1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 |
- package auth
- import (
- "encoding/base64"
- "fmt"
- "os"
- "strconv"
- "github.com/gin-gonic/gin"
- log "github.com/sirupsen/logrus"
- )
- func Header(c *gin.Context, key string) string {
- if values, _ := c.Request.Header[key]; len(values) > 0 {
- return values[0]
- }
- return ""
- }
- func BasicAuth() gin.HandlerFunc {
- realm := "Authorization Required"
- realm = "Basic realm=" + strconv.Quote(realm)
- user := os.Getenv("USER")
- password := os.Getenv("PASSWORD")
- enabled := isEnabled(user, password)
- if enabled {
- log.Warn("Auth mode enabled")
- log.Warn(fmt.Sprintf("Visit http://%s:%s@0.0.0.0:8080", user, password))
- }
- return func(c *gin.Context) {
- header := Header(c, "Authorization")
- if enabled && header != authorizationHeader(user, password) {
- // Credentials doesn't match, we return 401 and abort handlers chain.
- c.Header("WWW-Authenticate", realm)
- c.AbortWithStatus(401)
- return
- }
- c.Next()
- }
- }
- func isEnabled(user, password string) bool {
- switch {
- case user == "":
- return false
- case password == "":
- return false
- default:
- return true
- }
- }
- func authorizationHeader(user, password string) string {
- base := user + ":" + password
- return "Basic " + base64.StdEncoding.EncodeToString([]byte(base))
- }
|