From: Paul Hänsch Date: Tue, 5 Mar 2024 15:22:05 +0000 (+0100) Subject: implemented HTTP Basic authorization X-Git-Url: https://git.plutz.net//?a=commitdiff_plain;h=ed8107a661e4737beb99ebb6abd0512b5e965bfc;p=rigidfind implemented HTTP Basic authorization --- diff --git a/index.cgi b/index.cgi index 0078a2f..5351b2b 100755 --- a/index.cgi +++ b/index.cgi @@ -109,6 +109,23 @@ search() { _INDEX="${PATH_INFO#/}" _INDEX="${_INDEX%%/*}" _records="${_DATA}/${_INDEX}/_0_DOCS" +if [ "${INDEX}" -a ! -d "${_DATA}/${_INDEX}" ]; then + printf '%s\r\n' "Status: 404 Not Found" "" + exit 0 +elif authlist="$(DBM "${_DATA}/auth.db" get "${_INDEX}" )"; then + auth="$(HEADER Authorization)" auth="${auth#Basic }" + for a in $authlist deny; do + [ "$auth" = "$a" ] && break + done + if [ "$a" = "deny" -o ! "$auth" ]; then + printf '%s\r\n' "Status: 401 Unauthorized" \ + "WWW-Authenticate: Basic realm=\"Rigid Find\"" "" \ + | debug + exit 0 + fi + unset a auth authlist +fi + if [ "$REQUEST_METHOD" = "PUT" ]; then _doc="${PATH_INFO#"/${_INDEX}/_doc"}" @@ -194,7 +211,7 @@ elif [ "$REQUEST_METHOD" = "DELETE" ]; then exit 0 elif [ "$REQUEST_METHOD" = "POST" ]; then - J="$(json_load "$(head -c "${CONTENT_LENGTH:-0}")")" + J="$(json_load "$(head -c "${CONTENT_LENGTH:-0}" |debug)")" J="$(json_get "$J" query.bool.must.bool.should)" words="$( @@ -202,10 +219,12 @@ elif [ "$REQUEST_METHOD" = "POST" ]; then json_get "$(UNSTRING "$j")" match_phrase_prefix.content done 2>/dev/null )" + debug "Search words: $words" results="@ $( search "${_DATA}/${_INDEX}" $words \ | while read -r score id source; do + debug "Hit: $id $score" S="$(DB2 "" set _index str:"${_INDEX}")" S="$(DB2 "$S" set _id str:"$(UNSTRING "${id#/}")")" S="$(DB2 "$S" set _score num:"$score")" @@ -237,7 +256,7 @@ elif [ "$REQUEST_METHOD" = "HEAD" ]; then && ctype="${accept}" || ctype="application/json" cat <<-EOF - HTTP/1.1 200 OK + Status: 200 OK X-elastic-product: Elasticsearch content-type: ${ctype} @@ -250,7 +269,7 @@ elif [ "$REQUEST_METHOD" = "GET" ]; then && ctype="${accept}" || ctype="application/json" cat <<-EOF - HTTP/1.1 200 OK + Status: 200 OK X-elastic-product: Elasticsearch content-type: ${ctype}