Aurélie DELHAIE
0a33d1b68d
All checks were successful
CloudSave/pipeline/head This commit looks good
47 lines
1.1 KiB
Go
47 lines
1.1 KiB
Go
package api
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"golang.org/x/crypto/bcrypt"
|
|
)
|
|
|
|
func recoverMiddleware(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
defer func() {
|
|
err := recover()
|
|
if err != nil {
|
|
internalServerError(w, r)
|
|
}
|
|
}()
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
|
|
// BasicAuth implements a simple middleware handler for adding basic http auth to a route.
|
|
func (s *HTTPServer) BasicAuth(realm string) func(next http.Handler) http.Handler {
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
user, pass, ok := r.BasicAuth()
|
|
if !ok {
|
|
basicAuthFailed(w, r, realm)
|
|
return
|
|
}
|
|
|
|
credPass := s.creds[user]
|
|
if err := bcrypt.CompareHashAndPassword([]byte(credPass), []byte(pass)); err != nil {
|
|
basicAuthFailed(w, r, realm)
|
|
return
|
|
}
|
|
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
}
|
|
|
|
func basicAuthFailed(w http.ResponseWriter, r *http.Request, realm string) {
|
|
w.Header().Add("WWW-Authenticate", fmt.Sprintf(`Basic realm="%s"`, realm))
|
|
unauthorized(w, r)
|
|
}
|