-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
53 lines (43 loc) · 1.17 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
package auth
import (
"net/http"
"github.com/jorgerasillo/spamhouse/repo"
)
type Authorizer struct {
repo repo.Repository
}
func New(repo repo.Repository) Authorizer {
return Authorizer{
repo: repo,
}
}
// Middleware extracts the request user and password
// and returns a 401 if we credentials are not valid
// or are empty
func (a Authorizer) Middleware() func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
userID, password, _ := r.BasicAuth()
validCreds := a.validateCredentials(userID, password)
if !validCreds {
w.Header().Set("WWW-Authenticate", "Basic realm=Restricted")
w.WriteHeader(http.StatusUnauthorized)
http.Error(w, "Invalid credz", http.StatusUnauthorized)
return
}
next.ServeHTTP(w, r)
})
}
}
// validateCredentials returns false:
// userID or password are empty
// userID or password does not match configuration
func (a Authorizer) validateCredentials(userID, password string) bool {
if len(userID) == 0 || len(password) == 0 {
return false
}
if a.repo.IsUserValid(userID, password) {
return true
}
return false
}