1
0
Fork 0
mirror of https://github.com/SinTan1729/chhoto-url synced 2024-12-26 07:38:36 -06:00
* Added an option to remove authentication

* Updated README to document disabling authentication

Co-authored-by: Przemek Dragańczuk <admin@draganczuk.tk>
This commit is contained in:
Przemek Dragańczuk 2020-09-19 10:01:36 +02:00 committed by GitHub
parent 8734ba63d9
commit a26e3fb98f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 26 additions and 3 deletions

View file

@ -77,7 +77,6 @@ export db_url=<url> # Default: './urls.sqlite'
java -jar build/libs/url.jar
```
You can optionally set the port the server listens on by appending `--port=[port]`
### 4. Navigate to `http://localhost:4567` in your browser, add links as you wish.
## Running with docker
@ -109,5 +108,19 @@ There is a sample `docker-compose.yml` file in this repository. It contains
everything needed for a basic install. You can use it as a base, modifying
it as needed. Run it with
```
docker-compose up -d --build
docker-compose up -d
```
## Disable authentication
As requested in #5, it is possible to completely disable the authentication.
This if not recommended, as it will allow anyone to create new links and delete
old ones. This might not seem like a bad idea, until you have hundreds of links
pointing to illegal content. Since there are no logs, it's impossible to prove
that those links aren't created by you.
If you still want to do it, then you need to set an environment variable to
an exact value:
```
INSECURE_DISABLE_PASSWORD=I_KNOW_ITS_BAD
```
Any other value will not work.

View file

@ -21,7 +21,7 @@ public class App {
after(Filters::addGZIP);
// No need to auth in dev
if (System.getenv("dev") == null) {
if (System.getenv("dev") == null && Utils.isPasswordEnabled()) {
// Authenticate
before("/api/*", Filters.createAuthFilter());
}

View file

@ -27,4 +27,14 @@ public class Utils {
return PATTERN.matcher(shortUrl)
.matches();
}
public static boolean isPasswordEnabled(){
String disablePasswordEnv = System.getenv("INSECURE_DISABLE_PASSWORD");
if(disablePasswordEnv != null && disablePasswordEnv.equals("I_KNOW_ITS_BAD")){
return false;
}
return true;
}
}