Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
C
caddy
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
caddy
Commits
27fc1672
Commit
27fc1672
authored
Apr 23, 2015
by
Matthew Holt
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Basic auth middleware
parent
e6c5482b
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
103 additions
and
0 deletions
+103
-0
config/middleware.go
config/middleware.go
+2
-0
middleware/basicauth/basicauth.go
middleware/basicauth/basicauth.go
+101
-0
No files found.
config/middleware.go
View file @
27fc1672
...
@@ -2,6 +2,7 @@ package config
...
@@ -2,6 +2,7 @@ package config
import
(
import
(
"github.com/mholt/caddy/middleware"
"github.com/mholt/caddy/middleware"
"github.com/mholt/caddy/middleware/basicauth"
"github.com/mholt/caddy/middleware/browse"
"github.com/mholt/caddy/middleware/browse"
"github.com/mholt/caddy/middleware/errors"
"github.com/mholt/caddy/middleware/errors"
"github.com/mholt/caddy/middleware/extensions"
"github.com/mholt/caddy/middleware/extensions"
...
@@ -45,6 +46,7 @@ func init() {
...
@@ -45,6 +46,7 @@ func init() {
register
(
"rewrite"
,
rewrite
.
New
)
register
(
"rewrite"
,
rewrite
.
New
)
register
(
"redir"
,
redirect
.
New
)
register
(
"redir"
,
redirect
.
New
)
register
(
"ext"
,
extensions
.
New
)
register
(
"ext"
,
extensions
.
New
)
register
(
"basicauth"
,
basicauth
.
New
)
register
(
"proxy"
,
proxy
.
New
)
register
(
"proxy"
,
proxy
.
New
)
register
(
"fastcgi"
,
fastcgi
.
New
)
register
(
"fastcgi"
,
fastcgi
.
New
)
register
(
"websocket"
,
websockets
.
New
)
register
(
"websocket"
,
websockets
.
New
)
...
...
middleware/basicauth/basicauth.go
0 → 100644
View file @
27fc1672
package
basicauth
import
(
"net/http"
"github.com/mholt/caddy/middleware"
)
// New constructs a new BasicAuth middleware instance.
func
New
(
c
middleware
.
Controller
)
(
middleware
.
Middleware
,
error
)
{
rules
,
err
:=
parse
(
c
)
if
err
!=
nil
{
return
nil
,
err
}
basic
:=
BasicAuth
{
Rules
:
rules
,
}
return
func
(
next
middleware
.
Handler
)
middleware
.
Handler
{
basic
.
Next
=
next
return
basic
},
nil
}
// ServeHTTP implements the middleware.Handler interface.
func
(
a
BasicAuth
)
ServeHTTP
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
(
int
,
error
)
{
for
_
,
rule
:=
range
a
.
Rules
{
for
_
,
res
:=
range
rule
.
Resources
{
if
!
middleware
.
Path
(
r
.
URL
.
Path
)
.
Matches
(
res
)
{
continue
}
// Path matches; parse auth header
username
,
password
,
ok
:=
r
.
BasicAuth
()
// Check credentials
if
!
ok
||
username
!=
rule
.
Username
||
password
!=
rule
.
Password
{
w
.
Header
()
.
Set
(
"WWW-Authenticate"
,
"Basic"
)
return
http
.
StatusUnauthorized
,
nil
}
// "It's an older code, sir, but it checks out. I was about to clear them."
return
a
.
Next
.
ServeHTTP
(
w
,
r
)
}
}
// Pass-thru when no paths match
return
a
.
Next
.
ServeHTTP
(
w
,
r
)
}
func
parse
(
c
middleware
.
Controller
)
([]
Rule
,
error
)
{
var
rules
[]
Rule
for
c
.
Next
()
{
var
rule
Rule
args
:=
c
.
RemainingArgs
()
switch
len
(
args
)
{
case
2
:
rule
.
Username
=
args
[
0
]
rule
.
Password
=
args
[
1
]
for
c
.
NextBlock
()
{
rule
.
Resources
=
append
(
rule
.
Resources
,
c
.
Val
())
if
c
.
NextArg
()
{
return
rules
,
c
.
Err
(
"Expecting only one resource per line (extra '"
+
c
.
Val
()
+
"')"
)
}
}
case
3
:
rule
.
Resources
=
append
(
rule
.
Resources
,
args
[
0
])
rule
.
Username
=
args
[
1
]
rule
.
Password
=
args
[
2
]
default
:
return
rules
,
c
.
ArgErr
()
}
rules
=
append
(
rules
,
rule
)
}
return
rules
,
nil
}
// BasicAuth is middleware to protect resources with a username and password.
// Note that HTTP Basic Authentication is not secure by itself and should
// not be used to protect important assets without HTTPS. Even then, the
// security of HTTP Basic Auth is disputed. Use discretion when deciding
// what to protect with BasicAuth.
type
BasicAuth
struct
{
Next
middleware
.
Handler
Rules
[]
Rule
}
// Rule represents a BasicAuth rule. A username and password
// combination protect the associated resources, which are
// file or directory paths.
type
Rule
struct
{
Username
string
Password
string
Resources
[]
string
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment