// ServeHTTP as per the negroni.Handler interface func (m *MixedAuthMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) { // HTTPS redirection err := util.NewSecure(m.service.GetConfig().IsDevelopment).Process(w, r) if err != nil { return } account, user, err := getMixedCredentialsFromRequest(r, m.service) if err != nil { // For security reasons, return a generic error message response.UnauthorizedError(w, ErrAccountOrUserAuthenticationRequired.Error()) return } if account != nil { context.Set(r, AuthenticatedAccountKey, account) } if user != nil { context.Set(r, AuthenticatedUserKey, user) } next(w, r) }
// ServeHTTP as per the negroni.Handler interface func (m *OptionalAuthMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) { // HTTPS redirection err := util.NewSecure(m.service.GetConfig().IsDevelopment).Process(w, r) if err != nil { return } // Optional user auth user, err := getUserCredentialsFromRequest(r, m.service) if err == nil && user != nil { context.Set(r, AuthenticatedUserKey, user) context.Set(r, AuthenticatedAccountKey, user.Account) } // Optional client auth account, err := getClientCredentialsFromRequest(r, m.service) if err == nil && account != nil { context.Set(r, AuthenticatedAccountKey, account) } next(w, r) }