.NoError(t, cfg.Validate())
 
-	require.EqualValues(t, DefaultAuth, cfg.Auth)
 	require.EqualValues(t, DefaultTLS, cfg.TLS)
 	require.EqualValues(t, DefaultAddress, cfg.Address)
 	require.EqualValues(t, DefaultPort, cfg.Port)
@@ -65,7 +64,6 @@ func TestConfigCascade(t *testing.T) {
 
 	t.Run("YAML", func(t *testing.T) {
 		content := `
-auth: true
 scope: /
 modify: true
 rules:
@@ -89,7 +87,6 @@ users:
 
 	t.Run("JSON", func(t *testing.T) {
 		content := `{
-	"auth": true,
 	"scope": "/",
 	"modify": true,
 	"rules": [
@@ -120,7 +117,7 @@ users:
 	})
 
 	t.Run("`TOML", func(t *testing.T) {
-		content := `auth = true
+		content := `
 scope = "/"
 modify = true
 
@@ -175,7 +172,6 @@ cors:
 
 func TestConfigRules(t *testing.T) {
 	content := `
-auth: false
 scope: /
 modify: true
 rules: