[feat] Add header authentication support

In some cases there are needs to authenticate user not in Taskcafe itself. For this reason option server.remote_user_header was added. ```toml [server] remote_user_header = "X-Remote-User" ``` With turned on Taskcafe listens X-Remote-User http header and skip password checking. But still check user existence and activity flag.
2021-10-18 01:12:13 +03:00
parent d725e42adf
commit c12a745929
8 changed files with 90 additions and 13 deletions
--- a/internal/commands/commands.go
+++ b/internal/commands/commands.go
@ -81,6 +81,7 @@ func Execute() {
 	viper.SetDefault("database.password", "taskcafe_test")
 	viper.SetDefault("database.port", "5432")
 	viper.SetDefault("security.token_expiration", "15m")
+	viper.SetDefault("server.remote_user_header", "")

 	viper.SetDefault("queue.broker", "amqp://guest:guest@localhost:5672/")
 	viper.SetDefault("queue.store", "memcache://localhost:11211")
--- a/internal/commands/web.go
+++ b/internal/commands/web.go
@ -75,15 +75,24 @@ func newWebCmd() *cobra.Command {
 				log.Warn("server.secret is not set, generating a random secret")
 				secret = uuid.New().String()
 			}
+
 			security, err := utils.GetSecurityConfig(viper.GetString("security.token_expiration"), []byte(secret))
-			r, _ := route.NewRouter(db, utils.EmailConfig{
-				From:               viper.GetString("smtp.from"),
-				Host:               viper.GetString("smtp.host"),
-				Port:               viper.GetInt("smtp.port"),
-				Username:           viper.GetString("smtp.username"),
-				Password:           viper.GetString("smtp.password"),
-				InsecureSkipVerify: viper.GetBool("smtp.skip_verify"),
-			}, security)
+			if err != nil {
+				log.Error(err)
+			}
+			security.UserAuthHeader = viper.GetString("server.remote_user_header")
+
+			r, _ := route.NewRouter(db, route.Config{
+				Email: utils.EmailConfig{
+					From:               viper.GetString("smtp.from"),
+					Host:               viper.GetString("smtp.host"),
+					Port:               viper.GetInt("smtp.port"),
+					Username:           viper.GetString("smtp.username"),
+					Password:           viper.GetString("smtp.password"),
+					InsecureSkipVerify: viper.GetBool("smtp.skip_verify"),
+				},
+				Security: security,
+			})
 			log.WithFields(log.Fields{"url": viper.GetString("server.hostname")}).Info("starting server")
 			return http.ListenAndServe(viper.GetString("server.hostname"), r)
 		},