• Home
• io.javalin
• javalin
• 3.13.9
• source code
• BasicAuthFilter.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.javalin.core.security.BasicAuthFilter.kt Maven / Gradle / Ivy

/*
 * Javalin - https://javalin.io
 * Copyright 2017 David Åse
 * Licensed under Apache 2.0: https://github.com/tipsy/javalin/blob/master/LICENSE
 */

package io.javalin.core.security

import io.javalin.Javalin
import io.javalin.core.plugin.Plugin
import io.javalin.core.util.Header
import io.javalin.http.UnauthorizedResponse

// adds a filter that runs before every http request (does not apply to websocket upgrade requests)
class BasicAuthFilter(private val username: String, private val password: String) : Plugin {
    override fun apply(app: Javalin) {
        app.before { ctx ->
            try {
                val (user, pass) = ctx.basicAuthCredentials()
                if (user != username || pass != password) {
                    throw RuntimeException("Incorrect username or password")
                }
            } catch (e: Exception) { // badly formatted header OR incorrect credentials
                ctx.header(Header.WWW_AUTHENTICATE, "Basic")
                throw UnauthorizedResponse()
            }
        }
    }
}