Implement simple basic auth for the exporter

So this can be quickly thrown into public projects until better methods of authentications are available
2013-01-08 16:56:19 +01:00 · 2013-01-08 16:56:19 +01:00 · ca53ce1081
parent 474d1d53d1
commit ca53ce1081
1 changed files with 26 additions and 0 deletions
--- a/registry.go
+++ b/registry.go
@ -9,6 +9,7 @@ the LICENSE file.
 package registry

 import (
+	"encoding/base64"
 	"encoding/json"
 	"github.com/matttproud/golang_instrumentation/maths"
 	"github.com/matttproud/golang_instrumentation/metrics"
@ -117,6 +118,31 @@ func (r *Registry) Register(name string, metric metrics.Metric) {
 	}
 }

+func (register *Registry) YieldProtectedExporter(username, password string) http.HandlerFunc {
+	exporter := register.YieldExporter()
+
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		authenticated := false
+
+		if auth := r.Header.Get("Authorization"); auth != "" {
+			base64Encoded := strings.SplitAfter(auth, " ")[1]
+			decoded, err := base64.URLEncoding.DecodeString(base64Encoded)
+			if err == nil {
+				usernamePassword := strings.Split(string(decoded), ":")
+				if usernamePassword[0] == username && usernamePassword[1] == password {
+					authenticated = true
+				}
+			}
+		}
+
+		if authenticated {
+			exporter.ServeHTTP(w, r)
+		} else {
+			http.Error(w, "access forbidden", 403)
+		}
+	})
+}
+
 /*
 Create a http.HandlerFunc that is tied to r Registry such that requests
 against it generate a representation of the housed metrics.