Tweak authorization for feeds/downloads, add hero to feeds page

2025-07-19 04:44:48 -04:00 · 2022-07-08 23:24:19 -05:00 · 2022-07-08 23:24:19 -05:00 · d659fb9649
commit d659fb9649
parent 8090f3f9f7
11 changed files with 117 additions and 93 deletions
--- a/config/apache/standardebooks.org.conf
+++ b/config/apache/standardebooks.org.conf
@ -280,12 +280,13 @@ Define webroot /standardebooks.org/web
 	# Enable mod_authn_dbd
 	DBDriver mysql
 	DBDParams "dbname=se user=www-data"
-	<DirectoryMatch "^${webroot}/www/feeds/(opds|rss|atom).*">
-		# Enable HTTP Basic auth for feeds
+	# HTTP Basic Auth configuration for:
+	# /patrons-circle/downloads
+	# /feeds
+	<DirectoryMatch "^${webroot}/www/(patrons-circle/downloads|feeds/(opds|rss|atom).*)">
 		AuthType	Basic
-		AuthName	"Enter your Patrons Circle email address or your API key, and a blank password."
+		AuthName	"Enter your Patrons Circle email address and leave the password empty."
 		Require		valid-user
-		ErrorDocument	401	/feeds/401

 		# Credentials caching to prevent slamming the DB. socache must be ahead of dbd
 		AuthBasicProvider	socache dbd
@ -304,6 +305,23 @@ Define webroot /standardebooks.org/web
 			select Email, Uuid from FeedUsers fu inner join Users u using (UserId) where fu.Ended is null \
 			) x where %s in (Email, Uuid) limit 1 \
 		"
+	</DirectoryMatch>
+
+	# Specific config for /patrons-circle
+	<DirectoryMatch "^${webroot}/www/patrons-circle">
+		<FilesMatch "\.php$">
+			# Disable HTTP Basic auth for the index and 401 pages
+			Require all granted
+		</FilesMatch>
+
+		<FilesMatch "\.zip$">
+			ErrorDocument	401	/patrons-circle/downloads
+		</FilesMatch>
+	</DirectoryMatch>
+
+	# Specific config for /feeds
+	<DirectoryMatch "^${webroot}/www/feeds/(opds|rss|atom).*">
+		ErrorDocument	401	/feeds/401

 		<FilesMatch "^(style\.php|new-releases\.xml|index\.php|index\.xml)$">
 			# Disable HTTP Basic auth for the feed XSL stylesheet and the new releases feeds
--- a/config/apache/standardebooks.test.conf
+++ b/config/apache/standardebooks.test.conf
@ -262,12 +262,13 @@ Define webroot /standardebooks.org/web
 	# Enable mod_authn_dbd
 	DBDriver mysql
 	DBDParams "dbname=se user=www-data"
-	<DirectoryMatch "^${webroot}/www/feeds/(opds|rss|atom).*">
-		# Enable HTTP Basic auth for feeds
+	# HTTP Basic Auth configuration for:
+	# /patrons-circle/downloads
+	# /feeds
+	<DirectoryMatch "^${webroot}/www/(patrons-circle/downloads|feeds/(opds|rss|atom).*)">
 		AuthType	Basic
-		AuthName	"Enter your Patrons Circle email address or your API key, and a blank password."
+		AuthName	"Enter your Patrons Circle email address and leave the password empty."
 		Require		valid-user
-		ErrorDocument	401	/feeds/401

 		# Credentials caching to prevent slamming the DB. socache must be ahead of dbd
 		AuthBasicProvider	socache dbd
@ -286,6 +287,23 @@ Define webroot /standardebooks.org/web
 			select Email, Uuid from FeedUsers fu inner join Users u using (UserId) where fu.Ended is null \
 			) x where %s in (Email, Uuid) limit 1 \
 		"
+	</DirectoryMatch>
+
+	# Specific config for /patrons-circle
+	<DirectoryMatch "^${webroot}/www/patrons-circle">
+		<FilesMatch "\.php$">
+			# Disable HTTP Basic auth for the index and 401 pages
+			Require all granted
+		</FilesMatch>
+
+		<FilesMatch "\.zip$">
+			ErrorDocument	401	/patrons-circle/downloads
+		</FilesMatch>
+	</DirectoryMatch>
+
+	# Specific config for /feeds
+	<DirectoryMatch "^${webroot}/www/feeds/(opds|rss|atom).*">
+		ErrorDocument	401	/feeds/401

 		<FilesMatch "^(style\.php|new-releases\.xml|index\.php|index\.xml)$">
 			# Disable HTTP Basic auth for the feed XSL stylesheet and the new releases feeds