34 lines
873 B
Go
34 lines
873 B
Go
|
package middleware
|
||
|
|
||
|
import (
|
||
|
"net/http"
|
||
|
"os"
|
||
|
|
||
|
"golang.org/x/crypto/bcrypt"
|
||
|
)
|
||
|
|
||
|
func BasicAuth(f http.HandlerFunc) http.HandlerFunc {
|
||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||
|
username, password, ok := r.BasicAuth()
|
||
|
hash, err := HashPassword(os.Getenv("PASSWORD"))
|
||
|
if err == nil && ok {
|
||
|
if username == os.Getenv("USERNAME") && CheckPasswordHash(password, hash) {
|
||
|
f(w, r)
|
||
|
return
|
||
|
}
|
||
|
}
|
||
|
w.Header().Set("WWW-Authenticate", `Basic realm="restricted", charset="UTF-8"`)
|
||
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
||
|
})
|
||
|
}
|
||
|
|
||
|
func HashPassword(password string) (string, error) {
|
||
|
bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
|
||
|
return string(bytes), err
|
||
|
}
|
||
|
|
||
|
func CheckPasswordHash(password, hash string) bool {
|
||
|
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
|
||
|
return err == nil
|
||
|
}
|