44 lines
1.2 KiB
Go
44 lines
1.2 KiB
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
)
|
|
|
|
// basicAuth is a middleware that performs basic authentication.
|
|
func (hs *Handlers) basicAuth(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
if r.Method != "OPTIONS" {
|
|
if !hs.authenticate(r) {
|
|
hs.unauthorized(w)
|
|
return
|
|
}
|
|
}
|
|
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
|
|
// needsAuth checks if the given path requires authentication.
|
|
// func needsAuth(path string) bool {
|
|
// authenticatedPaths := []string{"/http/", "/dav/", "/infuse/"}
|
|
// for _, p := range authenticatedPaths {
|
|
// if strings.HasPrefix(path, p) {
|
|
// return true
|
|
// }
|
|
// }
|
|
// return false
|
|
// }
|
|
|
|
// authenticate performs the basic authentication check.
|
|
func (hs *Handlers) authenticate(r *http.Request) bool {
|
|
username, password, ok := r.BasicAuth()
|
|
return ok && username == hs.cfg.GetUsername() && password == hs.cfg.GetPassword()
|
|
}
|
|
|
|
// unauthorized sends an unauthorized response.
|
|
func (hs *Handlers) unauthorized(w http.ResponseWriter) {
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="restricted"`)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
w.Write([]byte(http.StatusText(http.StatusUnauthorized)))
|
|
}
|