24 lines
549 B
Go
24 lines
549 B
Go
|
package auth
|
||
|
|
|
||
|
|
import (
|
||
|
|
"crypto/subtle"
|
||
|
|
"net/http"
|
||
|
|
)
|
||
|
|
|
||
|
|
type BasicAuth struct {
|
||
|
|
Username string `toml:"username"`
|
||
|
|
Password string `toml:"password"`
|
||
|
|
}
|
||
|
|
|
||
|
|
func (b *BasicAuth) Verify(r *http.Request) bool {
|
||
|
|
if b.Username == "" && b.Password == "" {
|
||
|
|
return true
|
||
|
|
}
|
||
|
|
|
||
|
|
username, password, ok := r.BasicAuth()
|
||
|
|
|
||
|
|
usernameComparison := subtle.ConstantTimeCompare([]byte(username), []byte(b.Username)) == 1
|
||
|
|
passwordComparison := subtle.ConstantTimeCompare([]byte(password), []byte(b.Password)) == 1
|
||
|
|
return ok && usernameComparison && passwordComparison
|
||
|
|
}
|