2015-08-14 11:17:57 +02:00
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
2015-08-25 11:35:49 +02:00
|
|
|
"errors"
|
2015-08-14 11:17:57 +02:00
|
|
|
"net/http"
|
|
|
|
|
)
|
|
|
|
|
|
2015-08-25 11:35:49 +02:00
|
|
|
func Authorize(r *http.Request) error {
|
2015-09-07 15:29:24 +02:00
|
|
|
|
|
|
|
|
htpasswd, err := NewHtpasswdFromFile("/tmp/restic/.htpasswd")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return errors.New("internal server error")
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-25 11:35:49 +02:00
|
|
|
username, password, ok := r.BasicAuth()
|
|
|
|
|
if !ok {
|
|
|
|
|
return errors.New("malformed basic auth credentials")
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-07 15:29:24 +02:00
|
|
|
if !htpasswd.Validate(username, password) {
|
2015-08-25 11:35:49 +02:00
|
|
|
return errors.New("unknown user")
|
|
|
|
|
}
|
|
|
|
|
|
2015-09-07 15:29:24 +02:00
|
|
|
repo, err := RepositoryName(r.RequestURI)
|
|
|
|
|
if err != nil || repo != username {
|
|
|
|
|
return errors.New("wrong repository")
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-25 11:35:49 +02:00
|
|
|
return nil
|
2015-08-14 11:17:57 +02:00
|
|
|
}
|
