From c18d03d4049e7fe2e032ba448e88a44671dfdbeb Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Fri, 3 Jan 2025 00:54:15 +0100 Subject: chore(tfstated): refactor middlewares --- pkg/middlewares/basic_auth/middleware.go | 39 ++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 pkg/middlewares/basic_auth/middleware.go (limited to 'pkg/middlewares/basic_auth/middleware.go') diff --git a/pkg/middlewares/basic_auth/middleware.go b/pkg/middlewares/basic_auth/middleware.go new file mode 100644 index 0000000..cb2dcf0 --- /dev/null +++ b/pkg/middlewares/basic_auth/middleware.go @@ -0,0 +1,39 @@ +package basic_auth + +import ( + "context" + "fmt" + "net/http" + + "git.adyxax.org/adyxax/tfstated/pkg/database" + "git.adyxax.org/adyxax/tfstated/pkg/helpers" + "git.adyxax.org/adyxax/tfstated/pkg/model" +) + +func Middleware(db *database.DB) func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + username, password, ok := r.BasicAuth() + if !ok { + w.Header().Set("WWW-Authenticate", `Basic realm="tfstated", charset="UTF-8"`) + helpers.ErrorResponse(w, http.StatusUnauthorized, fmt.Errorf("Unauthorized")) + return + } + account, err := db.LoadAccountByUsername(username) + if err != nil { + helpers.ErrorResponse(w, http.StatusInternalServerError, err) + return + } + if account == nil || !account.CheckPassword(password) { + helpers.ErrorResponse(w, http.StatusForbidden, fmt.Errorf("Forbidden")) + return + } + if err := db.TouchAccount(account); err != nil { + helpers.ErrorResponse(w, http.StatusInternalServerError, err) + return + } + ctx := context.WithValue(r.Context(), model.AccountContextKey{}, account) + next.ServeHTTP(w, r.WithContext(ctx)) + }) + } +} -- cgit v1.2.3