3cff8ccd64
* Rewrite the code handling basic auth to make it easier to extend for other types of auth. * The behaviour of the existing code is maintained. * No changes to how basic auth is configured from a user's perspective. https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/merge_requests/89
30 lines
606 B
Go
30 lines
606 B
Go
package auth
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
)
|
|
|
|
func NewBasicAuthProvider(username, password string) AuthProvider {
|
|
return &basicAuthProvider{
|
|
hashedAuth: encodeBasicAuth(username, password),
|
|
}
|
|
}
|
|
|
|
type basicAuthProvider struct {
|
|
hashedAuth string
|
|
}
|
|
|
|
func (p *basicAuthProvider) IsAllowed(request *http.Request) bool {
|
|
username, password, ok := request.BasicAuth()
|
|
if !ok {
|
|
return false
|
|
}
|
|
requestAuth := encodeBasicAuth(username, password)
|
|
return p.hashedAuth == requestAuth
|
|
}
|
|
|
|
func encodeBasicAuth(username, password string) string {
|
|
return HashString(fmt.Sprintf("%s:%s", username, password))
|
|
}
|