# Packages
# README
Auth Server
What is this?
This is a utility/example http hosting server, that has authentication for some pages.
There is 1 very specific use case for this:
- You have html files, with no need for SSR
- You want to do either/or:
- basic authentication using the default browser login alert
- redirects
- headers
- You have a lot of pages that require different usernames/passwords
- There is no "individual user" - users have to log in using this specific password
The only actual use case for this that I can think of (and why I even made this in the first place) is for browser based puzzle games like notpron.
How to use
- Place your site contents into a folder called
site - Create a file called
config.yaml, and enter passwords (see syntax below) - Run
go install github.com/shadiestgoat/authServer@latest - Run
authServerin the directory with theconfig.yamlandsitefolder- You can set the
PORTenv variable to change the port this server runs on, by default its 3000 - Note - there isn't any sort implementation for htaccess (unless browsers implement it) or anything like that, its just a static file host w/ authentication for some files
- There is
index.htmlresolution. See file resolution sub-heading.
- You can set the
Configuration
The config.yaml file is the primary way of configuration.
/path/to/page:
# if present, will require the user to input a username/password
auth:
username: string
# optional
password: string
# optional, defaults to the path to this page
realm: string
# any headers here will be sent over to the user
headers:
Example: Cookie Syntax Here Lmao
# Optional. If present, will redirect to this page.
redirect: /abc/321
# Optional. If present, will render the page in /abc/123, with these settings.
fakeRender: /abc/123
/path/to/other/page:
# same syntax here
auth:
username: string
URL Rules
Wildcards are supported. Use * as a wildcard to match 1 path section (ie. area between 2 /). Use ** to match unlimited path sections.
The shortest match route will be used.
If there is are 2 matches with later wildcard at different levels, then the one with the later one wins.
See match table below
| . | /foo | /bar | /foo/bar |
|---|---|---|---|
| /foo | ✅ | :x: | :x: |
| /* | ✅ | ✅ | :x: |
| /** | ✅ | ✅ | ✅ |
| /**/bar | :x: | :x: | ✅ |
Given 2 routes are defined:
/foo/bar/*
/foo/*/bar
Then when matching /foo/bar/bar, /foo/bar/* wins.
File Resolution
There is special file-path resolution. For example, lets say /foo is requested.
flowchart TB
404[Render 404]
HExist{Does ./site/foo.html exist and is not a folder?}
SH[Serve ./site/foo.html]
Start[Request to /foo] --> BExist{Does ./site/foo exist?}
BExist -->| Yes | BFolder{Is ./site/foo a folder?}
BFolder --> | No | SB[Serve ./site/foo]
BFolder --> | Yes | BFolderIndex{Does ./site/foo/index.html exist, and is not a folder?}
BFolderIndex --> | Yes | SBFolderIndexExist[Serve ./site/foo/index.html]
BFolderIndex --> | No | HExist
BExist --> | No | HExist
HExist --> | Yes | SH
HExist --> | No | 404
ENV Variables
As mentioned before, you can add env variables. This is supported through both the .env file and just regular ENV (ENV_VAR=ENV_VAL authServer). As mentioned before, one such variable is PORT, which decides which port your app runs on (default: 3000).
The other 2 are a bit different - MSG_404 and MSG_401. These are 2 of the response messages that server responds with. 404 is for missing pages, 401 is for responses with the incorrect username/password. Special quirk with these is that if you set them to be <file>, then you can write them in a file - 404.html and 401.html in the root directory.
[!NOTE]
Root directory is the directory that contains your.passwordsfile and thesitefolder.
Limitations/Quality
[!IMPORTANT]
I created this in a rush. I do not plan on supporting this project (unless there are major bug fixes that are needed).