Merge pull request #677 from SantoDE/master

Add basic auth support for web backend
This commit is contained in:
Emile Vauge 2016-09-19 16:48:05 +02:00 committed by GitHub
commit 710fc56c6a
3 changed files with 55 additions and 5 deletions

View file

@ -411,6 +411,18 @@ address = ":8080"
#
# Optional
# ReadOnly = false
#
# To enable basic auth on the webui
# with 2 user/pass: test:test and test2:test2
# Passwords can be encoded in MD5, SHA1 and BCrypt: you can use htpasswd to generate those ones
# [web.auth.basic]
# users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"]
# To enable digest auth on the webui
# with 2 user/realm/pass: test:traefik:test and test2:traefik:test2
# You can use htdigest to generate those ones
# [web.auth.basic]
# users = ["test:traefik:a2688e031edb4be6a3797f3882655c05 ", "test2:traefik:518845800f9e2bfb1f1f740ec24f074e"]
```
- `/`: provides a simple HTML frontend of Træfik

View file

@ -221,6 +221,17 @@
# Optional
# ReadOnly = false
# To enable basic auth on the webui
# with 2 user/pass: test:test and test2:test2
# Passwords can be encoded in MD5, SHA1 and BCrypt: you can use htpasswd to generate those ones
# [web.auth.basic]
# users = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"]
# To enable digest auth on the webui
# with 2 user/realm/pass: test:traefik:test and test2:traefik:test2
# You can use htdigest to generate those ones
# [web.auth.basic]
# users = ["test:traefik:a2688e031edb4be6a3797f3882655c05 ", "test2:traefik:518845800f9e2bfb1f1f740ec24f074e"]
################################################################
# File configuration backend

37
web.go
View file

@ -9,8 +9,10 @@ import (
"runtime"
log "github.com/Sirupsen/logrus"
"github.com/codegangsta/negroni"
"github.com/containous/mux"
"github.com/containous/traefik/autogen"
"github.com/containous/traefik/middlewares"
"github.com/containous/traefik/safe"
"github.com/containous/traefik/types"
"github.com/elazarl/go-bindata-assetfs"
@ -28,6 +30,7 @@ type WebProvider struct {
KeyFile string `description:"SSL certificate"`
ReadOnly bool `description:"Enable read only API"`
server *Server
Auth *types.Auth
}
var (
@ -47,6 +50,7 @@ func goroutines() interface{} {
// Provide allows the provider to provide configurations to traefik
// using the given configuration channel.
func (provider *WebProvider) Provide(configurationChan chan<- types.ConfigMessage, pool *safe.Pool, _ []types.Constraint) error {
systemRouter := mux.NewRouter()
// health route
@ -103,15 +107,37 @@ func (provider *WebProvider) Provide(configurationChan chan<- types.ConfigMessag
}
go func() {
if len(provider.CertFile) > 0 && len(provider.KeyFile) > 0 {
err := http.ListenAndServeTLS(provider.Address, provider.CertFile, provider.KeyFile, systemRouter)
if provider.Auth != nil {
authMiddleware, err := middlewares.NewAuthenticator(provider.Auth)
if err != nil {
log.Fatal("Error creating server: ", err)
log.Fatal("Error creating Auth: ", err)
}
var negroni = negroni.New()
negroni.Use(authMiddleware)
negroni.UseHandler(systemRouter)
if len(provider.CertFile) > 0 && len(provider.KeyFile) > 0 {
err = http.ListenAndServeTLS(provider.Address, provider.CertFile, provider.KeyFile, negroni)
} else {
err = http.ListenAndServe(provider.Address, negroni)
}
if err != nil {
log.Fatal("Error creating server with Auth: ", err)
}
} else {
err := http.ListenAndServe(provider.Address, systemRouter)
var err error
if len(provider.CertFile) > 0 && len(provider.KeyFile) > 0 {
err = http.ListenAndServeTLS(provider.Address, provider.CertFile, provider.KeyFile, systemRouter)
} else {
err = http.ListenAndServe(provider.Address, systemRouter)
}
if err != nil {
log.Fatal("Error creating server: ", err)
log.Fatal("Error creating server without Auth: ", err)
}
}
}()
@ -238,6 +264,7 @@ func (provider *WebProvider) getRoutesHandler(response http.ResponseWriter, requ
}
func (provider *WebProvider) getRouteHandler(response http.ResponseWriter, request *http.Request) {
vars := mux.Vars(request)
providerID := vars["provider"]
frontendID := vars["frontend"]