mirror of
https://github.com/openfaas/faas.git
synced 2025-06-09 16:56:47 +00:00
8133414183
This change enables secrets to be read from any mount on disk rather than hard-coding a certain location which suits Swarm or K8s. The default value if not specified will look in the Swarm location of /run/secrets/ README.md (docs) updated and set to off by default. Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
26 lines
645 B
Go
26 lines
645 B
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/openfaas/faas/gateway/types"
|
|
)
|
|
|
|
// DecorateWithBasicAuth enforces basic auth as a middleware with given credentials
|
|
func DecorateWithBasicAuth(next http.HandlerFunc, credentials *types.BasicAuthCredentials) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user, password, ok := r.BasicAuth()
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
|
|
|
|
if !ok || !(credentials.Password == password && user == credentials.User) {
|
|
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
w.Write([]byte("invalid credentials"))
|
|
return
|
|
}
|
|
|
|
next.ServeHTTP(w, r)
|
|
}
|
|
}
|