napcs
diff --git a/‎README.md‎
Lines changed: 57 additions & 4 deletions b/‎README.md‎
Lines changed: 57 additions & 4 deletions
diff --git a/‎app.rb‎
Lines changed: 21 additions & 14 deletions b/‎app.rb‎
Lines changed: 21 additions & 14 deletions
diff --git a/‎public/style.css‎
Lines changed: 7 additions & 1 deletion b/‎public/style.css‎
Lines changed: 7 additions & 1 deletion
diff --git a/‎views/layout.erb‎
Lines changed: 6 additions & 4 deletions b/‎views/layout.erb‎
Lines changed: 6 additions & 4 deletions
@@ -43,6 +43,7 @@ S3_ID=your_app_id
 S3_KEY=your_key
 S3_LINK_TIMEOUT=5
 S3_REGION=us-west-2
+S3SERVER_LOGIN=password
 ```
 
 Run the app with `foreman start` to test it out.
@@ -62,19 +63,42 @@ Create a `.env` file in the root of the app with the following contents:
 ```
 RACK_ENV=development
 S3SERVER_SECRET_KEY=your_own_made_up_secret_key_for_cookies
-GOOGLE_ID=your_app_id
-GOOGLE_SECRET=your_google_secret
 S3_BUCKET=your_bucket
 S3_ID=your_app_id
 S3_KEY=your_key
 S3_LINK_TIMEOUT=5
 S3_REGION=us-west-2
+S3SERVER_LOGIN=google
+GOOGLE_ID=your_app_id
+GOOGLE_SECRET=your_google_secret
 ```
 
 This file should **never be checked in to version control.**
 
 Run the app with `foreman start` to test it out.
 
+## Anonymous acces
+
+So you want anyone anywhere to be able to grab files from your bucket?
+
+Are you crazy?
+
+Okay, this is supported, but dangerous. You're opening an S3 bucket to the entire world. You're gonna pay pretty high rates for all that data transfer. The links will still expire after your specified timeout, but literally EVERYONE can see everything in your bucket.
+
+Create a `.env` file in the root of the app with the following contents:
+
+```
+RACK_ENV=development
+S3SERVER_SECRET_KEY=your_own_made_up_secret_key_for_cookies
+S3_BUCKET=your_bucket
+S3_ID=your_app_id
+S3_KEY=your_key
+S3_LINK_TIMEOUT=5
+S3_REGION=us-west-2
+S3SERVER_LOGIN=none
+```
+
+That's it. Fire it up with `foreman start` to test things out.
 
 ## Production
 
@@ -90,6 +114,8 @@ to start your app.
 
 See the foreman documentation for [instructions on exporting to Systemd unit files or other startup services](https://github.com/ddollar/foreman/wiki/Exporting-for-production).
 
+Probably should put this behind Nginx with a Let's Encrypt certificate too.
+
 ## Running with Docker
 
 You may want to run this server in a container instead. There's a Dockerfile included in the repository.
@@ -113,6 +139,7 @@ docker run -d -p 9292:9292 --name s3server \
 -e S3_KEY=your_key \
 -e S3_LINK_TIMEOUT=5 \
 -e S3_REGION=us-west-2 \
+-e S3SERVER_LOGIN=password \
 napcs/s3server
 ```
 
@@ -122,16 +149,33 @@ If using Google authentication, run the container like this:
 docker run -d -p 9292:9292 --name s3server \
 -e RACK_ENV=production \
 -e S3SERVER_SECRET_KEY=your_own_made_up_secret_key_for_cookies \
+-e S3_BUCKET=your_bucket \
+-e S3_ID=your_app_id \
+-e S3_KEY=your_key \
+-e S3_LINK_TIMEOUT=5 \
+-e S3_REGION=us-west-2 \
+-e S3SERVER_LOGIN=google \
 -e GOOGLE_ID=your_app_id \
 -e GOOGLE_SECRET=your_google_secret \
+napcs/s3server
+```
+
+And if you just don't want any authentication for some reason:
+
+```
+docker run -d -p 9292:9292 --name s3server \
+-e RACK_ENV=production \
+-e S3SERVER_SECRET_KEY=your_own_made_up_secret_key_for_cookies \
 -e S3_BUCKET=your_bucket \
 -e S3_ID=your_app_id \
 -e S3_KEY=your_key \
 -e S3_LINK_TIMEOUT=5 \
 -e S3_REGION=us-west-2 \
+-e S3SERVER_LOGIN=none \
 napcs/s3server
 ```
 
+And you're good to go.
 
 Stop the container with
 
@@ -159,12 +203,21 @@ docker rmi napcs/s3server
 
 ## Changelog
 
-* 2017-03-07
+* 2017-08-27 (0.3)
+    * Breaking change:
+      * To handle Google logins, you'll need to add the new `S3SERVER_LOGIN` variable. Set it to `google`, `password`, or `none` depending on the scheme.
+    * [Feature] Add support for serving buckets without a password. Use at your own risk.
+    * Reworked login logic
+    * CSS tweaks to make audio player 100% wide
+    * CSS tweak for large screens
+
+* 2017-03-07 (0.2)
     * [Bugfix] Name of file was not displaying.
     * [Bugfix] US-West region was hardcoded in the ACL lookup.
     * [Feature] Added support for password logins with HTTP Basic Auth.
     * [Feature] Added HTML audio support for audio files.
-* 2017-01-16 
+
+* 2017-01-16 (0.1)
     * Initial release with Google auth and Docker support.
 
 ## License
 
@@ -21,34 +21,41 @@ class S3Server < Sinatra::Base
   end
 
   get "/login" do
-    if ENV["GOOGLE_ID"]
-      redirect "/auth/google_oauth2"
+    auth = Rack::Auth::Basic::Request.new(request.env)
+
+    if auth.provided? and auth.basic? and auth.credentials and can_access_bucket_with_password?(auth.credentials.first, auth.credentials.last)
+      session[:authenticated] = true
+      session[:info] = {email: auth.credentials.first, picture: "", name: auth.credentials.first}
+      redirect "/"
     else
-      auth = Rack::Auth::Basic::Request.new(request.env)
+      headers['WWW-Authenticate'] = 'Basic realm="Restricted Area"'
+      halt 401, "Not authorized\n"
+    end
+  end
 
-      if auth.provided? and auth.basic? and auth.credentials and can_access_bucket_with_password?(auth.credentials.first, auth.credentials.last)
-        session[:authenticated] = true
-        session[:info] = {email: auth.credentials.first, picture: "", name: auth.credentials.first}
-        redirect "/"
+  def login_check
+    unless ENV["S3SERVER_LOGIN"] == "none"
+      return if session[:authenticated]
+      if ENV["S3SERVER_LOGIN"] == "google"
+        redirect "/auth/google_oauth2"
       else
-        headers['WWW-Authenticate'] = 'Basic realm="Restricted Area"'
-        halt 401, "Not authorized\n"
+        redirect "/login"
       end
     end
-
   end
 
   get "/" do
-    redirect "/login" unless session[:authenticated]
+    login_check
     s3 = S3.new ENV["S3_ID"], ENV["S3_KEY"], ENV["S3_BUCKET"], ENV["S3_REGION"]
     @data = s3.get_all_objects
     erb :index
   end
 
-  get "/o/:key" do
-    redirect "/login" unless session[:authenticated]
+  get "/o/*" do
+    login_check
+    key = params[:splat].first
     s3 = S3.new ENV["S3_ID"], ENV["S3_KEY"], ENV["S3_BUCKET"], ENV["S3_REGION"]
-    @data = s3.get_object_data_by_key(params[:key], ENV["S3_LINK_TIMEOUT"])
+    @data = s3.get_object_data_by_key(key, ENV["S3_LINK_TIMEOUT"])
     erb :show
   end
 
 
@@ -7,6 +7,12 @@ body {
   width: 98%;
 }
 
+@media (min-width: 1400px) {
+  .container {
+    width: 60%;
+  }
+}
+
 header {
   background-color: #333;
   color: #fff;
@@ -31,4 +37,4 @@ header .login {
   width: 50%;
 }
 
-video { width: 100% }
+video, audio { width: 100% }
@@ -14,10 +14,12 @@
         <section class="banner">
           <h1>S3Server</h1>
         </section>
-        <section class="login">
-          <img height="16" width="16" alt="Google" src="<%= session[:info][:picture] %>">
-          <%= session[:info][:name] %>
-        </section>
+        <% if session[:info] %>
+          <section class="login">
+            <img height="16" width="16" alt="Google" src="<%= session[:info][:picture] %>">
+            <%= session[:info][:name] %>
+          </section>
+        <% end %>
       </header>
 
       <main role="main">