Skip to content

Instantly share code, notes, and snippets.

@tp
Forked from elithrar/authserver.go
Created July 7, 2014 15:29

Revisions

  1. tp revised this gist Jul 7, 2014. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion authserver.go
    Original file line number Diff line number Diff line change
    @@ -62,7 +62,7 @@ func basicAuth(h http.HandlerFunc) http.HandlerFunc {
    return
    }

    if pair[0] != "username" && pair[1] != "password" {
    if pair[0] != "username" || pair[1] != "password" {
    http.Error(w, "Not authorized", 401)
    return
    }
  2. @elithrar elithrar revised this gist Feb 22, 2014. 1 changed file with 2 additions and 0 deletions.
    2 changes: 2 additions & 0 deletions authserver.go
    Original file line number Diff line number Diff line change
    @@ -22,6 +22,8 @@ func main() {
    // r.HandleFunc("/login", use(loginHandler, rateLimit, csrf))
    // r.HandleFunc("/form", use(formHandler, csrf))
    // r.HandleFunc("/about", aboutHandler)
    //
    // See https://gist.github.com/elithrar/7600878#comment-955958 for how to extend it to suit simple http.Handler's
    func use(h http.HandlerFunc, middleware ...func(http.HandlerFunc) http.HandlerFunc) http.HandlerFunc {
    for _, m := range middleware {
    h = m(h)
  3. @elithrar elithrar revised this gist Feb 22, 2014. 1 changed file with 7 additions and 0 deletions.
    7 changes: 7 additions & 0 deletions authserver.go
    Original file line number Diff line number Diff line change
    @@ -16,6 +16,12 @@ func main() {
    http.ListenAndServe(":9900", nil)
    }

    // use provides a cleaner interface for chaining middleware for single routes.
    // Middleware functions are simple HTTP handlers (w http.ResponseWriter, r *http.Request)
    //
    // r.HandleFunc("/login", use(loginHandler, rateLimit, csrf))
    // r.HandleFunc("/form", use(formHandler, csrf))
    // r.HandleFunc("/about", aboutHandler)
    func use(h http.HandlerFunc, middleware ...func(http.HandlerFunc) http.HandlerFunc) http.HandlerFunc {
    for _, m := range middleware {
    h = m(h)
    @@ -30,6 +36,7 @@ func myHandler(w http.ResponseWriter, r *http.Request) {
    return
    }

    // Leverages nemo's answer in http://stackoverflow.com/a/21937924/556573
    func basicAuth(h http.HandlerFunc) http.HandlerFunc {
    return func(w http.ResponseWriter, r *http.Request) {

  4. @elithrar elithrar created this gist Feb 22, 2014.
    63 changes: 63 additions & 0 deletions authserver.go
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,63 @@
    package main

    import (
    "encoding/base64"
    "github.com/gorilla/mux"
    "net/http"
    "strings"
    )

    func main() {

    r := mux.NewRouter()
    r.HandleFunc("/form", use(myHandler, basicAuth))
    http.Handle("/", r)

    http.ListenAndServe(":9900", nil)
    }

    func use(h http.HandlerFunc, middleware ...func(http.HandlerFunc) http.HandlerFunc) http.HandlerFunc {
    for _, m := range middleware {
    h = m(h)
    }

    return h
    }

    func myHandler(w http.ResponseWriter, r *http.Request) {

    w.Write([]byte("Authenticated!"))
    return
    }

    func basicAuth(h http.HandlerFunc) http.HandlerFunc {
    return func(w http.ResponseWriter, r *http.Request) {

    w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)

    s := strings.SplitN(r.Header.Get("Authorization"), " ", 2)
    if len(s) != 2 {
    http.Error(w, "Not authorized", 401)
    return
    }

    b, err := base64.StdEncoding.DecodeString(s[1])
    if err != nil {
    http.Error(w, err.Error(), 401)
    return
    }

    pair := strings.SplitN(string(b), ":", 2)
    if len(pair) != 2 {
    http.Error(w, "Not authorized", 401)
    return
    }

    if pair[0] != "username" && pair[1] != "password" {
    http.Error(w, "Not authorized", 401)
    return
    }

    h.ServeHTTP(w, r)
    }
    }