// auth (orize) the user to use the API service. func auth( handler func(*web.Context), ) http.HandlerFunc { return func(w http.ResponseWriter, r *http.Request) { defer r.Body.Close() ctx := web.NewContext(w, r) // Retrieve username and password from headers. username, password, ok := r.BasicAuth() if !ok { if 0 == len(username) { username = "******" } log.For("/ROUTER(AUTH)", username).Warning().Print("Unknown user and/or password") ctx.Reply().Status(http.StatusUnauthorized).Do() return } // Perform authorization check. if id, err := user.Authorize(username, password); nil != err { // FAILED log.For("/ROUTER(AUTH)", username).Warning().Print("Authentication failed") ctx.Reply().Status(http.StatusUnauthorized).With(err.Error()).Do() } else { // SUCCESS ctx.User = username ctx.UserID = id handler(ctx) } } }
//////////////////////////////////////////////////////////////////////////////// // TEST PUT //////////////////////////////////////////////////////////////////////////////// func testPut(t *testing.T) { srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { defer r.Body.Close() ctx := web.NewContext(w, r) ctx.User = "******" ctx.UserID = "01010101010101010101010101010101" Route(ctx) })) defer srv.Close() testPutGood(t, srv) testPutBad1(t, srv) testPutBad2(t, srv) }