this repo has no description
tulkdan.dev
1package main
2
3import (
4 "crypto/subtle"
5 "net/http"
6)
7
8type BasicAuthCredentials struct {
9 User string
10 Password string
11}
12
13func DecorateWithBasicAuth(next http.HandlerFunc, credentials *BasicAuthCredentials) http.HandlerFunc {
14 return func(w http.ResponseWriter, r *http.Request) {
15 user, password, ok := r.BasicAuth()
16
17 const noMatch = 0
18 if !ok || user != credentials.User || subtle.ConstantTimeCompare([]byte(credentials.Password), []byte(password)) == noMatch {
19 w.Header().Set("WWW-Authenticate", `Basic realm="Resctricted"`)
20 w.WriteHeader(http.StatusUnauthorized)
21 w.Write([]byte("invalid credentials"))
22 return
23 }
24
25 next.ServeHTTP(w, r)
26 }
27}