mirror of
https://github.com/openfaas/faasd.git
synced 2025-06-19 04:26:34 +00:00
42e9c91ee9
This patch completes part of the work in #20 by porting the code for faas-containerd in-tree. When tested, I was able to deploy and then remove figlet from the store on `x86_64`. In a follow-up PR, duplication will be removed where possible and consolidated with updated documentation. Signed-off-by: Alex Ellis (OpenFaaS Ltd) <alexellis2@gmail.com>
31 lines
847 B
Go
31 lines
847 B
Go
// Copyright (c) OpenFaaS Author(s). All rights reserved.
|
|
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
|
|
|
package auth
|
|
|
|
import (
|
|
"crypto/subtle"
|
|
"net/http"
|
|
)
|
|
|
|
// DecorateWithBasicAuth enforces basic auth as a middleware with given credentials
|
|
func DecorateWithBasicAuth(next http.HandlerFunc, credentials *BasicAuthCredentials) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
user, password, ok := r.BasicAuth()
|
|
|
|
const noMatch = 0
|
|
if !ok ||
|
|
user != credentials.User ||
|
|
subtle.ConstantTimeCompare([]byte(credentials.Password), []byte(password)) == noMatch {
|
|
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
w.Write([]byte("invalid credentials"))
|
|
return
|
|
}
|
|
|
|
next.ServeHTTP(w, r)
|
|
}
|
|
}
|