(checkCSRFToken csrfTokenOption, f func(ctx context.Context, rc requestContext))
| 306 | } |
| 307 | |
| 308 | func (s *Server) requireAuth(checkCSRFToken csrfTokenOption, f func(ctx context.Context, rc requestContext)) http.HandlerFunc { |
| 309 | return func(w http.ResponseWriter, r *http.Request) { |
| 310 | rc := s.captureRequestContext(w, r) |
| 311 | |
| 312 | //nolint:contextcheck |
| 313 | if !s.isAuthenticated(rc) { |
| 314 | return |
| 315 | } |
| 316 | |
| 317 | if checkCSRFToken == csrfTokenRequired { |
| 318 | if !s.validateCSRFToken(r) { |
| 319 | http.Error(w, "Invalid or missing CSRF token.\n", http.StatusUnauthorized) |
| 320 | return |
| 321 | } |
| 322 | } |
| 323 | |
| 324 | f(r.Context(), rc) |
| 325 | } |
| 326 | } |
| 327 | |
| 328 | type isAuthorizedFunc func(ctx context.Context, rc requestContext) bool |
| 329 |
no test coverage detected