2020-02-03 23:08:00 +00:00
|
|
|
package httpd
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
"strings"
|
|
|
|
|
|
2020-12-18 15:04:42 +00:00
|
|
|
"github.com/drakkan/sftpgo/common"
|
2020-02-03 23:08:00 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func checkAuth(next http.Handler) http.Handler {
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
if !validateCredentials(r) {
|
2020-12-18 15:04:42 +00:00
|
|
|
w.Header().Set(common.HTTPAuthenticationHeader, "Basic realm=\"SFTPGo Web\"")
|
2020-02-03 23:08:00 +00:00
|
|
|
if strings.HasPrefix(r.RequestURI, apiPrefix) {
|
2020-12-18 15:04:42 +00:00
|
|
|
sendAPIResponse(w, r, nil, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
|
2020-02-03 23:08:00 +00:00
|
|
|
} else {
|
2020-12-18 15:04:42 +00:00
|
|
|
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
|
2020-02-03 23:08:00 +00:00
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
next.ServeHTTP(w, r)
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func validateCredentials(r *http.Request) bool {
|
2020-12-18 15:04:42 +00:00
|
|
|
if !httpAuth.IsEnabled() {
|
2020-02-03 23:08:00 +00:00
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
username, password, ok := r.BasicAuth()
|
|
|
|
|
if !ok {
|
|
|
|
|
return false
|
|
|
|
|
}
|
2020-12-18 15:04:42 +00:00
|
|
|
return httpAuth.ValidateCredentials(username, password)
|
2020-02-03 23:08:00 +00:00
|
|
|
}
|
