From 58f5f81d9d38a20939167fcf6b41030c6d34db1c Mon Sep 17 00:00:00 2001
From: Henrique Dias <hacdias@gmail.com>
Date: Mon, 6 Aug 2018 17:18:23 +0100
Subject: [PATCH 1/5] refactor: rename settings

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
---
 cmd/filebrowser/main.go | 159 ++++++++++++++++++++++------------------
 filebrowser.go          |  11 ++-
 http/auth.go            |   4 +-
 http/http.go            |   6 +-
 4 files changed, 102 insertions(+), 78 deletions(-)

diff --git a/cmd/filebrowser/main.go b/cmd/filebrowser/main.go
index d1c3d634..b9d1f7b4 100644
--- a/cmd/filebrowser/main.go
+++ b/cmd/filebrowser/main.go
@@ -2,6 +2,14 @@ package main
 
 import (
 	"fmt"
+	"io/ioutil"
+	"log"
+	"net"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+
 	"github.com/asdine/storm"
 	"github.com/filebrowser/filebrowser"
 	"github.com/filebrowser/filebrowser/bolt"
@@ -11,13 +19,7 @@ import (
 	flag "github.com/spf13/pflag"
 	"github.com/spf13/viper"
 	"gopkg.in/natefinch/lumberjack.v2"
-	"io/ioutil"
-	"log"
-	"net"
-	"net/http"
-	"os"
-	"path/filepath"
-	"strings")
+)
 
 var (
 	addr            string
@@ -53,70 +55,85 @@ func init() {
 	flag.StringVarP(&addr, "address", "a", "", "Address to listen to (default is all of them)")
 	flag.StringVarP(&database, "database", "d", "./filebrowser.db", "Database file")
 	flag.StringVarP(&logfile, "log", "l", "stdout", "Errors logger; can use 'stdout', 'stderr' or file")
-	flag.StringVarP(&scope, "scope", "s", ".", "Default scope option for new users")
 	flag.StringVarP(&baseurl, "baseurl", "b", "", "Base URL")
-	flag.StringVar(&commands, "commands", "git svn hg", "Default commands option for new users")
 	flag.StringVar(&prefixurl, "prefixurl", "", "Prefix URL")
-	flag.StringVar(&viewMode, "view-mode", "mosaic", "Default view mode for new users")
-	flag.StringVar(&recaptchakey, "recaptcha-key", "", "ReCaptcha site key")
-	flag.StringVar(&recaptchasecret, "recaptcha-secret", "", "ReCaptcha secret")
-	flag.BoolVar(&allowCommands, "allow-commands", true, "Default allow commands option for new users")
-	flag.BoolVar(&allowEdit, "allow-edit", true, "Default allow edit option for new users")
-	flag.BoolVar(&allowPublish, "allow-publish", true, "Default allow publish option for new users")
-	flag.StringVar(&auth.method, "auth.method", "default", "Switch between 'none', 'default' and 'proxy' authentication.")
-	flag.StringVar(&auth.loginHeader, "auth.loginHeader", "X-Forwarded-User", "The header name used for proxy authentication.")
-	flag.BoolVar(&allowNew, "allow-new", true, "Default allow new option for new users")
-	flag.BoolVar(&noAuth, "no-auth", false, "Disables authentication")
-	flag.BoolVar(&alterRecaptcha, "alternative-recaptcha", false, "Use recaptcha.net for serving and handling, useful in China")
-	flag.StringVar(&locale, "locale", "", "Default locale for new users, set it empty to enable auto detect from browser")
 	flag.StringVar(&staticg, "staticgen", "", "Static Generator you want to enable")
 	flag.BoolVarP(&showVer, "version", "v", false, "Show version")
+
+	// User default values
+	flag.StringVar(&commands, "defaults.commands", "git svn hg", "Default commands option for new users")
+	flag.StringVarP(&scope, "defaults.scope", "s", ".", "Default scope option for new users")
+	flag.StringVar(&viewMode, "defaults.viewMode", "mosaic", "Default view mode for new users")
+	flag.BoolVar(&allowCommands, "defaults.allowCommands", true, "Default allow commands option for new users")
+	flag.BoolVar(&allowEdit, "defaults.allowEdit", true, "Default allow edit option for new users")
+	flag.BoolVar(&allowPublish, "defaults.allowPublish", true, "Default allow publish option for new users")
+	flag.BoolVar(&allowNew, "defaults.allowNew", true, "Default allow new option for new users")
+	flag.StringVar(&locale, "defaults.locale", "", "Default locale for new users, set it empty to enable auto detect from browser")
+
+	// Recaptcha settings
+	flag.BoolVar(&alterRecaptcha, "recaptcha.alternative", false, "Use recaptcha.net for serving and handling, useful in China")
+	flag.StringVar(&recaptchakey, "recaptcha.key", "", "ReCaptcha site key")
+	flag.StringVar(&recaptchasecret, "recaptcha.secret", "", "ReCaptcha secret")
+
+	// Auth settings
+	flag.BoolVar(&noAuth, "noAuth", false, "Disables authentication")
+	flag.StringVar(&auth.method, "auth.method", "default", "Switch between 'none', 'default' and 'proxy' authentication.")
+	flag.StringVar(&auth.loginHeader, "auth.loginHeader", "X-Forwarded-User", "The header name used for proxy authentication.")
 }
 
 func setupViper() {
-	viper.SetDefault("Address", "")
 	viper.SetDefault("Port", "0")
+	viper.SetDefault("Address", "")
 	viper.SetDefault("Database", "./filebrowser.db")
-	viper.SetDefault("Scope", ".")
 	viper.SetDefault("Logger", "stdout")
-	viper.SetDefault("Commands", []string{"git", "svn", "hg"})
-	viper.SetDefault("AllowCommmands", true)
-	viper.SetDefault("AllowEdit", true)
-	viper.SetDefault("AllowNew", true)
-	viper.SetDefault("AllowPublish", true)
-	viper.SetDefault("StaticGen", "")
-	viper.SetDefault("Locale", "")
-	viper.SetDefault("AuthMethod", "default")
-	viper.SetDefault("LoginHeader", "X-Fowarded-User")
-	viper.SetDefault("NoAuth", false)
 	viper.SetDefault("BaseURL", "")
 	viper.SetDefault("PrefixURL", "")
-	viper.SetDefault("ViewMode", filebrowser.MosaicViewMode)
-	viper.SetDefault("AlternativeRecaptcha", false)
-	viper.SetDefault("ReCaptchaKey", "")
-	viper.SetDefault("ReCaptchaSecret", "")
+	viper.SetDefault("StaticGen", "")
+	viper.SetDefault("NoAuth", false)
 
 	viper.BindPFlag("Port", flag.Lookup("port"))
 	viper.BindPFlag("Address", flag.Lookup("address"))
 	viper.BindPFlag("Database", flag.Lookup("database"))
-	viper.BindPFlag("Scope", flag.Lookup("scope"))
 	viper.BindPFlag("Logger", flag.Lookup("log"))
-	viper.BindPFlag("Commands", flag.Lookup("commands"))
-	viper.BindPFlag("AllowCommands", flag.Lookup("allow-commands"))
-	viper.BindPFlag("AllowEdit", flag.Lookup("allow-edit"))
-	viper.BindPFlag("AllowNew", flag.Lookup("allow-new"))
-	viper.BindPFlag("AllowPublish", flag.Lookup("allow-publish"))
-	viper.BindPFlag("Locale", flag.Lookup("locale"))
-	viper.BindPFlag("StaticGen", flag.Lookup("staticgen"))
-	viper.BindPFlag("AuthMethod", flag.Lookup("auth.method"))
-	viper.BindPFlag("LoginHeader", flag.Lookup("auth.loginHeader"))
-	viper.BindPFlag("NoAuth", flag.Lookup("no-auth"))
 	viper.BindPFlag("BaseURL", flag.Lookup("baseurl"))
 	viper.BindPFlag("PrefixURL", flag.Lookup("prefixurl"))
-	viper.BindPFlag("ViewMode", flag.Lookup("view-mode"))
-	viper.BindPFlag("AlternativeRecaptcha", flag.Lookup("alternative-recaptcha"))
-	viper.BindPFlag("ReCaptchaKey", flag.Lookup("recaptcha-key"))
-	viper.BindPFlag("ReCaptchaSecret", flag.Lookup("recaptcha-secret"))
+	viper.BindPFlag("StaticGen", flag.Lookup("staticgen"))
+	viper.BindPFlag("NoAuth", flag.Lookup("no-auth"))
+
+	// User default values
+	viper.SetDefault("Defaults.Scope", ".")
+	viper.SetDefault("Defaults.Commands", []string{"git", "svn", "hg"})
+	viper.SetDefault("Defaults.ViewMode", filebrowser.MosaicViewMode)
+	viper.SetDefault("Defaults.AllowCommmands", true)
+	viper.SetDefault("Defaults.AllowEdit", true)
+	viper.SetDefault("Defaults.AllowNew", true)
+	viper.SetDefault("Defaults.AllowPublish", true)
+	viper.SetDefault("Defaults.Locale", "")
+
+	viper.BindPFlag("Defaults.Scope", flag.Lookup("defaults.scope"))
+	viper.BindPFlag("Defaults.Commands", flag.Lookup("defaults.commands"))
+	viper.BindPFlag("Defaults.ViewMode", flag.Lookup("defaults.viewMode"))
+	viper.BindPFlag("Defaults.AllowCommands", flag.Lookup("defaults.allowCommands"))
+	viper.BindPFlag("Defaults.AllowEdit", flag.Lookup("defaults.allowEdit"))
+	viper.BindPFlag("Defaults.AllowNew", flag.Lookup("defaults.allowNew"))
+	viper.BindPFlag("Defaults.AllowPublish", flag.Lookup("defaults.allowPublish"))
+	viper.BindPFlag("Defaults.Locale", flag.Lookup("defaults.locale"))
+
+	// Recaptcha settings
+	viper.SetDefault("Recaptcha.Alternative", false)
+	viper.SetDefault("Recaptcha.Key", "")
+	viper.SetDefault("Recaptcha.Secret", "")
+
+	viper.BindPFlag("Recaptcha.Alternative", flag.Lookup("recaptcha.alternative"))
+	viper.BindPFlag("Recaptcha.Key", flag.Lookup("recaptcha.key"))
+	viper.BindPFlag("Recaptcha.Secret", flag.Lookup("recaptcha.secret"))
+
+	// Auth settings
+	viper.SetDefault("AuthMethod", "default")
+	viper.SetDefault("LoginHeader", "X-Fowarded-User")
+
+	viper.BindPFlag("AuthMethod", flag.Lookup("auth.method"))
+	viper.BindPFlag("LoginHeader", flag.Lookup("auth.loginHeader"))
 
 	viper.SetConfigName("filebrowser")
 	viper.AddConfigPath(".")
@@ -209,31 +226,33 @@ func handler() http.Handler {
 	}
 
 	recaptchaHost := "https://www.google.com"
-	if viper.GetBool("AlternativeRecaptcha") {
+	if viper.GetBool("Recaptcha.Alternative") {
 		recaptchaHost = "https://recaptcha.net"
 	}
 
 	fm := &filebrowser.FileBrowser{
-		AuthMethod:      viper.GetString("AuthMethod"),
-		LoginHeader:     viper.GetString("LoginHeader"),
-		NoAuth:          viper.GetBool("NoAuth"),
-		BaseURL:         viper.GetString("BaseURL"),
-		PrefixURL:       viper.GetString("PrefixURL"),
-		ReCaptchaHost:   recaptchaHost,
-		ReCaptchaKey:    viper.GetString("ReCaptchaKey"),
-		ReCaptchaSecret: viper.GetString("ReCaptchaSecret"),
+		AuthMethod:  viper.GetString("AuthMethod"),
+		LoginHeader: viper.GetString("LoginHeader"),
+		NoAuth:      viper.GetBool("NoAuth"),
+		BaseURL:     viper.GetString("BaseURL"),
+		PrefixURL:   viper.GetString("PrefixURL"),
+		ReCaptcha: &filebrowser.ReCaptcha{
+			Host:   recaptchaHost,
+			Key:    viper.GetString("Recaptcha.Key"),
+			Secret: viper.GetString("Recaptcha.Secret"),
+		},
 		DefaultUser: &filebrowser.User{
-			AllowCommands: viper.GetBool("AllowCommands"),
-			AllowEdit:     viper.GetBool("AllowEdit"),
-			AllowNew:      viper.GetBool("AllowNew"),
-			AllowPublish:  viper.GetBool("AllowPublish"),
-			Commands:      viper.GetStringSlice("Commands"),
+			AllowCommands: viper.GetBool("Defaults.AllowCommands"),
+			AllowEdit:     viper.GetBool("Defaults.AllowEdit"),
+			AllowNew:      viper.GetBool("Defaults.AllowNew"),
+			AllowPublish:  viper.GetBool("Defaults.AllowPublish"),
+			Commands:      viper.GetStringSlice("Defaults.Commands"),
 			Rules:         []*filebrowser.Rule{},
-			Locale:        viper.GetString("Locale"),
+			Locale:        viper.GetString("Defaults.Locale"),
 			CSS:           "",
-			Scope:         viper.GetString("Scope"),
-			FileSystem:    fileutils.Dir(viper.GetString("Scope")),
-			ViewMode:      viper.GetString("ViewMode"),
+			Scope:         viper.GetString("Defaults.Scope"),
+			FileSystem:    fileutils.Dir(viper.GetString("Defaults.Scope")),
+			ViewMode:      viper.GetString("Defaults.ViewMode"),
 		},
 		Store: &filebrowser.Store{
 			Config: bolt.ConfigStore{DB: db},
diff --git a/filebrowser.go b/filebrowser.go
index ed1ac681..ddf26eac 100644
--- a/filebrowser.go
+++ b/filebrowser.go
@@ -41,6 +41,13 @@ var (
 	ErrInvalidOption      = errors.New("invalid option")
 )
 
+// ReCaptcha settings.
+type ReCaptcha struct {
+	Host   string
+	Key    string
+	Secret string
+}
+
 // FileBrowser is a file manager instance. It should be creating using the
 // 'New' function and not directly.
 type FileBrowser struct {
@@ -82,9 +89,7 @@ type FileBrowser struct {
 	LoginHeader string
 
 	// ReCaptcha host, key and secret.
-	ReCaptchaHost   string
-	ReCaptchaKey    string
-	ReCaptchaSecret string
+	ReCaptcha *ReCaptcha
 
 	// StaticGen is the static websit generator handler.
 	StaticGen StaticGen
diff --git a/http/auth.go b/http/auth.go
index 58d12212..d184e34a 100644
--- a/http/auth.go
+++ b/http/auth.go
@@ -80,8 +80,8 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
 	}
 
 	// If ReCaptcha is enabled, check the code.
-	if len(c.ReCaptchaSecret) > 0 {
-		ok, err := reCaptcha(c.ReCaptchaHost, c.ReCaptchaSecret, cred.ReCaptcha)
+	if len(c.ReCaptcha.Secret) > 0 {
+		ok, err := reCaptcha(c.ReCaptcha.Host, c.ReCaptcha.Secret, cred.ReCaptcha)
 		if err != nil {
 			return http.StatusForbidden, err
 		}
diff --git a/http/http.go b/http/http.go
index a5e93311..55e43eef 100644
--- a/http/http.go
+++ b/http/http.go
@@ -231,9 +231,9 @@ func renderFile(c *fb.Context, w http.ResponseWriter, file string) (int, error)
 		"NoAuth":        c.NoAuth,
 		"Version":       fb.Version,
 		"CSS":           template.CSS(c.CSS),
-		"ReCaptcha":     c.ReCaptchaKey != "" && c.ReCaptchaSecret != "",
-		"ReCaptchaHost": c.ReCaptchaHost,
-		"ReCaptchaKey":  c.ReCaptchaKey,
+		"ReCaptcha":     c.ReCaptcha.Key != "" && c.ReCaptcha.Secret != "",
+		"ReCaptchaHost": c.ReCaptcha.Host,
+		"ReCaptchaKey":  c.ReCaptcha.Key,
 	}
 
 	if c.StaticGen != nil {

From 62589ca0656b77890c84efc94f8373c34690a993 Mon Sep 17 00:00:00 2001
From: Henrique Dias <hacdias@gmail.com>
Date: Mon, 6 Aug 2018 17:29:44 +0100
Subject: [PATCH 2/5] update docker file settings

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
---
 Docker.json | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/Docker.json b/Docker.json
index d3b14f36..8d9d290c 100644
--- a/Docker.json
+++ b/Docker.json
@@ -2,9 +2,11 @@
   "port": 80,
   "address": "",
   "database": "/database.db",
-  "scope": "/srv",
-  "allowCommands": true,
-  "allowEdit": true,
-  "allowNew": true,
-  "commands": []
+  "defaults": {
+    "scope": "/srv",
+    "allowCommands": true,
+    "allowEdit": true,
+    "allowNew": true,
+    "commands": []
+  }
 }

From 201838ae5993c2f4a658d3f7708a76f3bf0a8197 Mon Sep 17 00:00:00 2001
From: Henrique Dias <hacdias@gmail.com>
Date: Mon, 6 Aug 2018 17:31:10 +0100
Subject: [PATCH 3/5] linting fixing

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
---
 http/subtitle.go | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/http/subtitle.go b/http/subtitle.go
index e83f295b..fb57917c 100644
--- a/http/subtitle.go
+++ b/http/subtitle.go
@@ -12,15 +12,15 @@ import (
 )
 
 func subtitlesHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, error) {
-	files, err := ReadDir(filepath.Dir(c.File.Path))
+	files, err := readDir(filepath.Dir(c.File.Path))
 	if err != nil {
 		return http.StatusInternalServerError, err
 	}
-	var subtitles = make([]map[string]string, 0)
+	subtitles := make([]map[string]string, 0)
 	for _, file := range files {
 		ext := filepath.Ext(file.Name())
 		if ext == ".vtt" || ext == ".srt" {
-			var sub map[string]string = make(map[string]string)
+			sub := make(map[string]string)
 			sub["src"] = filepath.Dir(c.File.Path) + "/" + file.Name()
 			sub["kind"] = "subtitles"
 			sub["label"] = file.Name()
@@ -31,7 +31,7 @@ func subtitlesHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (in
 }
 
 func subtitleHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, error) {
-	str, err := CleanSubtitle(c.File.Path)
+	str, err := cleanSubtitle(c.File.Path)
 	if err != nil {
 		return http.StatusInternalServerError, err
 	}
@@ -55,7 +55,7 @@ func subtitleHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int
 
 }
 
-func CleanSubtitle(filename string) (string, error) {
+func cleanSubtitle(filename string) (string, error) {
 	b, err := ioutil.ReadFile(filename)
 	if err != nil {
 		return "", err
@@ -69,7 +69,7 @@ func CleanSubtitle(filename string) (string, error) {
 	return str, err
 }
 
-func ReadDir(dirname string) ([]os.FileInfo, error) {
+func readDir(dirname string) ([]os.FileInfo, error) {
 	f, err := os.Open(dirname)
 	if err != nil {
 		return nil, err

From d60c600967a257ba2d8ea6473dbea84124e4aab9 Mon Sep 17 00:00:00 2001
From: Henrique Dias <hacdias@gmail.com>
Date: Wed, 8 Aug 2018 11:20:23 +0100
Subject: [PATCH 4/5] updates and auth on a obj

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
---
 cmd/filebrowser/main.go | 40 +++++++++++++++++++---------------------
 filebrowser.go          | 27 ++++++++++++++-------------
 http/auth.go            | 12 ++++++------
 http/http.go            |  2 +-
 http/users.go           |  2 +-
 5 files changed, 41 insertions(+), 42 deletions(-)

diff --git a/cmd/filebrowser/main.go b/cmd/filebrowser/main.go
index b9d1f7b4..a9ef208a 100644
--- a/cmd/filebrowser/main.go
+++ b/cmd/filebrowser/main.go
@@ -37,10 +37,9 @@ var (
 	recaptchasecret string
 	port            int
 	auth            struct {
-		method      string
-		loginHeader string
+		method string
+		header string
 	}
-	noAuth         bool
 	allowCommands  bool
 	allowEdit      bool
 	allowNew       bool
@@ -76,9 +75,8 @@ func init() {
 	flag.StringVar(&recaptchasecret, "recaptcha.secret", "", "ReCaptcha secret")
 
 	// Auth settings
-	flag.BoolVar(&noAuth, "noAuth", false, "Disables authentication")
-	flag.StringVar(&auth.method, "auth.method", "default", "Switch between 'none', 'default' and 'proxy' authentication.")
-	flag.StringVar(&auth.loginHeader, "auth.loginHeader", "X-Forwarded-User", "The header name used for proxy authentication.")
+	flag.StringVar(&auth.method, "auth.method", "default", "Switch between 'none', 'default' and 'proxy' authentication")
+	flag.StringVar(&auth.header, "auth.header", "X-Forwarded-User", "The header name used for proxy authentication")
 }
 
 func setupViper() {
@@ -89,7 +87,6 @@ func setupViper() {
 	viper.SetDefault("BaseURL", "")
 	viper.SetDefault("PrefixURL", "")
 	viper.SetDefault("StaticGen", "")
-	viper.SetDefault("NoAuth", false)
 
 	viper.BindPFlag("Port", flag.Lookup("port"))
 	viper.BindPFlag("Address", flag.Lookup("address"))
@@ -98,7 +95,6 @@ func setupViper() {
 	viper.BindPFlag("BaseURL", flag.Lookup("baseurl"))
 	viper.BindPFlag("PrefixURL", flag.Lookup("prefixurl"))
 	viper.BindPFlag("StaticGen", flag.Lookup("staticgen"))
-	viper.BindPFlag("NoAuth", flag.Lookup("no-auth"))
 
 	// User default values
 	viper.SetDefault("Defaults.Scope", ".")
@@ -129,11 +125,11 @@ func setupViper() {
 	viper.BindPFlag("Recaptcha.Secret", flag.Lookup("recaptcha.secret"))
 
 	// Auth settings
-	viper.SetDefault("AuthMethod", "default")
-	viper.SetDefault("LoginHeader", "X-Fowarded-User")
+	viper.SetDefault("Auth.Method", "default")
+	viper.SetDefault("Auth.Header", "X-Fowarded-User")
 
-	viper.BindPFlag("AuthMethod", flag.Lookup("auth.method"))
-	viper.BindPFlag("LoginHeader", flag.Lookup("auth.loginHeader"))
+	viper.BindPFlag("Auth.Method", flag.Lookup("auth.method"))
+	viper.BindPFlag("Auth.Header", flag.Lookup("auth.header"))
 
 	viper.SetConfigName("filebrowser")
 	viper.AddConfigPath(".")
@@ -192,13 +188,13 @@ func main() {
 	}
 
 	// Validate the provided config before moving forward
-	if viper.GetString("AuthMethod") != "none" && viper.GetString("AuthMethod") != "default" && viper.GetString("AuthMethod") != "proxy" {
+	if viper.GetString("Auth.Method") != "none" && viper.GetString("Auth.Method") != "default" && viper.GetString("Auth.Method") != "proxy" {
 		log.Fatal("The property 'auth.method' needs to be set to 'default' or 'proxy'.")
 	}
 
-	if viper.GetString("AuthMethod") == "proxy" {
-		if viper.GetString("LoginHeader") == "" {
-			log.Fatal("The 'loginHeader' needs to be specified when 'proxy' authentication is used.")
+	if viper.GetString("Auth.Method") == "proxy" {
+		if viper.GetString("Auth.Header") == "" {
+			log.Fatal("The 'auth.header' needs to be specified when 'proxy' authentication is used.")
 		}
 		log.Println("[WARN] Filebrowser authentication is configured to 'proxy' authentication. This can cause a huge security issue if the infrastructure is not configured correctly.")
 	}
@@ -231,11 +227,10 @@ func handler() http.Handler {
 	}
 
 	fm := &filebrowser.FileBrowser{
-		AuthMethod:  viper.GetString("AuthMethod"),
-		LoginHeader: viper.GetString("LoginHeader"),
-		NoAuth:      viper.GetBool("NoAuth"),
-		BaseURL:     viper.GetString("BaseURL"),
-		PrefixURL:   viper.GetString("PrefixURL"),
+		Auth: &filebrowser.Auth{
+			Method: viper.GetString("Auth.Method"),
+			Header: viper.GetString("Auth.Header"),
+		},
 		ReCaptcha: &filebrowser.ReCaptcha{
 			Host:   recaptchaHost,
 			Key:    viper.GetString("Recaptcha.Key"),
@@ -264,6 +259,9 @@ func handler() http.Handler {
 		},
 	}
 
+	fm.SetBaseURL(viper.GetString("BaseURL"))
+	fm.SetPrefixURL(viper.GetString("PrefixURL"))
+
 	err = fm.Setup()
 	if err != nil {
 		log.Fatal(err)
diff --git a/filebrowser.go b/filebrowser.go
index ddf26eac..04fb185e 100644
--- a/filebrowser.go
+++ b/filebrowser.go
@@ -48,6 +48,18 @@ type ReCaptcha struct {
 	Secret string
 }
 
+// Auth settings.
+type Auth struct {
+	// Define if which of the following authentication mechansims should be used:
+	// - 'default', which requires a user and a password.
+	// - 'proxy', which requires a valid user and the user name has to be provided through an
+	//   http header.
+	// - 'none', which allows anyone to access the filebrowser instance.
+	Method string
+	// If 'Method' is set to 'proxy' the header configured below is used to identify the user.
+	Header string
+}
+
 // FileBrowser is a file manager instance. It should be creating using the
 // 'New' function and not directly.
 type FileBrowser struct {
@@ -74,19 +86,8 @@ type FileBrowser struct {
 	// edited directly. Use SetBaseURL.
 	BaseURL string
 
-	// NoAuth disables the authentication. When the authentication is disabled,
-	// there will only exist one user, called "admin".
-	NoAuth bool
-
-	// Define if which of the following authentication mechansims should be used:
-	// - 'default', which requires a user and a password.
-	// - 'proxy', which requires a valid user and the user name has to be provided through an
-	//   http header.
-	// - 'none', which allows anyone to access the filebrowser instance.
-	AuthMethod string
-
-	// When 'AuthMethod' is set to 'proxy' the header configured below is used to identify the user.
-	LoginHeader string
+	// Authentication configuration.
+	Auth *Auth
 
 	// ReCaptcha host, key and secret.
 	ReCaptcha *ReCaptcha
diff --git a/http/auth.go b/http/auth.go
index d184e34a..d3d46eb5 100644
--- a/http/auth.go
+++ b/http/auth.go
@@ -51,14 +51,14 @@ func reCaptcha(host, secret, response string) (bool, error) {
 
 // authHandler processes the authentication for the user.
 func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, error) {
-	if c.NoAuth {
+	if c.Auth.Method == "none" {
 		// NoAuth instances shouldn't call this method.
 		return 0, nil
 	}
 
-	if c.AuthMethod == "proxy" {
+	if c.Auth.Method == "proxy" {
 		// Receive the Username from the Header and check if it exists.
-		u, err := c.Store.Users.GetByUsername(r.Header.Get(c.LoginHeader), c.NewFS)
+		u, err := c.Store.Users.GetByUsername(r.Header.Get(c.Auth.Header), c.NewFS)
 		if err != nil {
 			return http.StatusForbidden, nil
 		}
@@ -178,14 +178,14 @@ func (e extractor) ExtractToken(r *http.Request) (string, error) {
 // validateAuth is used to validate the authentication and returns the
 // User if it is valid.
 func validateAuth(c *fb.Context, r *http.Request) (bool, *fb.User) {
-	if c.NoAuth {
+	if c.Auth.Method == "none" {
 		c.User = c.DefaultUser
 		return true, c.User
 	}
 
 	// If proxy auth is used do not verify the JWT token if the header is provided.
-	if c.AuthMethod == "proxy" {
-		u, err := c.Store.Users.GetByUsername(r.Header.Get(c.LoginHeader), c.NewFS)
+	if c.Auth.Method == "proxy" {
+		u, err := c.Store.Users.GetByUsername(r.Header.Get(c.Auth.Header), c.NewFS)
 		if err != nil {
 			return false, nil
 		}
diff --git a/http/http.go b/http/http.go
index 55e43eef..9ef409f4 100644
--- a/http/http.go
+++ b/http/http.go
@@ -228,7 +228,7 @@ func renderFile(c *fb.Context, w http.ResponseWriter, file string) (int, error)
 
 	data := map[string]interface{}{
 		"BaseURL":       c.RootURL(),
-		"NoAuth":        c.NoAuth,
+		"NoAuth":        c.Auth.Method == "none",
 		"Version":       fb.Version,
 		"CSS":           template.CSS(c.CSS),
 		"ReCaptcha":     c.ReCaptcha.Key != "" && c.ReCaptcha.Secret != "",
diff --git a/http/users.go b/http/users.go
index f924e304..aab4c89d 100644
--- a/http/users.go
+++ b/http/users.go
@@ -276,7 +276,7 @@ func usersPutHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int
 
 	// If we're updating the default user. Only for NoAuth
 	// implementations. Used to change the viewMode.
-	if id == 0 && c.NoAuth {
+	if id == 0 && c.Auth.Method == "none" {
 		c.DefaultUser.ViewMode = u.ViewMode
 		return http.StatusOK, nil
 	}

From a9851d8e749df53b1d7ca7acb7dda4577e5f36cd Mon Sep 17 00:00:00 2001
From: Henrique Dias <hacdias@gmail.com>
Date: Wed, 8 Aug 2018 11:43:28 +0100
Subject: [PATCH 5/5] recaptcha host instead of alternative

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
---
 cmd/filebrowser/main.go | 61 ++++++++++++++++++++---------------------
 1 file changed, 29 insertions(+), 32 deletions(-)

diff --git a/cmd/filebrowser/main.go b/cmd/filebrowser/main.go
index a9ef208a..b2278f5c 100644
--- a/cmd/filebrowser/main.go
+++ b/cmd/filebrowser/main.go
@@ -22,30 +22,32 @@ import (
 )
 
 var (
-	addr            string
-	config          string
-	database        string
-	scope           string
-	commands        string
-	logfile         string
-	staticg         string
-	locale          string
-	baseurl         string
-	prefixurl       string
-	viewMode        string
-	recaptchakey    string
-	recaptchasecret string
-	port            int
-	auth            struct {
+	addr      string
+	config    string
+	database  string
+	scope     string
+	commands  string
+	logfile   string
+	staticg   string
+	locale    string
+	baseurl   string
+	prefixurl string
+	viewMode  string
+	port      int
+	recaptcha struct {
+		host   string
+		key    string
+		secret string
+	}
+	auth struct {
 		method string
 		header string
 	}
-	allowCommands  bool
-	allowEdit      bool
-	allowNew       bool
-	allowPublish   bool
-	showVer        bool
-	alterRecaptcha bool
+	allowCommands bool
+	allowEdit     bool
+	allowNew      bool
+	allowPublish  bool
+	showVer       bool
 )
 
 func init() {
@@ -70,9 +72,9 @@ func init() {
 	flag.StringVar(&locale, "defaults.locale", "", "Default locale for new users, set it empty to enable auto detect from browser")
 
 	// Recaptcha settings
-	flag.BoolVar(&alterRecaptcha, "recaptcha.alternative", false, "Use recaptcha.net for serving and handling, useful in China")
-	flag.StringVar(&recaptchakey, "recaptcha.key", "", "ReCaptcha site key")
-	flag.StringVar(&recaptchasecret, "recaptcha.secret", "", "ReCaptcha secret")
+	flag.StringVar(&recaptcha.host, "recaptcha.host", "https://www.google.com", "Use another host for ReCAPTCHA. recaptcha.net might be useful in China")
+	flag.StringVar(&recaptcha.key, "recaptcha.key", "", "ReCaptcha site key")
+	flag.StringVar(&recaptcha.secret, "recaptcha.secret", "", "ReCaptcha secret")
 
 	// Auth settings
 	flag.StringVar(&auth.method, "auth.method", "default", "Switch between 'none', 'default' and 'proxy' authentication")
@@ -116,11 +118,11 @@ func setupViper() {
 	viper.BindPFlag("Defaults.Locale", flag.Lookup("defaults.locale"))
 
 	// Recaptcha settings
-	viper.SetDefault("Recaptcha.Alternative", false)
+	viper.SetDefault("Recaptcha.Host", "https://www.google.com")
 	viper.SetDefault("Recaptcha.Key", "")
 	viper.SetDefault("Recaptcha.Secret", "")
 
-	viper.BindPFlag("Recaptcha.Alternative", flag.Lookup("recaptcha.alternative"))
+	viper.BindPFlag("Recaptcha.Host", flag.Lookup("recaptcha.host"))
 	viper.BindPFlag("Recaptcha.Key", flag.Lookup("recaptcha.key"))
 	viper.BindPFlag("Recaptcha.Secret", flag.Lookup("recaptcha.secret"))
 
@@ -221,18 +223,13 @@ func handler() http.Handler {
 		log.Fatal(err)
 	}
 
-	recaptchaHost := "https://www.google.com"
-	if viper.GetBool("Recaptcha.Alternative") {
-		recaptchaHost = "https://recaptcha.net"
-	}
-
 	fm := &filebrowser.FileBrowser{
 		Auth: &filebrowser.Auth{
 			Method: viper.GetString("Auth.Method"),
 			Header: viper.GetString("Auth.Header"),
 		},
 		ReCaptcha: &filebrowser.ReCaptcha{
-			Host:   recaptchaHost,
+			Host:   viper.GetString("Recaptcha.Host"),
 			Key:    viper.GetString("Recaptcha.Key"),
 			Secret: viper.GetString("Recaptcha.Secret"),
 		},