2017-07-10 17:32:42 +02:00
|
|
|
// Package basicauth provides http basic authentication via middleware. See _examples/authentication/basicauth
|
2017-02-14 04:54:11 +01:00
|
|
|
package basicauth
|
|
|
|
|
|
2017-07-10 17:32:42 +02:00
|
|
|
// test file: ../../_examples/authentication/basicauth/main_test.go
|
|
|
|
|
|
2017-02-14 04:54:11 +01:00
|
|
|
import (
|
|
|
|
|
"encoding/base64"
|
|
|
|
|
"strconv"
|
|
|
|
|
"time"
|
|
|
|
|
|
Publish the new version :airplane: | Look description please!
# FAQ
### Looking for free support?
http://support.iris-go.com
https://kataras.rocket.chat/channel/iris
### Looking for previous versions?
https://github.com/kataras/iris#version
### Should I upgrade my Iris?
Developers are not forced to upgrade if they don't really need it. Upgrade whenever you feel ready.
> Iris uses the [vendor directory](https://docs.google.com/document/d/1Bz5-UB7g2uPBdOx-rw5t9MxJwkfpx90cqG9AFL0JAYo) feature, so you get truly reproducible builds, as this method guards against upstream renames and deletes.
**How to upgrade**: Open your command-line and execute this command: `go get -u github.com/kataras/iris`.
For further installation support, please click [here](http://support.iris-go.com/d/16-how-to-install-iris-web-framework).
### About our new home page
http://iris-go.com
Thanks to [Santosh Anand](https://github.com/santoshanand) the http://iris-go.com has been upgraded and it's really awesome!
[Santosh](https://github.com/santoshanand) is a freelancer, he has a great knowledge of nodejs and express js, Android, iOS, React Native, Vue.js etc, if you need a developer to find or create a solution for your problem or task, please contact with him.
The amount of the next two or three donations you'll send they will be immediately transferred to his own account balance, so be generous please!
Read more at https://github.com/kataras/iris/blob/master/HISTORY.md
Former-commit-id: eec2d71bbe011d6b48d2526eb25919e36e5ad94e
2017-06-03 22:22:52 +02:00
|
|
|
"github.com/kataras/iris"
|
|
|
|
|
"github.com/kataras/iris/context"
|
2017-02-14 04:54:11 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type (
|
|
|
|
|
encodedUser struct {
|
|
|
|
|
HeaderValue string
|
|
|
|
|
Username string
|
|
|
|
|
logged bool
|
|
|
|
|
expires time.Time
|
|
|
|
|
}
|
|
|
|
|
encodedUsers []encodedUser
|
|
|
|
|
|
|
|
|
|
basicAuthMiddleware struct {
|
|
|
|
|
config Config
|
|
|
|
|
// these are filled from the config.Users map at the startup
|
|
|
|
|
auth encodedUsers
|
|
|
|
|
realmHeaderValue string
|
|
|
|
|
expireEnabled bool // if the config.Expires is a valid date, default disabled
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
//
|
|
|
|
|
|
2017-06-10 14:28:09 +02:00
|
|
|
// New accepts basicauth.Config and returns a new Handler
|
|
|
|
|
// which will ask the client for basic auth (username, password),
|
|
|
|
|
// validate that and if valid continues to the next handler, otherwise
|
|
|
|
|
// throws a StatusUnauthorized http error code.
|
Publish the new version :airplane: | Look description please!
# FAQ
### Looking for free support?
http://support.iris-go.com
https://kataras.rocket.chat/channel/iris
### Looking for previous versions?
https://github.com/kataras/iris#version
### Should I upgrade my Iris?
Developers are not forced to upgrade if they don't really need it. Upgrade whenever you feel ready.
> Iris uses the [vendor directory](https://docs.google.com/document/d/1Bz5-UB7g2uPBdOx-rw5t9MxJwkfpx90cqG9AFL0JAYo) feature, so you get truly reproducible builds, as this method guards against upstream renames and deletes.
**How to upgrade**: Open your command-line and execute this command: `go get -u github.com/kataras/iris`.
For further installation support, please click [here](http://support.iris-go.com/d/16-how-to-install-iris-web-framework).
### About our new home page
http://iris-go.com
Thanks to [Santosh Anand](https://github.com/santoshanand) the http://iris-go.com has been upgraded and it's really awesome!
[Santosh](https://github.com/santoshanand) is a freelancer, he has a great knowledge of nodejs and express js, Android, iOS, React Native, Vue.js etc, if you need a developer to find or create a solution for your problem or task, please contact with him.
The amount of the next two or three donations you'll send they will be immediately transferred to his own account balance, so be generous please!
Read more at https://github.com/kataras/iris/blob/master/HISTORY.md
Former-commit-id: eec2d71bbe011d6b48d2526eb25919e36e5ad94e
2017-06-03 22:22:52 +02:00
|
|
|
func New(c Config) context.Handler {
|
|
|
|
|
config := DefaultConfig()
|
|
|
|
|
if c.Realm != "" {
|
|
|
|
|
config.Realm = c.Realm
|
|
|
|
|
}
|
|
|
|
|
config.Users = c.Users
|
|
|
|
|
|
|
|
|
|
b := &basicAuthMiddleware{config: config}
|
2017-02-14 04:54:11 +01:00
|
|
|
b.init()
|
|
|
|
|
return b.Serve
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-10 14:28:09 +02:00
|
|
|
// Default accepts only the users and returns a new Handler
|
|
|
|
|
// which will ask the client for basic auth (username, password),
|
|
|
|
|
// validate that and if valid continues to the next handler, otherwise
|
|
|
|
|
// throws a StatusUnauthorized http error code.
|
Publish the new version :airplane: | Look description please!
# FAQ
### Looking for free support?
http://support.iris-go.com
https://kataras.rocket.chat/channel/iris
### Looking for previous versions?
https://github.com/kataras/iris#version
### Should I upgrade my Iris?
Developers are not forced to upgrade if they don't really need it. Upgrade whenever you feel ready.
> Iris uses the [vendor directory](https://docs.google.com/document/d/1Bz5-UB7g2uPBdOx-rw5t9MxJwkfpx90cqG9AFL0JAYo) feature, so you get truly reproducible builds, as this method guards against upstream renames and deletes.
**How to upgrade**: Open your command-line and execute this command: `go get -u github.com/kataras/iris`.
For further installation support, please click [here](http://support.iris-go.com/d/16-how-to-install-iris-web-framework).
### About our new home page
http://iris-go.com
Thanks to [Santosh Anand](https://github.com/santoshanand) the http://iris-go.com has been upgraded and it's really awesome!
[Santosh](https://github.com/santoshanand) is a freelancer, he has a great knowledge of nodejs and express js, Android, iOS, React Native, Vue.js etc, if you need a developer to find or create a solution for your problem or task, please contact with him.
The amount of the next two or three donations you'll send they will be immediately transferred to his own account balance, so be generous please!
Read more at https://github.com/kataras/iris/blob/master/HISTORY.md
Former-commit-id: eec2d71bbe011d6b48d2526eb25919e36e5ad94e
2017-06-03 22:22:52 +02:00
|
|
|
func Default(users map[string]string) context.Handler {
|
2017-02-14 04:54:11 +01:00
|
|
|
c := DefaultConfig()
|
|
|
|
|
c.Users = users
|
|
|
|
|
return New(c)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (b *basicAuthMiddleware) init() {
|
|
|
|
|
// pass the encoded users from the user's config's Users value
|
|
|
|
|
b.auth = make(encodedUsers, 0, len(b.config.Users))
|
|
|
|
|
|
|
|
|
|
for k, v := range b.config.Users {
|
|
|
|
|
fullUser := k + ":" + v
|
|
|
|
|
header := "Basic " + base64.StdEncoding.EncodeToString([]byte(fullUser))
|
|
|
|
|
b.auth = append(b.auth, encodedUser{HeaderValue: header, Username: k, logged: false, expires: DefaultExpireTime})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// set the auth realm header's value
|
|
|
|
|
b.realmHeaderValue = "Basic realm=" + strconv.Quote(b.config.Realm)
|
|
|
|
|
|
|
|
|
|
if b.config.Expires > 0 {
|
|
|
|
|
b.expireEnabled = true
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (b *basicAuthMiddleware) findAuth(headerValue string) (auth *encodedUser, found bool) {
|
|
|
|
|
if len(headerValue) == 0 {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, user := range b.auth {
|
|
|
|
|
if user.HeaderValue == headerValue {
|
|
|
|
|
auth = &user
|
|
|
|
|
found = true
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
Publish the new version :airplane: | Look description please!
# FAQ
### Looking for free support?
http://support.iris-go.com
https://kataras.rocket.chat/channel/iris
### Looking for previous versions?
https://github.com/kataras/iris#version
### Should I upgrade my Iris?
Developers are not forced to upgrade if they don't really need it. Upgrade whenever you feel ready.
> Iris uses the [vendor directory](https://docs.google.com/document/d/1Bz5-UB7g2uPBdOx-rw5t9MxJwkfpx90cqG9AFL0JAYo) feature, so you get truly reproducible builds, as this method guards against upstream renames and deletes.
**How to upgrade**: Open your command-line and execute this command: `go get -u github.com/kataras/iris`.
For further installation support, please click [here](http://support.iris-go.com/d/16-how-to-install-iris-web-framework).
### About our new home page
http://iris-go.com
Thanks to [Santosh Anand](https://github.com/santoshanand) the http://iris-go.com has been upgraded and it's really awesome!
[Santosh](https://github.com/santoshanand) is a freelancer, he has a great knowledge of nodejs and express js, Android, iOS, React Native, Vue.js etc, if you need a developer to find or create a solution for your problem or task, please contact with him.
The amount of the next two or three donations you'll send they will be immediately transferred to his own account balance, so be generous please!
Read more at https://github.com/kataras/iris/blob/master/HISTORY.md
Former-commit-id: eec2d71bbe011d6b48d2526eb25919e36e5ad94e
2017-06-03 22:22:52 +02:00
|
|
|
func (b *basicAuthMiddleware) askForCredentials(ctx context.Context) {
|
|
|
|
|
ctx.Header("WWW-Authenticate", b.realmHeaderValue)
|
|
|
|
|
ctx.StatusCode(iris.StatusUnauthorized)
|
2017-02-14 04:54:11 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Serve the actual middleware
|
Publish the new version :airplane: | Look description please!
# FAQ
### Looking for free support?
http://support.iris-go.com
https://kataras.rocket.chat/channel/iris
### Looking for previous versions?
https://github.com/kataras/iris#version
### Should I upgrade my Iris?
Developers are not forced to upgrade if they don't really need it. Upgrade whenever you feel ready.
> Iris uses the [vendor directory](https://docs.google.com/document/d/1Bz5-UB7g2uPBdOx-rw5t9MxJwkfpx90cqG9AFL0JAYo) feature, so you get truly reproducible builds, as this method guards against upstream renames and deletes.
**How to upgrade**: Open your command-line and execute this command: `go get -u github.com/kataras/iris`.
For further installation support, please click [here](http://support.iris-go.com/d/16-how-to-install-iris-web-framework).
### About our new home page
http://iris-go.com
Thanks to [Santosh Anand](https://github.com/santoshanand) the http://iris-go.com has been upgraded and it's really awesome!
[Santosh](https://github.com/santoshanand) is a freelancer, he has a great knowledge of nodejs and express js, Android, iOS, React Native, Vue.js etc, if you need a developer to find or create a solution for your problem or task, please contact with him.
The amount of the next two or three donations you'll send they will be immediately transferred to his own account balance, so be generous please!
Read more at https://github.com/kataras/iris/blob/master/HISTORY.md
Former-commit-id: eec2d71bbe011d6b48d2526eb25919e36e5ad94e
2017-06-03 22:22:52 +02:00
|
|
|
func (b *basicAuthMiddleware) Serve(ctx context.Context) {
|
2017-02-14 04:54:11 +01:00
|
|
|
|
2017-06-10 14:28:09 +02:00
|
|
|
auth, found := b.findAuth(ctx.GetHeader("Authorization"))
|
|
|
|
|
if !found {
|
2017-02-14 04:54:11 +01:00
|
|
|
b.askForCredentials(ctx)
|
2017-10-26 01:48:16 +02:00
|
|
|
ctx.StopExecution()
|
2017-06-10 14:28:09 +02:00
|
|
|
return
|
2017-02-14 04:54:11 +01:00
|
|
|
// don't continue to the next handler
|
2017-06-10 14:28:09 +02:00
|
|
|
}
|
|
|
|
|
// all ok
|
|
|
|
|
if b.expireEnabled {
|
|
|
|
|
if auth.logged == false {
|
|
|
|
|
auth.expires = time.Now().Add(b.config.Expires)
|
|
|
|
|
auth.logged = true
|
|
|
|
|
}
|
2017-02-14 04:54:11 +01:00
|
|
|
|
2017-06-10 14:28:09 +02:00
|
|
|
if time.Now().After(auth.expires) {
|
|
|
|
|
b.askForCredentials(ctx) // ask for authentication again
|
2017-10-26 01:48:16 +02:00
|
|
|
ctx.StopExecution()
|
2017-06-10 14:28:09 +02:00
|
|
|
return
|
2017-02-14 04:54:11 +01:00
|
|
|
}
|
|
|
|
|
}
|
2017-06-10 14:28:09 +02:00
|
|
|
ctx.Next() // continue
|
2017-02-14 04:54:11 +01:00
|
|
|
}
|