1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 14:37:46 +00:00

WebServer: Add support for HTTP basic authentication

This enables the WebServer to run protected by a username and password.
While it isn't possible to access such a protected server from inside
Serenity as of now (because neither the Browser nor pro(1) support
this), this may very well be the case in the future. :^)
This commit is contained in:
Max Wipfli 2021-06-06 17:06:10 +02:00 committed by Andreas Kling
parent 1d990b3e7b
commit 79a47d9bd3
4 changed files with 53 additions and 4 deletions

View file

@ -10,6 +10,7 @@
#include <LibCore/EventLoop.h>
#include <LibCore/File.h>
#include <LibCore/TCPServer.h>
#include <LibHTTP/HttpRequest.h>
#include <WebServer/Client.h>
#include <WebServer/Configuration.h>
#include <stdio.h>
@ -19,14 +20,18 @@ int main(int argc, char** argv)
{
String default_listen_address = "0.0.0.0";
u16 default_port = 8000;
const char* root_path = "/www";
String root_path = "/www";
String listen_address = default_listen_address;
int port = default_port;
String username;
String password;
Core::ArgsParser args_parser;
args_parser.add_option(listen_address, "IP address to listen on", "listen-address", 'l', "listen_address");
args_parser.add_option(port, "Port to listen on", "port", 'p', "port");
args_parser.add_option(username, "HTTP basic authentication username", "user", 'U', "username");
args_parser.add_option(password, "HTTP basic authentication password", "pass", 'P', "password");
args_parser.add_positional_argument(root_path, "Path to serve the contents of", "path", Core::ArgsParser::Required::No);
args_parser.parse(argc, argv);
@ -41,6 +46,11 @@ int main(int argc, char** argv)
return 1;
}
if (username.is_empty() != password.is_empty()) {
warnln("Both username and password are required for HTTP basic authentication.");
return 1;
}
auto real_root_path = Core::File::real_path_for(root_path);
if (!Core::File::exists(real_root_path)) {
@ -55,6 +65,9 @@ int main(int argc, char** argv)
WebServer::Configuration configuration(real_root_path);
if (!username.is_empty() && !password.is_empty())
configuration.set_credentials(HTTP::HttpRequest::BasicAuthenticationCredentials { username, password });
Core::EventLoop loop;
auto server = Core::TCPServer::construct();