func authUser(confProvider config.Provider, r *http.Request) (*config.User, error) { // check for a session token session := r.Header.Get(SESSION_HEADER_NAME) // create user doesn't require auth if r.URL.Path == "/api/user" && r.Method == "POST" { return confProvider.GetUserByUserName("admin") } // fetch the user id from the session store for this token if session != "" { userName, err := GlobalSession.Get(session) if err != nil { return nil, err } // get the user by the given id return confProvider.GetUser(userName) } user, password, ok := r.BasicAuth() if !ok { return nil, fmt.Errorf("Auth not provided") } // fetch the user u, err := confProvider.GetUserByUserName(user) if err != nil { return nil, err } // check to see if the password is correct if !config.CheckUserPassword(u, password) { return nil, fmt.Errorf("The provided password is incorrect for user %s", user) } return u, nil }