58 lines
1.5 KiB
Go
58 lines
1.5 KiB
Go
package main
|
|
|
|
import (
|
|
"net/http"
|
|
)
|
|
|
|
// authMiddleware validates authentication credentials
|
|
func (s *Server) authMiddleware(next http.HandlerFunc) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
// Check if any authentication is configured
|
|
hasAuth := s.config.Server.Username != "" || s.config.Server.Password != "" || s.config.Server.AuthKey != ""
|
|
|
|
if !hasAuth {
|
|
// No authentication configured, allow access
|
|
next(w, r)
|
|
return
|
|
}
|
|
|
|
authenticated := false
|
|
|
|
// Check for API key authentication (x-api-key header or Authorization bearer token)
|
|
if s.config.Server.AuthKey != "" {
|
|
// Check x-api-key header
|
|
apiKey := r.Header.Get("x-api-key")
|
|
if apiKey == s.config.Server.AuthKey {
|
|
authenticated = true
|
|
}
|
|
|
|
// Check Authorization header for bearer token
|
|
if !authenticated {
|
|
authHeader := r.Header.Get("Authorization")
|
|
if len(authHeader) > 7 && authHeader[:7] == "Bearer " {
|
|
token := authHeader[7:]
|
|
if token == s.config.Server.AuthKey {
|
|
authenticated = true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
// Check for username/password authentication (HTTP Basic Auth)
|
|
if !authenticated && s.config.Server.Username != "" && s.config.Server.Password != "" {
|
|
username, password, ok := r.BasicAuth()
|
|
if ok && username == s.config.Server.Username && password == s.config.Server.Password {
|
|
authenticated = true
|
|
}
|
|
}
|
|
|
|
if !authenticated {
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="WhatsHooked Server"`)
|
|
http.Error(w, "Unauthorized", http.StatusUnauthorized)
|
|
return
|
|
}
|
|
|
|
next(w, r)
|
|
}
|
|
}
|