Yinr/cloudflare-docker-proxy
1
0
Fork 0
forked from GitHub/cloudflare-docker-proxy
Code Pull Requests Activity

Compare commits

merge into: Yinr:master
Branches Tags
Yinr:master GitHub:master GitHub:yscai/fix-index GitHub:yscai/fix-redirect GitHub:yscai/remove-routes GitHub:yscai/ci-fork GitHub:yscai/registry-version GitHub:yscai/deploy-stage GitHub:yscai/dockerhub-library GitHub:yscai/private-image GitHub:yscai/fix-no-auth GitHub:yscai/deprecate-k8s-gcr
...
pull from: GitHub:yscai/private-image
Branches Tags
GitHub:master GitHub:yscai/fix-index GitHub:yscai/fix-redirect GitHub:yscai/remove-routes GitHub:yscai/ci-fork GitHub:yscai/registry-version GitHub:yscai/deploy-stage GitHub:yscai/dockerhub-library GitHub:yscai/private-image GitHub:yscai/fix-no-auth GitHub:yscai/deprecate-k8s-gcr Yinr:master

1 Commits
master ... yscai/priv

Author SHA1 Message Date
ciiiii
8574d1c619 Fix registry auth 2024-06-13 04:27:03 +08:00
2 changed files with 9 additions and 27 deletions
Expand all files Collapse all files

35
src/index.js
View File

@@ -25,27 +25,6 @@ function routeByHosts(host) {
async function handleRequest(request) { async function handleRequest(request) {
const url = new URL(request.url); const url = new URL(request.url);
const authorization = request.headers.get("Authorization");
if (url.pathname == "/v2/") {
if (authorization === null || authorization === "") {
const headers = new Headers();
if (MODE == "debug") {
headers.set(
"Www-Authenticate",
`Bearer realm="http://${url.host}/v2/auth",service="cloudflare-docker-proxy"`
);
} else {
headers.set(
"Www-Authenticate",
`Bearer realm="https://${url.hostname}/v2/auth",service="cloudflare-docker-proxy"`
);
}
return new Response(JSON.stringify({ message: "UNAUTHORIZED" }), {
status: 401,
headers: headers,
});
}
}
const upstream = routeByHosts(url.hostname); const upstream = routeByHosts(url.hostname);
if (upstream === "") { if (upstream === "") {
return new Response( return new Response(
@@ -57,20 +36,24 @@ async function handleRequest(request) {
} }
); );
} }
// check if need to authenticate const authorization = request.headers.get("Authorization");
if (url.pathname == "/v2/") { if (url.pathname == "/v2/") {
const newUrl = new URL(upstream + "/v2/"); const newUrl = new URL(upstream + "/v2/");
const headers = new Headers();
if (authorization) {
headers.set("Authorization", authorization);
}
// check if need to authenticate
const resp = await fetch(newUrl.toString(), { const resp = await fetch(newUrl.toString(), {
method: "GET", method: "GET",
headers: headers,
redirect: "follow", redirect: "follow",
}); });
if (resp.status === 200) { if (resp.status === 401) {
} else if (resp.status === 401) {
const headers = new Headers();
if (MODE == "debug") { if (MODE == "debug") {
headers.set( headers.set(
"Www-Authenticate", "Www-Authenticate",
`Bearer realm="${LOCAL_ADDRESS}/v2/auth",service="cloudflare-docker-proxy"` `Bearer realm="http://${url.host}/v2/auth",service="cloudflare-docker-proxy"`
); );
} else { } else {
headers.set( headers.set(

1
wrangler.toml
View File

@@ -11,7 +11,6 @@ upstream_protocol="https"
[vars] [vars]
MODE="production" MODE="production"
LOCAL_ADDRESS=""
TARGET_UPSTREAM="" TARGET_UPSTREAM=""
[env.dev.vars] [env.dev.vars]