+ log.Println("login:", login, "invalid password:", err)
+ isGood = false
+ continue
+ }
+ var ro bool
+ if len(splitted) > 2 {
+ switch splitted[2] {
+ case "ro":
+ ro = true
+ default:
+ log.Println("wrong format of optional field:", t)
+ isGood = false
+ continue
+ }
+ }
+ log.Println("adding password for:", login)
+ PasswordsM.Lock()
+ Passwords[login] = &User{name: login, ro: ro, auther: auther}
+ PasswordsM.Unlock()
+ }
+ return isGood
+}
+
+func passwdLister(fd *os.File) {
+ PasswordsM.RLock()
+ logins := make([]string, 0, len(Passwords))
+ for login := range Passwords {
+ logins = append(logins, login)
+ }
+ PasswordsM.RUnlock()
+ for _, login := range logins {
+ fd.WriteString(login + "\n")
+ }
+}
+
+func checkAuth(handler http.HandlerFunc) http.HandlerFunc {
+ return func(w http.ResponseWriter, r *http.Request) {
+ username, password, gotAuth := r.BasicAuth()
+ var user *User
+ if gotAuth {
+ PasswordsM.RLock()
+ user = Passwords[username]
+ PasswordsM.RUnlock()
+ }
+ var passwordValid bool
+ if gotAuth && user != nil {
+ passwordValid = user.auther.Auth(password)
+ }
+ if (gotAuth && user == nil) ||
+ (user != nil && !passwordValid) ||
+ (*AuthRequired && !gotAuth) {
+ log.Println(r.RemoteAddr, "unauthenticated", username)
+ http.Error(w, "unauthenticated", http.StatusUnauthorized)
+ return