35 lines
740 B
Go
35 lines
740 B
Go
package main
|
|
|
|
import (
|
|
"crypto/subtle"
|
|
"database/sql"
|
|
"fmt"
|
|
"net/http"
|
|
)
|
|
|
|
func authenticateUser(db *sql.DB, username, password string) bool {
|
|
pass, ok := getPasswordForUser(db, username)
|
|
if ok {
|
|
return subtle.ConstantTimeCompare([]byte(pass), []byte(password)) == 1
|
|
} else {
|
|
return false
|
|
}
|
|
}
|
|
|
|
func basicAuth(db *sql.DB) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
user, pass, ok := r.BasicAuth()
|
|
if !ok || !authenticateUser(db, user, pass) {
|
|
w.Header().Set("WWW-Authenticate", `Basic realm="dyndns"`)
|
|
w.WriteHeader(401)
|
|
w.Write([]byte("badauth"))
|
|
return
|
|
}
|
|
|
|
userdata, err := getDataForUser(db, user)
|
|
if err != nil {
|
|
fmt.Println(err)
|
|
}
|
|
handleRequest(w, r, userdata)
|
|
}
|
|
}
|