31 lines
794 B
Go
31 lines
794 B
Go
// Copyright 2023 Signal Messenger, LLC
|
|
// SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
package middleware
|
|
|
|
import (
|
|
"github.com/signalapp/svr2/auth"
|
|
"github.com/signalapp/svr2/logger"
|
|
"net/http"
|
|
)
|
|
|
|
// AuthCheck wraps an http.Handler to check the request's BasicAuth using the provided authenticator
|
|
func AuthCheck(authenticator auth.Auth, inner http.Handler) http.Handler {
|
|
return &authHandler{authenticator, inner}
|
|
}
|
|
|
|
type authHandler struct {
|
|
authenticator auth.Auth
|
|
inner http.Handler
|
|
}
|
|
|
|
func (a *authHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
user, pass, _ := r.BasicAuth()
|
|
if err := a.authenticator.Check(user, pass); err != nil {
|
|
logger.Infow("basic auth failed", "err", err)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
return
|
|
}
|
|
a.inner.ServeHTTP(w, r)
|
|
}
|