From a4b947a9b6015bbadb58d94610df5cda834cbc38 Mon Sep 17 00:00:00 2001 From: Martin Geno Date: Tue, 17 May 2016 10:52:39 +0200 Subject: [PATCH] api access controll --- api/lib.go | 51 +++++++++++++++++++++++++++++---------------------- 1 file changed, 29 insertions(+), 22 deletions(-) diff --git a/api/lib.go b/api/lib.go index 6f90b4c..d6057d6 100644 --- a/api/lib.go +++ b/api/lib.go @@ -6,7 +6,7 @@ import ( "net/http" "encoding/json" "encoding/base64" - + "github.com/julienschmidt/httprouter" ) @@ -18,31 +18,38 @@ func jsonOutput(w http.ResponseWriter,data interface{}){ } w.Header().Set("Content-Type", "application/json") + w.Header().Set("Access-Control-Allow-Origin", "*") + w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE") + w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization") w.Write(js) } func BasicAuth(h httprouter.Handle, pass []byte) httprouter.Handle { - return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { - const basicAuthPrefix string = "Basic " + return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { + w.Header().Set("Access-Control-Allow-Origin", "*") + w.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE") + w.Header().Set("Access-Control-Allow-Headers","Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization") + + const basicAuthPrefix string = "Basic " - // Get the Basic Authentication credentials - auth := r.Header.Get("Authorization") - if strings.HasPrefix(auth, basicAuthPrefix) { - // Check credentials - payload, err := base64.StdEncoding.DecodeString(auth[len(basicAuthPrefix):]) - if err == nil { - pair := bytes.SplitN(payload, []byte(":"), 2) - if len(pair) == 2 && - bytes.Equal(pair[1], pass) { + // Get the Basic Authentication credentials + auth := r.Header.Get("Authorization") + if strings.HasPrefix(auth, basicAuthPrefix) { + // Check credentials + payload, err := base64.StdEncoding.DecodeString(auth[len(basicAuthPrefix):]) + if err == nil { + pair := bytes.SplitN(payload, []byte(":"), 2) + if len(pair) == 2 && + bytes.Equal(pair[1], pass) { - // Delegate request to the given handle - h(w, r, ps) - return - } - } - } + // Delegate request to the given handle + h(w, r, ps) + return + } + } + } - // Request Basic Authentication otherwise - w.Header().Set("WWW-Authenticate", "Basic realm=Restricted") - http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) - } + // Request Basic Authentication otherwise + w.Header().Set("WWW-Authenticate", "Basic realm=Restricted") + http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized) + } }