Basic Auth Middleware
Basic auth middleware provides an HTTP basic authentication.
- For valid credentials it calls the next handler.
- For missing or invalid credentials, it sends “401 - Unauthorized” response.
Usage
e.Use(middleware.BasicAuth(func(username, password string, c echo.Context) (bool, error) {
// Be careful to use constant time comparison to prevent timing attacks
if subtle.ConstantTimeCompare([]byte(username), []byte("joe")) == 1 &&
subtle.ConstantTimeCompare([]byte(password), []byte("secret")) == 1 {
return true, nil
}
return false, nil
}))
Custom Configuration
Usage
e.Use(middleware.BasicAuthWithConfig(middleware.BasicAuthConfig{}))
Configuration
BasicAuthConfig struct {
// Skipper defines a function to skip middleware.
Skipper Skipper
// Validator is a function to validate BasicAuth credentials.
// Required.
Validator BasicAuthValidator
// Realm is a string to define realm attribute of BasicAuth.
// Default value "Restricted".
Realm string
}
Default Configuration
DefaultBasicAuthConfig = BasicAuthConfig{
Skipper: DefaultSkipper,
}