feat: check for basic auth (#110) (#129)

garethgeorge · Feb 27, 2024 · 871c54f · 871c54f
1 parent e7b17e6
commit 871c54f
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/internal/auth/middleware.go b/internal/auth/middleware.go
@@ -17,6 +17,17 @@ const UserContextKey contextKey = "user"
 
 func RequireAuthentication(h http.Handler, auth *Authenticator) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		username, password, usesBasicAuth := r.BasicAuth()
+		if usesBasicAuth {
+			user, err := auth.Login(username, password)
+			if err == nil {
+				ctx := context.WithValue(r.Context(), UserContextKey, user)
+				h.ServeHTTP(w, r.WithContext(ctx))
+				return
+			}
+		}
+
 		token, err := ParseBearerToken(r.Header.Get("Authorization"))
 		if err != nil {
 			http.Error(w, "Unauthorized (No Authorization Header)", http.StatusUnauthorized)