package handlers import ( "io" "log" "net/http" "gitlab.hamburg.ccc.de/ccchh/spaceapid/config" "gitlab.hamburg.ccc.de/ccchh/spaceapid/util" ) // updateEndpointValidator checks BasicAuth credentials, // checks for correct HTTP method and then returns the request body func updateEndpointValidator( authDB config.HTTPBACredentials, validCredentials []config.HTTPBACredentialID, w http.ResponseWriter, r *http.Request, ) (body []byte) { // Check BasicAuth credentials username, password, ok := r.BasicAuth() if !ok || !util.CheckCredentials(authDB, validCredentials, username, password) { log.Println("Unauthorized request from", r.RemoteAddr, "Username:", username, "Password:", password) w.Header().Set("WWW-Authenticate", "Basic realm=\"space-api\"") w.WriteHeader(http.StatusUnauthorized) return } // Check if PUT method if r.Method != http.MethodPut { log.Println("Wrong Method: ", r.Method, "from", r.RemoteAddr, "at", r.RequestURI) w.Header().Set("Allow", http.MethodPut) w.WriteHeader(http.StatusMethodNotAllowed) return } // Read request body body, err := io.ReadAll(r.Body) if err != nil { log.Println("Failed to read request body from", r.RemoteAddr) w.WriteHeader(http.StatusInternalServerError) _, _ = io.WriteString(w, "Failed reading HTTP request body") return } return body }