From 1de0ab3b720cf7b83a7e29de4dbe35c117ccea0e Mon Sep 17 00:00:00 2001
From: Brian Picciano <mediocregopher@gmail.com>
Date: Sat, 21 May 2022 09:17:43 -0600
Subject: Define an actual middleware type, use that to set up API routes

---
 srv/src/http/auth.go | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

(limited to 'srv/src/http/auth.go')

diff --git a/srv/src/http/auth.go b/srv/src/http/auth.go
index 9527cc8..3ad026a 100644
--- a/srv/src/http/auth.go
+++ b/srv/src/http/auth.go
@@ -65,7 +65,7 @@ func (a *auther) Allowed(ctx context.Context, username, password string) bool {
 	return err == nil
 }
 
-func authMiddleware(auther Auther, h http.Handler) http.Handler {
+func authMiddleware(auther Auther) middleware {
 
 	respondUnauthorized := func(rw http.ResponseWriter, r *http.Request) {
 		rw.Header().Set("WWW-Authenticate", `Basic realm="NOPE"`)
@@ -73,20 +73,22 @@ func authMiddleware(auther Auther, h http.Handler) http.Handler {
 		apiutil.GetRequestLogger(r).WarnString(r.Context(), "unauthorized")
 	}
 
-	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+	return func(h http.Handler) http.Handler {
+		return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 
-		username, password, ok := r.BasicAuth()
+			username, password, ok := r.BasicAuth()
 
-		if !ok {
-			respondUnauthorized(rw, r)
-			return
-		}
+			if !ok {
+				respondUnauthorized(rw, r)
+				return
+			}
 
-		if !auther.Allowed(r.Context(), username, password) {
-			respondUnauthorized(rw, r)
-			return
-		}
+			if !auther.Allowed(r.Context(), username, password) {
+				respondUnauthorized(rw, r)
+				return
+			}
 
-		h.ServeHTTP(rw, r)
-	})
+			h.ServeHTTP(rw, r)
+		})
+	}
 }
-- 
cgit v1.2.3