This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/internal/web/web_static.go
Jens Langhammer 126e43dea4 internal: disable directory listing on static files
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-04 13:40:29 +02:00

66 lines
2.5 KiB
Go

package web
import (
"net/http"
"goauthentik.io/internal/config"
"goauthentik.io/internal/constants"
staticWeb "goauthentik.io/web"
staticDocs "goauthentik.io/website"
)
func (ws *WebServer) configureStatic() {
statRouter := ws.lh.NewRoute().Subrouter()
statRouter.Use(disableIndex)
// Media files, always local
fs := http.FileServer(http.Dir(config.G.Paths.Media))
var distHandler http.Handler
var authentikHandler http.Handler
var helpHandler http.Handler
if config.G.Debug || config.G.Web.LoadLocalFiles {
ws.log.Debug("Using local static files")
distHandler = http.StripPrefix("/static/dist/", http.FileServer(http.Dir("./web/dist")))
authentikHandler = http.StripPrefix("/static/authentik/", http.FileServer(http.Dir("./web/authentik")))
helpHandler = http.StripPrefix("/help/", http.FileServer(http.Dir("./website/help")))
} else {
statRouter.Use(ws.staticHeaderMiddleware)
ws.log.Debug("Using packaged static files with aggressive caching")
distHandler = http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticDist)))
authentikHandler = http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik)))
helpHandler = http.FileServer(http.FS(staticDocs.Help))
}
statRouter.PathPrefix("/static/dist/").Handler(distHandler)
statRouter.PathPrefix("/static/authentik/").Handler(authentikHandler)
statRouter.PathPrefix("/media/").Handler(http.StripPrefix("/media", fs))
statRouter.PathPrefix("/if/help/").Handler(helpHandler)
statRouter.PathPrefix("/help").Handler(http.RedirectHandler("/if/help/", http.StatusMovedPermanently))
ws.lh.Path("/robots.txt").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
rw.Header()["Content-Type"] = []string{"text/plain"}
rw.WriteHeader(200)
_, err := rw.Write(staticWeb.RobotsTxt)
if err != nil {
ws.log.WithError(err).Warning("failed to write response")
}
})
ws.lh.Path("/.well-known/security.txt").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
rw.Header()["Content-Type"] = []string{"text/plain"}
rw.WriteHeader(200)
_, err := rw.Write(staticWeb.SecurityTxt)
if err != nil {
ws.log.WithError(err).Warning("failed to write response")
}
})
}
func (ws *WebServer) staticHeaderMiddleware(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Cache-Control", "\"public, no-transform\"")
w.Header().Set("X-authentik-version", constants.VERSION)
w.Header().Set("Vary", "X-authentik-version")
h.ServeHTTP(w, r)
})
}