commit ce95a6f83e52d2f1bc5694842dce3e54da7c6501
author Julien Schmidt <julienschmidt@users.noreply.github.com> Sun Jan 04 14:47:15 2015 +0800
committer Julien Schmidt <julienschmidt@users.noreply.github.com> Sun Jan 04 14:47:15 2015 +0800
tree db6cc338a2887f3209db5549118fd2c8b02a070f
parent 99873563b6bbe559753ca32caec04480843fbb0f

README: Add Basic Auth example

README.md

diff --git a/README.md b/README.md
index 082e4cf..e22d6f5 100644
--- a/README.md
+++ b/README.md
@@ -191,6 +191,7 @@
 
 Alternatively, you could try [a framework building upon HttpRouter](#web-frameworks-building-upon-httprouter).
 
+### Multi-domain / Sub-domains
 Here is a quick example: Does your server serve multiple domains / hosts?
 You want to use sub-domains?
 Define a router per host!
@@ -228,6 +229,67 @@
 }
 ```
 
+### Basic Authentication
+Another quick example: Basic Authentification (RFC 2617) for handles:
+
+```go
+package main
+
+import (
+    "bytes"
+    "encoding/base64"
+    "fmt"
+    "github.com/julienschmidt/httprouter"
+    "net/http"
+    "log"
+    "strings"
+)
+
+func BasicAuth(h httprouter.Handle, user, pass []byte) httprouter.Handle {
+	return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
+		const basicAuthPrefix string = "Basic "
+
+		// Get the Basic Authentication credentials
+		auth := r.Header.Get("Authorization")
+		if strings.HasPrefix(auth, basicAuthPrefix) {
+			// Check credentials
+			payload, err := base64.StdEncoding.DecodeString(auth[len(basicAuthPrefix):])
+			if err == nil {
+				pair := bytes.SplitN(payload, []byte(":"), 2)
+				if len(pair) == 2 && bytes.Equal(pair[0], user) && bytes.Equal(pair[1], pass) {
+					// Delegate request to the given handle
+					h(w, r, ps)
+					return
+				}
+			}
+		}
+
+		// Request Basic Authentication otherwise
+		w.Header().Set("WWW-Authenticate", "Basic realm=Restricted")
+		http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
+	}
+}
+
+func Index(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+    fmt.Fprint(w, "Not protected!\n")
+}
+
+func Protected(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+    fmt.Fprint(w, "Protected!\n")
+}
+
+func main() {
+    user := []byte("gordon")
+    pass := []byte("secret!")
+    
+    router := httprouter.New()
+    router.GET("/", Index)
+    router.GET("/protected/", BasicAuth(Protected, user, pass))
+
+    log.Fatal(http.ListenAndServe(":8080", router))
+}
+```
+
 ## Web Frameworks building upon HttpRouter
 If the HttpRouter is a bit too minimalistic for you, you might try one of the following more high-level 3rd-party web frameworks building upon the HttpRouter package:
 * [Gin](https://github.com/gin-gonic/gin): Features a martini-like API with much better performance