-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.clj
34 lines (30 loc) · 1.25 KB
/
auth.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
(ns corbihttp.interceptor.auth
(:require [clojure.string :as string]
[constance.comp :as constance]
[corbihttp.b64 :as b64]
[corbihttp.log :as log]
[exoscale.cloak :as cloak]
[exoscale.interceptor :as itc]))
(def forbidden-response {:status 401
:headers {"WWW-Authenticate" "Basic realm=\"mirabelle\""}})
(defn halt
[]
(log/info {} "basic auth: invalid credentials")
(itc/halt forbidden-response))
(defn basic-auth
[{:keys [username password]}]
{:name ::basic-auth
:enter (fn [ctx]
(if-let [auth-header (get-in ctx [:request :headers "authorization"])]
(let [[basic payload] (string/split auth-header #" ")]
(if (and (not (string/blank? basic))
(not (string/blank? payload))
(= "Basic" basic))
(let [[n pass] (-> (b64/from-base64 payload)
(string/split #":"))]
(if (and (constance/constant-string= username n)
(constance/constant-string= pass (cloak/unmask password)))
ctx
(halt)))
(halt)))
(halt)))})