bugfix + upload-security hinzugefügt

go.mod

@@ -2,8 +2,9 @@ module git.send.nrw/sendnrw/go-pgp-server
 
 go 1.24.4
 
+require github.com/ProtonMail/go-crypto v1.3.0
+
 require (
-	github.com/ProtonMail/go-crypto v1.3.0 // indirect
 	github.com/cloudflare/circl v1.6.0 // indirect
 	golang.org/x/crypto v0.33.0 // indirect
 	golang.org/x/sys v0.30.0 // indirect

main.go

@@ -35,6 +35,7 @@ import (
 	"path/filepath"
 	"regexp"
 	"sort"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
@@ -210,6 +211,21 @@ func sanitizeFilename(name string) string {
 	return name
 }
 
+func getenv(k, d string) string {
+	if v := os.Getenv(k); v != "" {
+		return v
+	}
+	return d
+}
+
+func enabled(k string, def bool) bool {
+	b, err := strconv.ParseBool(strings.ToLower(os.Getenv(k)))
+	if err != nil {
+		return def
+	}
+	return b
+}
+
 func genID(email, fingerprint string) string {
 	base := strings.ToLower(strings.TrimSpace(email))
 	fp := strings.ToUpper(strings.TrimSpace(fingerprint))
@@ -306,6 +322,7 @@ func main() {
 	})
 	// Upload with automatic fingerprint parsing
 	mux.HandleFunc("/upload", func(w http.ResponseWriter, r *http.Request) {
+		if enabled("WRITEACCESS", false) {
 			if r.Method != http.MethodPost {
 				http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
 				return
@@ -362,6 +379,11 @@ func main() {
 				return
 			}
 			http.Redirect(w, r, "/", http.StatusSeeOther)
+		} else {
+			http.Error(w, "method not allowed - WRITEACCESS", http.StatusMethodNotAllowed)
+			return
+		}
+
 	})
 
 	// Serve/download by ID

templates/layout.html

@@ -20,7 +20,7 @@
     <div class="d-flex justify-content-between align-items-center mb-4">
       <div>
         <h1 class="brand h3 mb-0">🔐 PGP Key Server</h1>
-        <div class="muted">Durchsuche öffentliche OpenPGP-Schlüssel</div>
+        <div class="muted">Unsere öffentlichen OpenPGP-Schlüssel</div>
       </div>
       <button class="btn btn-success" data-bs-toggle="modal" data-bs-target="#uploadModal">+ Upload</button>
     </div>