func AuthenticationMiddleware(registry kit.Registry, r kit.Request) (kit.Response, bool) {
// Handle authentication.
httpRequest := r.GetHttpRequest()
userService := registry.UserService()
if userService == nil {
return nil, false
}
authHeader := httpRequest.Header.Get("Authentication")
if authHeader == "" {
return nil, false
}
// Check for basic auth.
if strings.HasPrefix(authHeader, "Basic ") {
str := authHeader[6:]
data, err := base64.StdEncoding.DecodeString(str)
if err != nil {
return kit.NewErrorResponse("invalid_basic_auth"), false
} else {
parts := strings.Split(string(data), ":")
if len(parts) == 2 {
userIdentifier := parts[0]
pw := parts[1]
user, err := userService.AuthenticateUser(userIdentifier, "password", map[string]interface{}{"password": pw})
if err != nil {
return kit.NewErrorResponse(err), false
}
r.SetUser(user)
return nil, false
}
}
}
// Check for auth token.
if authHeader != "" {
token := authHeader
user, session, err := userService.VerifySession(token)
if err == nil {
r.SetUser(user)
r.SetSession(session)
return nil, false
} else {
return kit.NewErrorResponse(err), false
}
}
return nil, false
}