This repository has been archived by the owner on Sep 17, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
main.go
100 lines (95 loc) · 2.65 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
// 🚀 Fiber is an Express inspired web framework written in Go with 💖
// 📌 API Documentation: https://fiber.wiki
// 📝 Github Repository: https://github.com/gofiber/fiber
package basicauth
import (
"encoding/base64"
"strings"
"github.com/gofiber/fiber"
)
// Config defines the config for BasicAuth middleware
type Config struct {
// Filter defines a function to skip middleware.
// Optional. Default: nil
Filter func(*fiber.Ctx) bool
// Users defines the allowed credentials
// Required. Default: map[string]string{}
Users map[string]string
// Realm is a string to define realm attribute of BasicAuth.
// the realm identifies the system to authenticate against
// and can be used by clients to save credentials
// Optional. Default: "Restricted".
Realm string
// Authorizer defines a function you can pass
// to check the credentials however you want.
// It will be called with a username and password
// and is expected to return true or false to indicate
// that the credentials were approved or not.
// Optional. Default: nil.
Authorizer func(string, string) bool
// Unauthorized defines the response body for unauthorized responses.
// Optional. Default: nil
Unauthorized func(*fiber.Ctx)
}
func New(config ...Config) func(*fiber.Ctx) {
// Init config
var cfg Config
if len(config) > 0 {
cfg = config[0]
}
if cfg.Users == nil {
cfg.Users = map[string]string{}
}
if cfg.Realm == "" {
cfg.Realm = "Restricted"
}
if cfg.Authorizer == nil {
cfg.Authorizer = func(user, pass string) bool {
if user == "" || pass == "" {
return false
}
return cfg.Users[user] == pass
}
}
if cfg.Unauthorized == nil {
cfg.Unauthorized = func(c *fiber.Ctx) {
c.Set(fiber.HeaderWWWAuthenticate, "basic realm="+cfg.Realm)
c.SendStatus(401)
}
}
// Return middleware handler
return func(c *fiber.Ctx) {
// Filter request to skip middleware
if cfg.Filter != nil && cfg.Filter(c) {
c.Next()
return
}
// Get authorization header
auth := c.Get(fiber.HeaderAuthorization)
// Check if header is valid
if len(auth) > 6 && strings.ToLower(auth[:5]) == "basic" {
// Try to decode
if raw, err := base64.StdEncoding.DecodeString(auth[6:]); err == nil {
// Convert to string
cred := string(raw)
// Find semicolumn
for i := 0; i < len(cred); i++ {
if cred[i] == ':' {
// Split into user & pass
user := cred[:i]
pass := cred[i+1:]
// If exist & match in Users, we let him pass
if cfg.Authorizer(user, pass) {
c.Locals("username", user)
c.Locals("password", pass)
c.Next()
return
}
}
}
}
}
// Authentication failed
cfg.Unauthorized(c)
}
}