Git with a cup of tea, painless self-hosted git service
Mirror for internal git.with.parts use
https://git.with.parts
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
package middleware
|
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/subtle"
|
|
|
|
"fmt"
|
|
|
|
"net/http"
|
|
|
|
)
|
|
|
|
|
|
|
|
// BasicAuth implements a simple middleware handler for adding basic http auth to a route.
|
|
|
|
func BasicAuth(realm string, creds map[string]string) func(next http.Handler) http.Handler {
|
|
|
|
return func(next http.Handler) http.Handler {
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user, pass, ok := r.BasicAuth()
|
|
|
|
if !ok {
|
|
|
|
basicAuthFailed(w, realm)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
credPass, credUserOk := creds[user]
|
|
|
|
if !credUserOk || subtle.ConstantTimeCompare([]byte(pass), []byte(credPass)) != 1 {
|
|
|
|
basicAuthFailed(w, realm)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func basicAuthFailed(w http.ResponseWriter, realm string) {
|
|
|
|
w.Header().Add("WWW-Authenticate", fmt.Sprintf(`Basic realm="%s"`, realm))
|
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
|
|
}
|