HTTP Basic authentication for push endpoint
- Option to input HTTP basic auth username and password when running setup-ntfy - Username and password are stored in notify.json, password is base64-encoded
This commit is contained in:
parent
544eb93e05
commit
54e545a1b5
40
ntfy/ntfy.go
40
ntfy/ntfy.go
|
@ -23,6 +23,8 @@ type NtfyConfig struct {
|
||||||
URL string `json:"url"`
|
URL string `json:"url"`
|
||||||
Topic string `json:"topic"`
|
Topic string `json:"topic"`
|
||||||
BridgePw string `json:"bridgePw"`
|
BridgePw string `json:"bridgePw"`
|
||||||
|
User string `json:"user"`
|
||||||
|
Password string `json:"password"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cfg *NtfyConfig) Init() {
|
func (cfg *NtfyConfig) Init() {
|
||||||
|
@ -63,10 +65,18 @@ func ntfyConfigFile() (string, error) {
|
||||||
func Notify() {
|
func Notify() {
|
||||||
cfg := NtfyConfig{}
|
cfg := NtfyConfig{}
|
||||||
if err := cfg.Read(); err != nil {
|
if err := cfg.Read(); err != nil {
|
||||||
log.Printf("error reading configuration: %v", err)
|
log.Printf("error reading configuration: %v\n", err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
req, _ := http.NewRequest("POST", cfg.URI(), strings.NewReader("New message received"))
|
req, _ := http.NewRequest("POST", cfg.URI(), strings.NewReader("New message received"))
|
||||||
|
if cfg.User != "" && cfg.Password != "" {
|
||||||
|
pw, err := base64.StdEncoding.DecodeString(cfg.Password)
|
||||||
|
if err != nil {
|
||||||
|
log.Printf("Error decoding push endpoint password: %v\n", err)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
req.SetBasicAuth(cfg.User, string(pw))
|
||||||
|
}
|
||||||
req.Header.Set("Title", "ProtonMail")
|
req.Header.Set("Title", "ProtonMail")
|
||||||
req.Header.Set("Click", "dismiss")
|
req.Header.Set("Click", "dismiss")
|
||||||
req.Header.Set("Tags", "envelope")
|
req.Header.Set("Tags", "envelope")
|
||||||
|
@ -154,6 +164,13 @@ func (cfg *NtfyConfig) Setup() {
|
||||||
cfg.URL = os.Getenv("PUSH_URL")
|
cfg.URL = os.Getenv("PUSH_URL")
|
||||||
cfg.Topic = os.Getenv("PUSH_TOPIC")
|
cfg.Topic = os.Getenv("PUSH_TOPIC")
|
||||||
log.Printf("Current push endpoint: %s\n", cfg.URI())
|
log.Printf("Current push endpoint: %s\n", cfg.URI())
|
||||||
|
if os.Getenv("PUSH_USER") != "" && os.Getenv("PUSH_PASSWORD") != "" {
|
||||||
|
cfg.User = os.Getenv("PUSH_USER")
|
||||||
|
cfg.Password = base64.StdEncoding.EncodeToString([]byte(os.Getenv("PUSH_PASSWORD")))
|
||||||
|
log.Println("Authentication for push endpoint configured using environment")
|
||||||
|
} else {
|
||||||
|
log.Println("Both PUSH_USER and PUSH_PASSWORD not set, assuming no authentication is necessary.")
|
||||||
|
}
|
||||||
err := cfg.Save()
|
err := cfg.Save()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal(err)
|
log.Fatal(err)
|
||||||
|
@ -166,6 +183,9 @@ func (cfg *NtfyConfig) Setup() {
|
||||||
fmt.Printf("Current push endpoint: %s\n", cfg.URI())
|
fmt.Printf("Current push endpoint: %s\n", cfg.URI())
|
||||||
n = "new "
|
n = "new "
|
||||||
}
|
}
|
||||||
|
if cfg.User != "" && cfg.Password != "" {
|
||||||
|
fmt.Println("Push is currently configured for basic auth. You'll need to input credentials again")
|
||||||
|
}
|
||||||
|
|
||||||
// Read push base URL
|
// Read push base URL
|
||||||
notValid := true
|
notValid := true
|
||||||
|
@ -192,6 +212,24 @@ func (cfg *NtfyConfig) Setup() {
|
||||||
cfg.Topic = scanner.Text()
|
cfg.Topic = scanner.Text()
|
||||||
}
|
}
|
||||||
fmt.Printf("Using URL %s\n", cfg.URI())
|
fmt.Printf("Using URL %s\n", cfg.URI())
|
||||||
|
// Configure HTTP Basic Auth for push
|
||||||
|
// This needs to be input each time the auth flow is done,
|
||||||
|
// existing values are reset
|
||||||
|
cfg.User = ""
|
||||||
|
cfg.Password = ""
|
||||||
|
scanner = bufio.NewScanner(os.Stdin)
|
||||||
|
fmt.Printf("Input username for push endpoint: ")
|
||||||
|
scanner.Scan()
|
||||||
|
if len(scanner.Text()) > 0 {
|
||||||
|
cfg.User = scanner.Text()
|
||||||
|
}
|
||||||
|
scanner = bufio.NewScanner(os.Stdin)
|
||||||
|
fmt.Printf("Input password for push endpoint: ")
|
||||||
|
scanner.Scan()
|
||||||
|
if len(scanner.Text()) > 0 {
|
||||||
|
// Store the password in base64 for a little obfuscation
|
||||||
|
cfg.Password = base64.StdEncoding.EncodeToString(scanner.Bytes())
|
||||||
|
}
|
||||||
// Save bridge password
|
// Save bridge password
|
||||||
if len(cfg.BridgePw) == 0 {
|
if len(cfg.BridgePw) == 0 {
|
||||||
err := LoginBridge(cfg)
|
err := LoginBridge(cfg)
|
||||||
|
|
Loading…
Reference in New Issue