adding untracked files for recent basic auth and backup features

author: Steve Manuel <nilslice@gmail.com> 2017-01-23 11:47:17 -0800
committer: Steve Manuel <nilslice@gmail.com> 2017-01-23 11:47:17 -0800
commit: b750e1e9f7fa16126e3e1a26ed43e1a43e78ce04 (patch)
tree: f76f624b3633e5a03e336ada0a37cb0ff3afa210 /system/auth.go
parent: 964479e5ce756aa48755dc3de35b4d82326f149f (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/system/auth.go b/system/auth.go
new file mode 100644
index 0000000..cf1adf2
--- /dev/null
+++ b/system/auth.go
@@ -0,0 +1,34 @@
+package system
+
+import (
+	"net/http"
+
+	"github.com/ponzu-cms/ponzu/system/db"
+)
+
+// BasicAuth adds HTTP Basic Auth check for requests that should implement it
+func BasicAuth(next http.HandlerFunc) http.HandlerFunc {
+	return http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
+		u := db.ConfigCache("backup_basic_auth_user").(string)
+		p := db.ConfigCache("backup_basic_auth_password").(string)
+
+		if u == "" || p == "" {
+			res.WriteHeader(http.StatusForbidden)
+			return
+		}
+
+		user, password, ok := req.BasicAuth()
+
+		if !ok {
+			res.WriteHeader(http.StatusForbidden)
+			return
+		}
+
+		if u != user || p != password {
+			res.WriteHeader(http.StatusUnauthorized)
+			return
+		}
+
+		next.ServeHTTP(res, req)
+	})
+}
author	Steve Manuel <nilslice@gmail.com>	2017-01-23 11:47:17 -0800
committer	Steve Manuel <nilslice@gmail.com>	2017-01-23 11:47:17 -0800
commit	b750e1e9f7fa16126e3e1a26ed43e1a43e78ce04 (patch)
tree	f76f624b3633e5a03e336ada0a37cb0ff3afa210 /system/auth.go
parent	964479e5ce756aa48755dc3de35b4d82326f149f (diff)