diff options
| author | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-04-06 18:23:58 +0300 |
|---|---|---|
| committer | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-06-30 22:50:19 +0300 |
| commit | 9cf40354085f4b4446f06d4d03926dcaa6ab9565 (patch) | |
| tree | eb6ade3a82feec5f9b258417f41a8fecd3e9aec9 /app.go | |
| parent | c4a419ed595281f62977fd47aa30d225c4eddb5d (diff) | |
Add support for private projects and authentication with GitLab API
Diffstat (limited to 'app.go')
| -rw-r--r-- | app.go | 18 |
1 files changed, 18 insertions, 0 deletions
@@ -19,6 +19,7 @@ import ( "gitlab.com/gitlab-org/gitlab-pages/internal/admin" "gitlab.com/gitlab-org/gitlab-pages/internal/artifact" + "gitlab.com/gitlab-org/gitlab-pages/internal/auth" "gitlab.com/gitlab-org/gitlab-pages/internal/domain" "gitlab.com/gitlab-org/gitlab-pages/internal/httperrors" "gitlab.com/gitlab-org/gitlab-pages/metrics" @@ -39,6 +40,7 @@ type theApp struct { dm domain.Map lock sync.RWMutex Artifact *artifact.Artifact + Auth *auth.Auth } func (a *theApp) isReady() bool { @@ -138,10 +140,21 @@ func (a *theApp) serveContent(ww http.ResponseWriter, r *http.Request, https boo host, domain := a.getHostAndDomain(r) + if a.Auth.TryAuthenticate(&w, r) { + return + } + if a.tryAuxiliaryHandlers(&w, r, https, host, domain) { return } + // Only for private domains that have access control enabled + if domain.IsAccessControlEnabled(r) && domain.IsPrivate(r) { + if a.Auth.CheckAuthentication(&w, r, domain.GetID(r)) { + return + } + } + // Serve static file, applying CORS headers if necessary if a.DisableCrossOriginRequests { domain.ServeHTTP(&w, r) @@ -291,6 +304,11 @@ func runApp(config appConfig) { a.Artifact = artifact.New(config.ArtifactsServer, config.ArtifactsServerTimeout, config.Domain) } + if config.ClientID != "" { + a.Auth = auth.New(config.Domain, config.StoreSecret, config.ClientID, config.ClientSecret, + config.RedirectURI, config.GitLabServer) + } + configureLogging(config.LogFormat, config.LogVerbose) if err := mimedb.LoadTypes(); err != nil { |