Mercurial Hosting > luan

view src/goodjava/webserver/handlers/BasicAuthHandler.java @ 1609:268b2a26e8d7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
minor - cors
author Franklin Schmidt <fschmidt@gmail.com>
date Sun, 09 May 2021 11:42:03 -0600
parents f7e3adae4907
children 557bb90b70d7
line wrap: on
line source

package goodjava.webserver.handlers;

import goodjava.util.GoodUtils;
import goodjava.webserver.Handler;
import goodjava.webserver.Request;
import goodjava.webserver.Response;
import goodjava.webserver.Status;


public final class BasicAuthHandler implements Handler {
	private final Handler handler;
	private final String realm;
	private final String match;

	public BasicAuthHandler(Handler handler,String realm,String username,String password) {
		this.handler = handler;
		this.realm = realm;
		this.match = GoodUtils.base64Encode(username+":"+password);
	}

	private Response unauthorized() {
		Response response = new Response();
		response.status = Status.UNAUTHORIZED;
		response.headers.put("WWW-Authenticate","Basic realm=\""+realm+"\"");
		return response;
	}

	public Response handle(Request request) {
		String auth = (String)request.headers.get("Authorization");
		if( auth==null )
			return unauthorized();
		String[] a = auth.split(" ");
		if( a.length!=2 || !a[0].equals("Basic") || !a[1].equals(match) )
			return unauthorized();
		Response response = handler.handle(request);
		response.headers.put("X-Accel-Expires","0");
		return response;
	}
}