blob: 891cf762f562c1cfafe820d67d4d7b5018e2e79f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
// Copyright 2020 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package authutil
import (
"encoding/base64"
"net/http"
"strings"
)
// DecodeBasic extracts username and password from given header using HTTP Basic Auth.
// It returns empty strings if values are not presented or not valid.
func DecodeBasic(header http.Header) (username, password string) {
if len(header) == 0 {
return "", ""
}
fields := strings.Fields(header.Get("Authorization"))
if len(fields) != 2 || fields[0] != "Basic" {
return "", ""
}
p, err := base64.StdEncoding.DecodeString(fields[1])
if err != nil {
return "", ""
}
creds := strings.SplitN(string(p), ":", 2)
if len(creds) == 1 {
return creds[0], ""
}
return creds[0], creds[1]
}
|