2016-05-14 10:31:43 +00:00
|
|
|
package api
|
|
|
|
|
|
|
|
import (
|
2016-05-16 10:24:50 +00:00
|
|
|
"bytes"
|
|
|
|
"encoding/base64"
|
2017-01-20 21:27:44 +00:00
|
|
|
"encoding/json"
|
|
|
|
"net/http"
|
|
|
|
"strings"
|
2016-05-17 08:52:39 +00:00
|
|
|
|
2016-05-16 10:24:50 +00:00
|
|
|
"github.com/julienschmidt/httprouter"
|
2016-05-14 10:31:43 +00:00
|
|
|
)
|
|
|
|
|
2017-01-20 21:27:44 +00:00
|
|
|
func jsonOutput(w http.ResponseWriter, r *http.Request, data interface{}) {
|
2016-05-14 11:21:10 +00:00
|
|
|
js, err := json.Marshal(data)
|
|
|
|
if err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
2016-05-14 10:31:43 +00:00
|
|
|
|
2016-05-14 11:21:10 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2016-05-17 08:54:57 +00:00
|
|
|
if origin := r.Header.Get("Origin"); origin != "" {
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", origin)
|
|
|
|
}
|
2016-05-17 08:52:39 +00:00
|
|
|
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
|
2017-01-20 21:27:44 +00:00
|
|
|
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
2016-05-17 09:01:29 +00:00
|
|
|
w.Header().Set("Access-Control-Allow-Credentials", "true")
|
2016-05-14 11:21:10 +00:00
|
|
|
w.Write(js)
|
2016-05-14 10:31:43 +00:00
|
|
|
}
|
2017-01-20 21:27:44 +00:00
|
|
|
|
|
|
|
// BasicAuth for API request
|
2016-05-16 10:24:50 +00:00
|
|
|
func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle {
|
2017-01-20 21:27:44 +00:00
|
|
|
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
|
|
|
if origin := r.Header.Get("Origin"); origin != "" {
|
|
|
|
w.Header().Set("Access-Control-Allow-Origin", origin)
|
|
|
|
}
|
|
|
|
w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE")
|
|
|
|
w.Header().Set("Access-Control-Allow-Headers", "Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization")
|
|
|
|
w.Header().Set("Access-Control-Allow-Credentials", "true")
|
|
|
|
|
|
|
|
const basicAuthPrefix string = "Basic "
|
|
|
|
|
|
|
|
// Get the Basic Authentication credentials
|
|
|
|
auth := r.Header.Get("Authorization")
|
|
|
|
if strings.HasPrefix(auth, basicAuthPrefix) {
|
|
|
|
// Check credentials
|
|
|
|
payload, err := base64.StdEncoding.DecodeString(auth[len(basicAuthPrefix):])
|
|
|
|
if err == nil {
|
|
|
|
pair := bytes.SplitN(payload, []byte(":"), 2)
|
|
|
|
if len(pair) == 2 &&
|
|
|
|
bytes.Equal(pair[1], pass) {
|
|
|
|
|
|
|
|
// Delegate request to the given handle
|
|
|
|
h(w, r, ps)
|
|
|
|
return
|
|
|
|
}
|
2016-05-17 08:52:39 +00:00
|
|
|
}
|
|
|
|
}
|
2017-01-20 21:27:44 +00:00
|
|
|
|
|
|
|
// Request Basic Authentication otherwise
|
|
|
|
w.Header().Set("WWW-Authenticate", "Basic realm=Restricted")
|
|
|
|
http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
|
|
|
|
}
|
2016-05-16 10:24:50 +00:00
|
|
|
}
|