package main

import (
	"crypto/subtle"
	"database/sql"
	"fmt"
	"net/http"
)

func authenticateUser(db *sql.DB, username, password string) bool {
	pass, ok := getPasswordForUser(db, username)
	if ok {
		return subtle.ConstantTimeCompare([]byte(pass), []byte(password)) == 1
	} else {
		return false
	}
}

func basicAuth(db *sql.DB) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		user, pass, ok := r.BasicAuth()
		if !ok || !authenticateUser(db, user, pass) {
			w.Header().Set("WWW-Authenticate", `Basic realm="dyndns"`)
			w.WriteHeader(401)
			w.Write([]byte("badauth"))
			return
		}

		userdata, err := getDataForUser(db, user)
		if err != nil {
			fmt.Println(err)
		}
		handleRequest(w, r, userdata)
	}
}