31 lines
1.0 KiB
Go
31 lines
1.0 KiB
Go
|
package Handlers
|
||
|
|
|
||
|
|
import (
|
||
|
|
"crypto/subtle"
|
||
|
|
"net/http"
|
||
|
|
)
|
||
|
|
|
||
|
|
// BasicAuth wraps a handler requiring HTTP basic auth for it using the given
|
||
|
|
// username and password and the specified realm, which shouldn't contain quotes.
|
||
|
|
//
|
||
|
|
// Most web browser display a dialog with something like:
|
||
|
|
//
|
||
|
|
// The website says: "<realm>"
|
||
|
|
//
|
||
|
|
// Which is really stupid so you may want to set the realm to a message rather than
|
||
|
|
// an actual realm.
|
||
|
|
//
|
||
|
|
// Taken from on http://stackoverflow.com/questions/21936332/idiomatic-way-of-requiring-http-basic-auth-in-go/39591234#39591234
|
||
|
|
func BasicAuth(handler http.HandlerFunc, username, password, realm string) http.HandlerFunc {
|
||
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
||
|
|
user, pass, ok := r.BasicAuth()
|
||
|
|
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(username)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(password)) != 1 {
|
||
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="`+realm+`"`)
|
||
|
|
w.WriteHeader(401)
|
||
|
|
w.Write([]byte(http.StatusText(401)))
|
||
|
|
return
|
||
|
|
}
|
||
|
|
handler(w, r)
|
||
|
|
}
|
||
|
|
}
|