feat: check for basic auth (#110) (#129)

2025-12-14 09:35:41 +00:00 · 2024-02-27 19:16:08 +02:00
parent e7b17e6058
commit 871c54f35f
1 changed files with 11 additions and 0 deletions
--- a/internal/auth/middleware.go
+++ b/internal/auth/middleware.go
@@ -17,6 +17,17 @@ const UserContextKey contextKey = "user"

 func RequireAuthentication(h http.Handler, auth *Authenticator) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+
+		username, password, usesBasicAuth := r.BasicAuth()
+		if usesBasicAuth {
+			user, err := auth.Login(username, password)
+			if err == nil {
+				ctx := context.WithValue(r.Context(), UserContextKey, user)
+				h.ServeHTTP(w, r.WithContext(ctx))
+				return
+			}
+		}
+
 		token, err := ParseBearerToken(r.Header.Get("Authorization"))
 		if err != nil {
 			http.Error(w, "Unauthorized (No Authorization Header)", http.StatusUnauthorized)