mirror of
https://github.com/kataras/iris.git
synced 2026-01-08 12:31:58 +00:00
Embrace the weekend- Update to rc.3 | Read the HISTORY.md
This commit is contained in:
Makis Maropoulos
@@ -1,157 +0,0 @@
|
||||
package basicauth
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"strconv"
|
||||
|
||||
"time"
|
||||
|
||||
"github.com/kataras/iris"
|
||||
"github.com/kataras/iris/config"
|
||||
)
|
||||
|
||||
type (
|
||||
encodedUser struct {
|
||||
HeaderValue string
|
||||
Username string
|
||||
logged bool
|
||||
expires time.Time
|
||||
}
|
||||
encodedUsers []encodedUser
|
||||
|
||||
basicAuthMiddleware struct {
|
||||
config config.BasicAuth
|
||||
// these are filled from the config.Users map at the startup
|
||||
auth encodedUsers
|
||||
realmHeaderValue string
|
||||
expireEnabled bool // if the config.Expires is a valid date, default disabled
|
||||
}
|
||||
)
|
||||
|
||||
//
|
||||
|
||||
// New takes one parameter, the config.BasicAuth returns a HandlerFunc
|
||||
// use: iris.UseFunc(New(...)), iris.Get(...,New(...),...)
|
||||
func New(c config.BasicAuth) iris.HandlerFunc {
|
||||
return NewHandler(c).Serve
|
||||
}
|
||||
|
||||
// NewHandler takes one parameter, the config.BasicAuth returns a Handler
|
||||
// use: iris.Use(NewHandler(...)), iris.Get(...,iris.HandlerFunc(NewHandler(...)),...)
|
||||
func NewHandler(c config.BasicAuth) iris.Handler {
|
||||
b := &basicAuthMiddleware{config: config.DefaultBasicAuth().MergeSingle(c)}
|
||||
b.init()
|
||||
return b
|
||||
}
|
||||
|
||||
// Default takes one parameter, the users returns a HandlerFunc
|
||||
// use: iris.UseFunc(Default(...)), iris.Get(...,Default(...),...)
|
||||
func Default(users map[string]string) iris.HandlerFunc {
|
||||
return DefaultHandler(users).Serve
|
||||
}
|
||||
|
||||
// DefaultHandler takes one parameter, the users returns a Handler
|
||||
// use: iris.Use(DefaultHandler(...)), iris.Get(...,iris.HandlerFunc(Default(...)),...)
|
||||
func DefaultHandler(users map[string]string) iris.Handler {
|
||||
c := config.DefaultBasicAuth()
|
||||
c.Users = users
|
||||
return NewHandler(c)
|
||||
}
|
||||
|
||||
//
|
||||
|
||||
func (b *basicAuthMiddleware) init() {
|
||||
// pass the encoded users from the user's config's Users value
|
||||
b.auth = make(encodedUsers, 0, len(b.config.Users))
|
||||
|
||||
for k, v := range b.config.Users {
|
||||
fullUser := k + ":" + v
|
||||
header := "Basic " + base64.StdEncoding.EncodeToString([]byte(fullUser))
|
||||
b.auth = append(b.auth, encodedUser{HeaderValue: header, Username: k, logged: false, expires: config.CookieExpireNever})
|
||||
}
|
||||
|
||||
// set the auth realm header's value
|
||||
b.realmHeaderValue = "Basic realm=" + strconv.Quote(b.config.Realm)
|
||||
|
||||
if b.config.Expires > 0 {
|
||||
b.expireEnabled = true
|
||||
}
|
||||
}
|
||||
|
||||
func (b *basicAuthMiddleware) findAuth(headerValue string) (auth *encodedUser, found bool) {
|
||||
if len(headerValue) == 0 {
|
||||
return
|
||||
}
|
||||
|
||||
for _, user := range b.auth {
|
||||
if user.HeaderValue == headerValue {
|
||||
auth = &user
|
||||
found = true
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
func (b *basicAuthMiddleware) askForCredentials(ctx *iris.Context) {
|
||||
ctx.SetHeader("WWW-Authenticate", b.realmHeaderValue)
|
||||
ctx.SetStatusCode(iris.StatusUnauthorized)
|
||||
}
|
||||
|
||||
// Serve the actual middleware
|
||||
func (b *basicAuthMiddleware) Serve(ctx *iris.Context) {
|
||||
|
||||
if auth, found := b.findAuth(ctx.RequestHeader("Authorization")); !found {
|
||||
/* I spent time for nothing
|
||||
if b.banEnabled && auth != nil { // this propably never work
|
||||
|
||||
if auth.tries == b.config.MaxTries {
|
||||
auth.bannedTime = time.Now()
|
||||
auth.unbanTime = time.Now().Add(b.config.BanDuration) // set the unban time
|
||||
auth.tries++ // we plus them in order to check if already banned later
|
||||
// client is banned send a forbidden status and don't continue
|
||||
ctx.SetStatusCode(iris.StatusForbidden)
|
||||
return
|
||||
} else if auth.tries > b.config.MaxTries { // it's already banned, so check the ban duration with the bannedTime
|
||||
if time.Now().After(auth.unbanTime) { // here we unban the client
|
||||
auth.tries = 0
|
||||
auth.bannedTime = config.CookieExpireNever
|
||||
auth.unbanTime = config.CookieExpireNever
|
||||
// continue and askCredentials as normal
|
||||
} else {
|
||||
// client is banned send a forbidden status and don't continue
|
||||
ctx.SetStatusCode(iris.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
if auth != nil {
|
||||
auth.tries++
|
||||
}*/
|
||||
|
||||
b.askForCredentials(ctx)
|
||||
// don't continue to the next handler
|
||||
} else {
|
||||
// all ok set the context's value in order to be getable from the next handler
|
||||
ctx.Set(b.config.ContextKey, auth.Username)
|
||||
if b.expireEnabled {
|
||||
|
||||
if auth.logged == false {
|
||||
auth.expires = time.Now().Add(b.config.Expires)
|
||||
auth.logged = true
|
||||
}
|
||||
|
||||
if time.Now().After(auth.expires) {
|
||||
b.askForCredentials(ctx) // ask for authentication again
|
||||
return
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
//auth.tries = 0
|
||||
ctx.Next() // continue
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user