-
-
Notifications
You must be signed in to change notification settings - Fork 3
Tips: authorization
Andrea Fontana edited this page May 28, 2024
·
2 revisions
You can run an endpoint on top of the others, setting a high priority.
@priority(100) @endpoint
void require_auth(Request r, Output o)
{
// return 401 if not authorized.
// If it's ok, it will continue running next @endpoint
if (r.user != "test" || r.password != "secret")
{
o.status = 401;
o.addHeader("www-authenticate",`Basic realm="my serverino"`);
}
}Of course you can filter urls:
@priority(100) @endpoint
void require_auth(Request r, Output o)
{
// auth required only for url starting with /private/
if (!r.path.startsWith("/private/")) return;
// return 401 if not authorized.
// If it's ok, it will continue running next @endpoint
if (r.user != "test" || r.password != "secret")
{
o.status = 401;
o.addHeader("www-authenticate",`Basic realm="my serverino"`);
}
}