Enable basic auth on gateway

Fixes https://github.com/openfaas/faas/issues/687 allowing the
gateway to handle the responsibility of basic auth for when it is
in use.

To enable set basic_auth env-var to true and then mount two
secrets or plaintext files under /var/secrets/

basic_auth_user, basic_auth_password

Tested with faas-cli list/deploy and with Safari browser.

Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>

gateway/handlers/basic_auth_test.go

@@ -0,0 +1,63 @@
+package handlers
+
+import (
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func Test_AuthWithValidPassword_Gives200(t *testing.T) {
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		io.WriteString(w, "<html><body>Hello World!</body></html>")
+	}
+	w := httptest.NewRecorder()
+
+	wantUser := "admin"
+	wantPassword := "password"
+	r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
+	r.SetBasicAuth(wantUser, wantPassword)
+	wantCredentials := &BasicAuthCredentials{
+		User:     wantUser,
+		Password: wantPassword,
+	}
+
+	decorated := DecorateWithBasicAuth(handler, wantCredentials)
+	decorated.ServeHTTP(w, r)
+
+	wantCode := http.StatusOK
+
+	if w.Code != wantCode {
+		t.Errorf("status code, want: %d, got: %d", wantCode, w.Code)
+		t.Fail()
+	}
+}
+
+func Test_AuthWithInvalidPassword_Gives403(t *testing.T) {
+
+	handler := func(w http.ResponseWriter, r *http.Request) {
+		io.WriteString(w, "<html><body>Hello World!</body></html>")
+	}
+
+	w := httptest.NewRecorder()
+
+	wantUser := "admin"
+	wantPassword := "test"
+	r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
+	r.SetBasicAuth(wantUser, wantPassword)
+
+	wantCredentials := &BasicAuthCredentials{
+		User:     wantUser,
+		Password: "",
+	}
+
+	decorated := DecorateWithBasicAuth(handler, wantCredentials)
+	decorated.ServeHTTP(w, r)
+
+	wantCode := http.StatusUnauthorized
+	if w.Code != wantCode {
+		t.Errorf("status code, want: %d, got: %d", wantCode, w.Code)
+		t.Fail()
+	}
+}