basicauth

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 24, 2019 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package basicauth implements HTTP Basic Authentication for Caddy.

This is useful for simple protections on a website, like requiring a password to access an admin interface. This package assumes a fairly small threat model.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type BasicAuth

type BasicAuth struct {
	Next     httpserver.Handler
	SiteRoot string
	Rules    []Rule
}

BasicAuth is middleware to protect resources with a username and password. Note that HTTP Basic Authentication is not secure by itself and should not be used to protect important assets without HTTPS. Even then, the security of HTTP Basic Auth is disputed. Use discretion when deciding what to protect with BasicAuth.

func (BasicAuth) ServeHTTP

func (a BasicAuth) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error)

ServeHTTP implements the httpserver.Handler interface.

type PasswordMatcher

type PasswordMatcher func(pw string) bool

PasswordMatcher determines whether a password matches a rule.

func GetHtpasswdMatcher

func GetHtpasswdMatcher(filename, username, siteRoot string) (PasswordMatcher, error)

GetHtpasswdMatcher matches password rules.

func PlainMatcher

func PlainMatcher(passw string) PasswordMatcher

PlainMatcher returns a PasswordMatcher that does a constant-time byte comparison against the password passw.

type Rule

type Rule struct {
	Username  string
	Password  func(string) bool
	Resources []string
	Realm     string // See RFC 1945 and RFC 2617, default: "Restricted"
}

Rule represents a BasicAuth rule. A username and password combination protect the associated resources, which are file or directory paths.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL