diff options
Diffstat (limited to 'pkg/basic_auth')
-rw-r--r-- | pkg/basic_auth/middleware.go | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go new file mode 100644 index 0000000..108124f --- /dev/null +++ b/pkg/basic_auth/middleware.go @@ -0,0 +1,39 @@ +package basic_auth + +import ( + "context" + "net/http" + "time" + + "git.adyxax.org/adyxax/tfstated/pkg/database" +) + +func Middleware(db *database.DB) func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + username, password, ok := r.BasicAuth() + if !ok { + w.Header().Set("WWW-Authenticate", `Basic realm="tfstated", charset="UTF-8"`) + http.Error(w, "Unauthorized", http.StatusUnauthorized) + return + } + account, err := db.LoadAccountByUsername(username) + if err != nil { + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + return + } + if password != account.Password { + http.Error(w, "Forbidden", http.StatusForbidden) + return + } + now := time.Now().UTC() + _, err = db.Exec(`UPDATE accounts SET last_login = ? WHERE id = ?`, now.Unix(), account.Id) + if err != nil { + http.Error(w, "Internal Server Error", http.StatusInternalServerError) + return + } + ctx := context.WithValue(r.Context(), "account", account) + next.ServeHTTP(w, r.WithContext(ctx)) + }) + } +} |