mirror of
https://github.com/SinTan1729/chhoto-url
synced 2024-12-26 07:38:36 -06:00
* Added an option to remove authentication * Updated README to document disabling authentication Co-authored-by: Przemek Dragańczuk <admin@draganczuk.tk>
This commit is contained in:
parent
8734ba63d9
commit
a26e3fb98f
3 changed files with 26 additions and 3 deletions
17
README.md
17
README.md
|
@ -77,7 +77,6 @@ export db_url=<url> # Default: './urls.sqlite'
|
|||
java -jar build/libs/url.jar
|
||||
```
|
||||
You can optionally set the port the server listens on by appending `--port=[port]`
|
||||
|
||||
### 4. Navigate to `http://localhost:4567` in your browser, add links as you wish.
|
||||
|
||||
## Running with docker
|
||||
|
@ -109,5 +108,19 @@ There is a sample `docker-compose.yml` file in this repository. It contains
|
|||
everything needed for a basic install. You can use it as a base, modifying
|
||||
it as needed. Run it with
|
||||
```
|
||||
docker-compose up -d --build
|
||||
docker-compose up -d
|
||||
```
|
||||
|
||||
## Disable authentication
|
||||
As requested in #5, it is possible to completely disable the authentication.
|
||||
This if not recommended, as it will allow anyone to create new links and delete
|
||||
old ones. This might not seem like a bad idea, until you have hundreds of links
|
||||
pointing to illegal content. Since there are no logs, it's impossible to prove
|
||||
that those links aren't created by you.
|
||||
|
||||
If you still want to do it, then you need to set an environment variable to
|
||||
an exact value:
|
||||
```
|
||||
INSECURE_DISABLE_PASSWORD=I_KNOW_ITS_BAD
|
||||
```
|
||||
Any other value will not work.
|
||||
|
|
|
@ -21,7 +21,7 @@ public class App {
|
|||
after(Filters::addGZIP);
|
||||
|
||||
// No need to auth in dev
|
||||
if (System.getenv("dev") == null) {
|
||||
if (System.getenv("dev") == null && Utils.isPasswordEnabled()) {
|
||||
// Authenticate
|
||||
before("/api/*", Filters.createAuthFilter());
|
||||
}
|
||||
|
|
|
@ -27,4 +27,14 @@ public class Utils {
|
|||
return PATTERN.matcher(shortUrl)
|
||||
.matches();
|
||||
}
|
||||
|
||||
public static boolean isPasswordEnabled(){
|
||||
String disablePasswordEnv = System.getenv("INSECURE_DISABLE_PASSWORD");
|
||||
|
||||
if(disablePasswordEnv != null && disablePasswordEnv.equals("I_KNOW_ITS_BAD")){
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue