github.com/cheikhshift/buffalo@v0.9.5/middleware/basicauth/basicauth.go

github.com/cheikhshift/buffalo@v0.9.5/middleware/basicauth/basicauth.go (about)

     1  package basicauth
     2  
     3  import (
     4  	"encoding/base64"
     5  	"net/http"
     6  	"strings"
     7  
     8  	"github.com/gobuffalo/buffalo"
     9  	"github.com/pkg/errors"
    10  )
    11  
    12  var (
    13  	// ErrNoCreds is returned when no basic auth credentials are defined
    14  	ErrNoCreds = errors.New("no basic auth credentials defined")
    15  
    16  	// ErrAuthFail is returned when the client fails basic authentication
    17  	ErrAuthFail = errors.New("invalid basic auth username or password")
    18  )
    19  
    20  // Authorizer is used to authenticate the basic auth username/password.
    21  // Should return true/false and/or an error.
    22  type Authorizer func(buffalo.Context, string, string) (bool, error)
    23  
    24  // Middleware enables basic authentication
    25  func Middleware(auth Authorizer) buffalo.MiddlewareFunc {
    26  	return func(next buffalo.Handler) buffalo.Handler {
    27  		return func(c buffalo.Context) error {
    28  			token := strings.SplitN(c.Request().Header.Get("Authorization"), " ", 2)
    29  			if len(token) != 2 {
    30  				c.Response().Header().Set("WWW-Authenticate", `Basic realm="Basic Authentication"`)
    31  				return c.Error(http.StatusUnauthorized, errors.New("Unauthorized"))
    32  			}
    33  			b, err := base64.StdEncoding.DecodeString(token[1])
    34  			if err != nil {
    35  				return ErrAuthFail
    36  			}
    37  			pair := strings.SplitN(string(b), ":", 2)
    38  			if len(pair) != 2 {
    39  				return ErrAuthFail
    40  			}
    41  			success, err := auth(c, pair[0], pair[1])
    42  			if err != nil {
    43  				return errors.WithStack(err)
    44  			}
    45  			if !success {
    46  				return ErrAuthFail
    47  			}
    48  			return next(c)
    49  		}
    50  	}
    51  }