// Serve the actual middleware func (b *basicAuthMiddleware) Serve(ctx *iris.Context) { if auth, found := b.findAuth(ctx.RequestHeader("Authorization")); !found { /* I spent time for nothing if b.banEnabled && auth != nil { // this propably never work if auth.tries == b.config.MaxTries { auth.bannedTime = time.Now() auth.unbanTime = time.Now().Add(b.config.BanDuration) // set the unban time auth.tries++ // we plus them in order to check if already banned later // client is banned send a forbidden status and don't continue ctx.SetStatusCode(iris.StatusForbidden) return } else if auth.tries > b.config.MaxTries { // it's already banned, so check the ban duration with the bannedTime if time.Now().After(auth.unbanTime) { // here we unban the client auth.tries = 0 auth.bannedTime = config.CookieExpireNever auth.unbanTime = config.CookieExpireNever // continue and askCredentials as normal } else { // client is banned send a forbidden status and don't continue ctx.SetStatusCode(iris.StatusForbidden) return } } } if auth != nil { auth.tries++ }*/ b.askForCredentials(ctx) // don't continue to the next handler } else { // all ok set the context's value in order to be getable from the next handler ctx.Set(b.config.ContextKey, auth.Username) if b.expireEnabled { if auth.logged == false { auth.expires = time.Now().Add(b.config.Expires) auth.logged = true } if time.Now().After(auth.expires) { b.askForCredentials(ctx) // ask for authentication again return } } //auth.tries = 0 ctx.Next() // continue } }