gatus/security/handler.go

package security

import (
	"net/http"
	"strings"
)

// Handler takes care of security for a given handler with the given security configuration
func Handler(handler http.HandlerFunc, security *Config) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		usernameEntered, passwordEntered, ok := r.BasicAuth()
		if !ok || usernameEntered != security.Basic.Username || Sha512(passwordEntered) != strings.ToLower(security.Basic.PasswordSha512Hash) {
			w.Header().Set("WWW-Authenticate", "Basic")
			w.WriteHeader(http.StatusUnauthorized)
			_, _ = w.Write([]byte("Unauthorized"))
			return
		}
		handler(w, r)
	}
}
Add security handler (#8) 2020-10-15 01:24:36 +02:00			`package security`

			`import (`
			`"net/http"`
Make sure that the SHA512 hash is lowercase 2020-10-15 03:45:45 +02:00			`"strings"`
Add security handler (#8) 2020-10-15 01:24:36 +02:00			`)`

Fix typo 2021-05-25 03:46:00 +02:00			`// Handler takes care of security for a given handler with the given security configuration`
Add security handler (#8) 2020-10-15 01:24:36 +02:00			`func Handler(handler http.HandlerFunc, security *Config) http.HandlerFunc {`
			`return func(w http.ResponseWriter, r *http.Request) {`
			`usernameEntered, passwordEntered, ok := r.BasicAuth()`
Make sure that the SHA512 hash is lowercase 2020-10-15 03:45:45 +02:00			`if !ok \|\| usernameEntered != security.Basic.Username \|\| Sha512(passwordEntered) != strings.ToLower(security.Basic.PasswordSha512Hash) {`
Add security handler (#8) 2020-10-15 01:24:36 +02:00			`w.Header().Set("WWW-Authenticate", "Basic")`
			`w.WriteHeader(http.StatusUnauthorized)`
			`_, _ = w.Write([]byte("Unauthorized"))`
			`return`
			`}`
			`handler(w, r)`
			`}`
			`}`