Idea #5824
Updated by Tom Clegg almost 9 years ago
Location
* source:services/keepdl
Authentication mechanisms needed
* Accept @Authorization: OAuth2 {token}@ header, and set CORS headers[1] (suitable for aware clients, like an in-browser app)
* HTTP basic authentication just like arv-git-httpd (probably easier to use with general purpose tools: curl, wget, .netrc)
* reader_token in path (suitable for "get a link to share" downloads)
* Configured anonymous token (try this if other auths don't work)
Download URIs mirror Workbench's
* http://dl.{domain}/collections/{uuid}/path/file.ext
* http://dl.{domain}/collections/{portable_data_hash}/path/file.ext
* http://dl.{domain}/collections/download/{uuid}/{token}/path/file.ext
* http://dl.{domain}/collections/download/{portable_data_hash}/{token}/path/file.ext
MIME types
* Look up file extension with "mime.TypeByExtension()":https://golang.org/pkg/mime/#TypeByExtension
Deployment
* Install docs & source:docker/ need to run keepdl
Nice to have: directory listings
* Very basic formatting (bootstrap would be nice but can wait)
* OK if we show a directory listing only at the top level, similar to the way Workbench does it.
* OK not to support directory listings _at all_ (at least for the first version), and just let Workbench do that part?
* Explicitly no index.html in place of directory listings.
** This means "wget -r" can always be expected to work, but it also ensures this can't be used to host entire web sites along the lines of github pages. If we add this capability in the future we could add a -render-index flag. This would make more sense if it came with a bunch of other features anyway, like dynamically mapping vhosts to collections.
fn1. Do not accept cookies with CORS requests!