Skip to content

Commit

Permalink
refs pottava#34 fix an auth issue & a lint warning
Browse files Browse the repository at this point in the history
  • Loading branch information
pottava committed Feb 9, 2020
1 parent 2308a01 commit ef4c872
Showing 1 changed file with 16 additions and 18 deletions.
34 changes: 16 additions & 18 deletions internal/http/handler-wrapper.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ func WrapHandler(handler func(w http.ResponseWriter, r *http.Request)) http.Hand
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
c := config.Config

// If there is a health check path defined, and if this path matches it,
// then return 200 OK and return.
if len(c.HealthCheckPath) > 0 && r.URL.Path == c.HealthCheckPath {
w.WriteHeader(http.StatusOK)
return
}
// CORS
if (len(c.CorsAllowOrigin) > 0) &&
(len(c.CorsAllowMethods) > 0) &&
Expand All @@ -30,21 +36,17 @@ func WrapHandler(handler func(w http.ResponseWriter, r *http.Request)) http.Hand
w.Header().Set("Access-Control-Max-Age", strconv.FormatInt(c.CorsMaxAge, 10))
}
// BasicAuth
if len(c.HealthCheckPath) > 0 && r.URL.Path != c.HealthCheckPath {
if (len(c.BasicAuthUser) > 0) && (len(c.BasicAuthPass) > 0) &&
!auth(r, c.BasicAuthUser, c.BasicAuthPass) {
w.Header().Set("WWW-Authenticate", `Basic realm="REALM"`)
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
if (len(c.BasicAuthUser) > 0) && (len(c.BasicAuthPass) > 0) &&
!auth(r, c.BasicAuthUser, c.BasicAuthPass) {
w.Header().Set("WWW-Authenticate", `Basic realm="REALM"`)
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
// Auth with JWT
if len(c.HealthCheckPath) > 0 && r.URL.Path != c.HealthCheckPath {
if len(c.JwtSecretKey) > 0 && !isValidJwt(r) {
w.Header().Set("WWW-Authenticate", `Basic realm="REALM"`)
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
if len(c.JwtSecretKey) > 0 && !isValidJwt(r) {
w.Header().Set("WWW-Authenticate", `Basic realm="REALM"`)
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
return
}
proc := time.Now()
addr := r.RemoteAddr
Expand Down Expand Up @@ -122,9 +124,5 @@ func isValidJwt(r *http.Request) bool {
secretKey := config.Config.JwtSecretKey
return []byte(secretKey), nil
})
if err == nil && token.Valid {
return true
} else {
return false
}
return err == nil && token.Valid
}

0 comments on commit ef4c872

Please # to comment.