(rw http.ResponseWriter, req *http.Request)
| 385 | } |
| 386 | |
| 387 | func SendUnauthorized(rw http.ResponseWriter, req *http.Request) { |
| 388 | for _, m := range modes { |
| 389 | if us, ok := m.(UnauthorizedSender); ok { |
| 390 | if us.SendUnauthorized(rw, req) { |
| 391 | return |
| 392 | } |
| 393 | } |
| 394 | } |
| 395 | var realm string |
| 396 | hasDevAuth := func() (*DevAuth, bool) { |
| 397 | for _, m := range modes { |
| 398 | if devAuth, ok := m.(*DevAuth); ok { |
| 399 | return devAuth, ok |
| 400 | } |
| 401 | } |
| 402 | return nil, false |
| 403 | } |
| 404 | if devAuth, ok := hasDevAuth(); ok { |
| 405 | realm = "Any username, password is: " + devAuth.Password |
| 406 | } |
| 407 | // From what I've tested, it looks like sending just "Basic" would be ok, |
| 408 | // but RFC 2617 says realm is mandatory, so probably better to send an empty one. |
| 409 | rw.Header().Set("WWW-Authenticate", fmt.Sprintf("Basic realm=%q", realm)) |
| 410 | rw.WriteHeader(http.StatusUnauthorized) |
| 411 | fmt.Fprintf(rw, "<html><body><h1>Unauthorized</h1>") |
| 412 | } |
| 413 | |
| 414 | type Handler struct { |
| 415 | http.Handler |
no test coverage detected