[core] System backups (uploads, system.db, analytics.db) (#42)

author: Steve <nilslice@gmail.com> 2017-01-24 10:35:18 -0800
committer: GitHub <noreply@github.com> 2017-01-24 10:35:18 -0800
commit: 3a897e4db97cc6f5e47f395662499402eb4c2bda (patch)
tree: 61350d459fb5cbf044e878042c0239acb060c7da /system/auth.go
parent: 0cf0d36f7613bbb2e13c0c8406689de3be9ee8d5 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/system/auth.go b/system/auth.go
new file mode 100644
index 0000000..cf1adf2
--- /dev/null
+++ b/system/auth.go
@@ -0,0 +1,34 @@
+package system
+
+import (
+	"net/http"
+
+	"github.com/ponzu-cms/ponzu/system/db"
+)
+
+// BasicAuth adds HTTP Basic Auth check for requests that should implement it
+func BasicAuth(next http.HandlerFunc) http.HandlerFunc {
+	return http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
+		u := db.ConfigCache("backup_basic_auth_user").(string)
+		p := db.ConfigCache("backup_basic_auth_password").(string)
+
+		if u == "" || p == "" {
+			res.WriteHeader(http.StatusForbidden)
+			return
+		}
+
+		user, password, ok := req.BasicAuth()
+
+		if !ok {
+			res.WriteHeader(http.StatusForbidden)
+			return
+		}
+
+		if u != user || p != password {
+			res.WriteHeader(http.StatusUnauthorized)
+			return
+		}
+
+		next.ServeHTTP(res, req)
+	})
+}
author	Steve <nilslice@gmail.com>	2017-01-24 10:35:18 -0800
committer	GitHub <noreply@github.com>	2017-01-24 10:35:18 -0800
commit	3a897e4db97cc6f5e47f395662499402eb4c2bda (patch)
tree	61350d459fb5cbf044e878042c0239acb060c7da /system/auth.go
parent	0cf0d36f7613bbb2e13c0c8406689de3be9ee8d5 (diff)