MCPcopy
hub / github.com/AdguardTeam/dnsproxy / checkBasicAuth

Method checkBasicAuth

proxy/serverhttps.go:257–279  ·  view source on GitHub ↗

checkBasicAuth checks the basic authorization data, if necessary, and if the data isn't valid, it writes an error. shouldHandle is false if the request has been denied. p.HTTPConfig must not be nil.

(
	w http.ResponseWriter,
	r *http.Request,
	raddr netip.AddrPort,
)

Source from the content-addressed store, hash-verified

255// data isn't valid, it writes an error. shouldHandle is false if the request
256// has been denied. p.HTTPConfig must not be nil.
257func (p *Proxy) checkBasicAuth(
258 w http.ResponseWriter,
259 r *http.Request,
260 raddr netip.AddrPort,
261) (shouldHandle bool) {
262 ui := p.HTTPConfig.Userinfo
263 if ui == nil {
264 return true
265 }
266
267 user, pass, _ := r.BasicAuth()
268 if matchesUserinfo(ui, user, pass) {
269 return true
270 }
271
272 p.logger.Error("basic auth failed", "user", user, "raddr", raddr)
273
274 h := w.Header()
275 h.Set(httphdr.WWWAuthenticate, `Basic realm="DNS", charset="UTF-8"`)
276 http.Error(w, "Authorization required", http.StatusUnauthorized)
277
278 return false
279}
280
281// matchesUserinfo returns false if user and pass don't match userinfo.
282// userinfo must not be nil.

Callers 1

ServeHTTPMethod · 0.95

Calls 3

matchesUserinfoFunction · 0.85
ErrorMethod · 0.45
SetMethod · 0.45

Tested by

no test coverage detected