// ForceSecure validates that a request is sent over SSL regardless of the global API config
func (f ForceSecure) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {
if !r.Secure {
if !r.IsLocal() || !f.AllowLocalInsecure {
return nil, vertex.UnauthorizedError("Insecure Access Forbidden")
}
}
return next(w, r)
}
func (b BasicAuth) Handle(w http.ResponseWriter, r *vertex.Request, next vertex.HandlerFunc) (interface{}, error) {
if !r.IsLocal() || !b.BypassForLocal {
user, pass, ok := r.BasicAuth()
if !ok {
logging.Debug("No auth header, denying")
b.requireAuth(w)
return nil, vertex.Hijacked
}
if user != b.User || pass != b.Password {
logging.Warning("Unmatching auth: %s/%s", user, pass)
b.requireAuth(w)
return nil, vertex.Hijacked
}
}
return next(w, r)
}