// Serve the actual middleware
func (b *basicAuthMiddleware) Serve(ctx *iris.Context) {
if auth, found := b.findAuth(ctx.RequestHeader("Authorization")); !found {
/* I spent time for nothing
if b.banEnabled && auth != nil { // this propably never work
if auth.tries == b.config.MaxTries {
auth.bannedTime = time.Now()
auth.unbanTime = time.Now().Add(b.config.BanDuration) // set the unban time
auth.tries++ // we plus them in order to check if already banned later
// client is banned send a forbidden status and don't continue
ctx.SetStatusCode(iris.StatusForbidden)
return
} else if auth.tries > b.config.MaxTries { // it's already banned, so check the ban duration with the bannedTime
if time.Now().After(auth.unbanTime) { // here we unban the client
auth.tries = 0
auth.bannedTime = config.CookieExpireNever
auth.unbanTime = config.CookieExpireNever
// continue and askCredentials as normal
} else {
// client is banned send a forbidden status and don't continue
ctx.SetStatusCode(iris.StatusForbidden)
return
}
}
}
if auth != nil {
auth.tries++
}*/
b.askForCredentials(ctx)
// don't continue to the next handler
} else {
// all ok set the context's value in order to be getable from the next handler
ctx.Set(b.config.ContextKey, auth.Username)
if b.expireEnabled {
if auth.logged == false {
auth.expires = time.Now().Add(b.config.Expires)
auth.logged = true
}
if time.Now().After(auth.expires) {
b.askForCredentials(ctx) // ask for authentication again
return
}
}
//auth.tries = 0
ctx.Next() // continue
}
}
