├── go.mod ├── README.md ├── main_test.go ├── .github └── workflows │ ├── security.yml │ ├── linter.yml │ ├── test.yml │ └── gotidy.yml ├── LICENSE ├── go.sum └── main.go /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/gofiber/basicauth 2 | 3 | go 1.11 4 | 5 | require github.com/gofiber/fiber v1.14.2 6 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # ⚠️ Deprecated repository 2 | 3 | This middleware is no longer maintained, it is available within [Fiber v2](https://github.com/gofiber/fiber/tree/master/middleware/basicauth). 4 | -------------------------------------------------------------------------------- /main_test.go: -------------------------------------------------------------------------------- 1 | // 🚀 Fiber is an Express inspired web framework written in Go with 💖 2 | // 📌 API Documentation: https://fiber.wiki 3 | // 📝 Github Repository: https://github.com/gofiber/fiber 4 | 5 | package basicauth 6 | -------------------------------------------------------------------------------- /.github/workflows/security.yml: -------------------------------------------------------------------------------- 1 | on: [push, pull_request] 2 | name: Security 3 | jobs: 4 | Gosec: 5 | runs-on: ubuntu-latest 6 | steps: 7 | - name: Fetch Repository 8 | uses: actions/checkout@v2 9 | - name: Run Gosec 10 | uses: securego/gosec@master 11 | with: 12 | args: ./... -------------------------------------------------------------------------------- /.github/workflows/linter.yml: -------------------------------------------------------------------------------- 1 | on: [push, pull_request] 2 | name: Linter 3 | jobs: 4 | Golint: 5 | runs-on: ubuntu-latest 6 | steps: 7 | - name: Fetch Repository 8 | uses: actions/checkout@v2 9 | - name: Run Golint 10 | uses: reviewdog/action-golangci-lint@v1 11 | with: 12 | golangci_lint_flags: "--tests=false" 13 | -------------------------------------------------------------------------------- /.github/workflows/test.yml: -------------------------------------------------------------------------------- 1 | on: [push, pull_request] 2 | name: Test 3 | jobs: 4 | Build: 5 | strategy: 6 | matrix: 7 | go-version: [1.11.x, 1.14.x] 8 | platform: [ubuntu-latest, windows-latest] 9 | runs-on: ${{ matrix.platform }} 10 | steps: 11 | - name: Install Go 12 | uses: actions/setup-go@v1 13 | with: 14 | go-version: ${{ matrix.go-version }} 15 | - name: Fetch Repository 16 | uses: actions/checkout@v2 17 | - name: Run Test 18 | run: go test -race -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 Fiber 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /.github/workflows/gotidy.yml: -------------------------------------------------------------------------------- 1 | name: Tidy 2 | 3 | on: 4 | push: 5 | branches: 6 | - 'master' 7 | paths: 8 | - '.github/workflows/gotidy.yml' 9 | - 'go.mod' 10 | - 'go.sum' 11 | 12 | jobs: 13 | fix: 14 | runs-on: ubuntu-latest 15 | steps: 16 | - 17 | name: Checkout 18 | uses: actions/checkout@v2.3.1 19 | - 20 | name: Set up Go 21 | uses: actions/setup-go@v2 22 | with: 23 | go-version: 1.13 24 | - 25 | name: Tidy 26 | run: | 27 | rm -f go.sum 28 | go mod tidy 29 | - 30 | name: Set up Git 31 | env: 32 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 33 | run: | 34 | git config user.name GitHub 35 | git config user.email noreply@github.com 36 | git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git 37 | - 38 | name: Commit and push changes 39 | run: | 40 | git add . 41 | if output=$(git status --porcelain) && [ ! -z "$output" ]; then 42 | git commit --author "github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>" --message "Fix go modules" 43 | git push 44 | fi -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/andybalholm/brotli v1.0.0 h1:7UCwP93aiSfvWpapti8g88vVVGp2qqtGyePsSuDafo4= 2 | github.com/andybalholm/brotli v1.0.0/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= 3 | github.com/gofiber/fiber v1.14.2 h1:JRm2REz1TVNt9ZXErTKhVV4y3u4QSmsQ2UU6LB6I6Ic= 4 | github.com/gofiber/fiber v1.14.2/go.mod h1:KxRvVkqzfZOO6A7mBu+j7ncX2AcT6Sm6F7oeGR3Kgmw= 5 | github.com/gofiber/utils v0.0.9 h1:Bu4grjEB4zof1TtpmPCG6MeX5nGv8SaQfzaUgjkf3H8= 6 | github.com/gofiber/utils v0.0.9/go.mod h1:9J5aHFUIjq0XfknT4+hdSMG6/jzfaAgCu4HEbWDeBlo= 7 | github.com/gorilla/schema v1.1.0 h1:CamqUDOFUBqzrvxuz2vEwo8+SUdwsluFh7IlzJh30LY= 8 | github.com/gorilla/schema v1.1.0/go.mod h1:kgLaKoK1FELgZqMAVxx/5cbj0kT+57qxUrAlIO2eleU= 9 | github.com/klauspost/compress v1.10.7 h1:7rix8v8GpI3ZBb0nSozFRgbtXKv+hOe+qfEpZqybrAg= 10 | github.com/klauspost/compress v1.10.7/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= 11 | github.com/mattn/go-colorable v0.1.7 h1:bQGKb3vps/j0E9GfJQ03JyhRuxsvdAanXlT9BTw3mdw= 12 | github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= 13 | github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= 14 | github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= 15 | github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= 16 | github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= 17 | github.com/valyala/fasthttp v1.15.1 h1:eRb5jzWhbCn/cGu3gNJMcOfPUfXgXCcQIOHjh9ajAS8= 18 | github.com/valyala/fasthttp v1.15.1/go.mod h1:YOKImeEosDdBPnxc0gy7INqi3m1zK6A+xl6TwOBhHCA= 19 | github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a h1:0R4NLDRDZX6JcmhJgXi5E4b8Wg84ihbmUKp/GvSPEzc= 20 | github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= 21 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 22 | golang.org/x/net v0.0.0-20200602114024-627f9648deb9/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= 23 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 24 | golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 25 | golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 26 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 27 | golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980 h1:OjiUf46hAmXblsZdnoSXsEUSKU8r1UEzcL5RVZ4gO9Y= 28 | golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 29 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 30 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | // 🚀 Fiber is an Express inspired web framework written in Go with 💖 2 | // 📌 API Documentation: https://fiber.wiki 3 | // 📝 Github Repository: https://github.com/gofiber/fiber 4 | 5 | package basicauth 6 | 7 | import ( 8 | "encoding/base64" 9 | "strings" 10 | 11 | "github.com/gofiber/fiber" 12 | ) 13 | 14 | // Config defines the config for BasicAuth middleware 15 | type Config struct { 16 | // Filter defines a function to skip middleware. 17 | // Optional. Default: nil 18 | Filter func(*fiber.Ctx) bool 19 | // Users defines the allowed credentials 20 | // Required. Default: map[string]string{} 21 | Users map[string]string 22 | // Realm is a string to define realm attribute of BasicAuth. 23 | // the realm identifies the system to authenticate against 24 | // and can be used by clients to save credentials 25 | // Optional. Default: "Restricted". 26 | Realm string 27 | // Authorizer defines a function you can pass 28 | // to check the credentials however you want. 29 | // It will be called with a username and password 30 | // and is expected to return true or false to indicate 31 | // that the credentials were approved or not. 32 | // Optional. Default: nil. 33 | Authorizer func(string, string) bool 34 | // Unauthorized defines the response body for unauthorized responses. 35 | // Optional. Default: nil 36 | Unauthorized func(*fiber.Ctx) 37 | } 38 | 39 | func New(config ...Config) func(*fiber.Ctx) { 40 | // Init config 41 | var cfg Config 42 | if len(config) > 0 { 43 | cfg = config[0] 44 | } 45 | if cfg.Users == nil { 46 | cfg.Users = map[string]string{} 47 | } 48 | if cfg.Realm == "" { 49 | cfg.Realm = "Restricted" 50 | } 51 | if cfg.Authorizer == nil { 52 | cfg.Authorizer = func(user, pass string) bool { 53 | if user == "" || pass == "" { 54 | return false 55 | } 56 | return cfg.Users[user] == pass 57 | } 58 | } 59 | if cfg.Unauthorized == nil { 60 | cfg.Unauthorized = func(c *fiber.Ctx) { 61 | c.Set(fiber.HeaderWWWAuthenticate, "basic realm="+cfg.Realm) 62 | c.SendStatus(401) 63 | } 64 | } 65 | // Return middleware handler 66 | return func(c *fiber.Ctx) { 67 | // Filter request to skip middleware 68 | if cfg.Filter != nil && cfg.Filter(c) { 69 | c.Next() 70 | return 71 | } 72 | // Get authorization header 73 | auth := c.Get(fiber.HeaderAuthorization) 74 | // Check if header is valid 75 | if len(auth) > 6 && strings.ToLower(auth[:5]) == "basic" { 76 | // Try to decode 77 | if raw, err := base64.StdEncoding.DecodeString(auth[6:]); err == nil { 78 | // Convert to string 79 | cred := string(raw) 80 | // Find semicolumn 81 | for i := 0; i < len(cred); i++ { 82 | if cred[i] == ':' { 83 | // Split into user & pass 84 | user := cred[:i] 85 | pass := cred[i+1:] 86 | // If exist & match in Users, we let him pass 87 | if cfg.Authorizer(user, pass) { 88 | c.Locals("username", user) 89 | c.Locals("password", pass) 90 | c.Next() 91 | return 92 | } 93 | } 94 | } 95 | } 96 | } 97 | // Authentication failed 98 | cfg.Unauthorized(c) 99 | } 100 | } 101 | --------------------------------------------------------------------------------