Dumb server that helps you serve files from a path via HTTP.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

113 lines
4.2 KiB

# dumb-http
4 months ago
[![Build Status](https://drone.dcpri.me/api/badges/some-fancy-tools/dumb-http/status.svg)](https://drone.dcpri.me/some-fancy-tools/dumb-http)
Simple HTTP Server and an optional Single Host Reverse Proxy.
This tool is useful to proxy to backend like an API and also serve static
content and avoid CORS Errors.
Though there's no harm is using this in Production, there are servers with
better implementation like [Caddy](https://caddyserver.com) and
[Nginx](https://nginx.org), they should be preferred over this. For development
usecase, certainly this is the best way to work with Single Page Frontend apps
and Backend APIs and avoid any CORS issues that slow down the development.
# Usage
```shell
$ dumb-http -h
Usage of dumb-http
-basic-auth-password string
Password for basic auth
-basic-auth-realm string
Realm for basic auth (default "DUMB-HTTP")
-basic-auth-username string
Username for basic auth
-host string
Host to listen on (default "0.0.0.0")
-path string
Path to serve from (default ".")
-port int
Port to listen on (default 8000)
-proxy-path string
Reverse Proxy path (default "/proxy/")
-proxy-strip-prefix
Strip Prefix while proxying
-proxy-upstream string
Reverse Proxy upstream (backend service). Proxy is disabled if empty
```
# Examples
## Static Server
To quickly show some projects built that uses Javascript and calls a bunch of
APIs.
```shell
$ dumb-http -path ./docs
Serving with dumb-http/latest at http://0.0.0.0:8000/ from ./docs
Root Configuration: http://0.0.0.0:8000/ -> "./docs"
127.0.0.1 - - [06/Jul/2018 17:05:36] "GET / HTTP/1.1" 200 0 16.76µs "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:61.0) Gecko/20100101 Firefox/61.0"
127.0.0.1 - - [06/Jul/2018 17:05:37] "GET / HTTP/1.1" 304 0 173ns "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:61.0) Gecko/20100101 Firefox/61.0"
```
## Static Server with Proxy
To enable API access at path /api/ and pass the request to upstream. Also / serves the static files
from `-path` mentioned.
```shell
$ dumb-http -path ./public -proxy-upstream http://127.0.0.1:8001 -proxy-path /api/
Serving with dumb-http/latest at http://0.0.0.0:8000/ from ./public
Root Configuration: http://0.0.0.0:8000/ -> "./public"
Proxy Configuration: http://0.0.0.0:8000/api/ -> http://127.0.0.1:8001/api/
```
In case if the Backend/Upstream doesn't have the path /api/ that is passed in
`-proxy-path` one can strip that and avoid it being passed to Backend/Upstream
using `-proxy-strip-prefix` that will change the behaviour accordingly.
```shell
$ dumb-http -path ./public -proxy-upstream http://127.0.0.1:8001 -proxy-path /api/ -proxy-strip-prefix
Serving with dumb-http/latest at http://0.0.0.0:8000/ from ./public
Root Configuration: http://0.0.0.0:8000/ -> "./public"
Proxy Configuration: http://0.0.0.0:8000/api/ -> http://127.0.0.1:8001
```
## Static Server with Basic Auth
In case if there's a need to add basic auth in the server, maybe sharing
something over a public network one can use the basic auth flags.
Basic auth needs username and password arguments `-basic-auth-username` and
`-basic-auth-password` respectively, once set this start serving and gives
error code 401 Unauthorized in case if the username and password is incorrect.
The first call will be a 401 as there are no credentials passed from Browser,
to ask for password the server sends `WWW-Authenticate` header as `Basic` with
realm which can be defined via another flag `-basic-auth-realm`. This asks for
password and subsequent requests work properly.
```shell
$ dumb-http -path ./docs -basic-auth-username john -basic-auth-password JohnDoe
Root Configuration: http://0.0.0.0:8000/ -> "./public"
127.0.0.1 - - [18/Sep/2021 10:41:09] "GET / HTTP/1.1" 401 0 34.641µs "-" "Mozilla/5.0 (X11; Linux x86_64; rv:92.0) Gecko/20100101 Firefox/92.0"
```
> Note: The server does not have SSL Implemented yet, so eventually over a
public network the Authorization header can be sniffed, this means the
implementation is not secure by default.
# Acknowledgments
* Concept is inspired from Python module `http.server`.
* Go logging was implemented using snippet mentioned in this [GitHub Gist](https://gist.github.com/cespare/3985516)
# LICENSE
MIT