summaryrefslogtreecommitdiffstats
path: root/vendor/github.com/labstack/echo/v4/middleware/basic_auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/github.com/labstack/echo/v4/middleware/basic_auth.go')
-rw-r--r--vendor/github.com/labstack/echo/v4/middleware/basic_auth.go106
1 files changed, 106 insertions, 0 deletions
diff --git a/vendor/github.com/labstack/echo/v4/middleware/basic_auth.go b/vendor/github.com/labstack/echo/v4/middleware/basic_auth.go
new file mode 100644
index 00000000..76ba2420
--- /dev/null
+++ b/vendor/github.com/labstack/echo/v4/middleware/basic_auth.go
@@ -0,0 +1,106 @@
+package middleware
+
+import (
+ "encoding/base64"
+ "strconv"
+ "strings"
+
+ "github.com/labstack/echo/v4"
+)
+
+type (
+ // BasicAuthConfig defines the config for BasicAuth middleware.
+ BasicAuthConfig struct {
+ // Skipper defines a function to skip middleware.
+ Skipper Skipper
+
+ // Validator is a function to validate BasicAuth credentials.
+ // Required.
+ Validator BasicAuthValidator
+
+ // Realm is a string to define realm attribute of BasicAuth.
+ // Default value "Restricted".
+ Realm string
+ }
+
+ // BasicAuthValidator defines a function to validate BasicAuth credentials.
+ BasicAuthValidator func(string, string, echo.Context) (bool, error)
+)
+
+const (
+ basic = "basic"
+ defaultRealm = "Restricted"
+)
+
+var (
+ // DefaultBasicAuthConfig is the default BasicAuth middleware config.
+ DefaultBasicAuthConfig = BasicAuthConfig{
+ Skipper: DefaultSkipper,
+ Realm: defaultRealm,
+ }
+)
+
+// BasicAuth returns an BasicAuth middleware.
+//
+// For valid credentials it calls the next handler.
+// For missing or invalid credentials, it sends "401 - Unauthorized" response.
+func BasicAuth(fn BasicAuthValidator) echo.MiddlewareFunc {
+ c := DefaultBasicAuthConfig
+ c.Validator = fn
+ return BasicAuthWithConfig(c)
+}
+
+// BasicAuthWithConfig returns an BasicAuth middleware with config.
+// See `BasicAuth()`.
+func BasicAuthWithConfig(config BasicAuthConfig) echo.MiddlewareFunc {
+ // Defaults
+ if config.Validator == nil {
+ panic("echo: basic-auth middleware requires a validator function")
+ }
+ if config.Skipper == nil {
+ config.Skipper = DefaultBasicAuthConfig.Skipper
+ }
+ if config.Realm == "" {
+ config.Realm = defaultRealm
+ }
+
+ return func(next echo.HandlerFunc) echo.HandlerFunc {
+ return func(c echo.Context) error {
+ if config.Skipper(c) {
+ return next(c)
+ }
+
+ auth := c.Request().Header.Get(echo.HeaderAuthorization)
+ l := len(basic)
+
+ if len(auth) > l+1 && strings.ToLower(auth[:l]) == basic {
+ b, err := base64.StdEncoding.DecodeString(auth[l+1:])
+ if err != nil {
+ return err
+ }
+ cred := string(b)
+ for i := 0; i < len(cred); i++ {
+ if cred[i] == ':' {
+ // Verify credentials
+ valid, err := config.Validator(cred[:i], cred[i+1:], c)
+ if err != nil {
+ return err
+ } else if valid {
+ return next(c)
+ }
+ break
+ }
+ }
+ }
+
+ realm := defaultRealm
+ if config.Realm != defaultRealm {
+ realm = strconv.Quote(config.Realm)
+ }
+
+ // Need to return `401` for browsers to pop-up login box.
+ c.Response().Header().Set(echo.HeaderWWWAuthenticate, basic+" realm="+realm)
+ return echo.ErrUnauthorized
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 01:26:22 +0000