Basic Auth

Basic auth middleware provides an HTTP basic authentication.

  • For valid credentials it calls the next handler.
  • For missing or invalid credentials, it sends “401 - Unauthorized” response.

Usage

  1. e.Use(middleware.BasicAuth(func(username, password string, c echo.Context) (bool, error) {
  2. // Be careful to use constant time comparison to prevent timing attacks
  3. if subtle.ConstantTimeCompare([]byte(username), []byte("joe")) == 1 &&
  4. subtle.ConstantTimeCompare([]byte(password), []byte("secret")) == 1 {
  5. return true, nil
  6. }
  7. return false, nil
  8. }))

Custom Configuration

Usage

  1. e.Use(middleware.BasicAuthWithConfig(middleware.BasicAuthConfig{}))

Configuration

  1. BasicAuthConfig struct {
  2. // Skipper defines a function to skip middleware.
  3. Skipper Skipper
  4. // Validator is a function to validate BasicAuth credentials.
  5. // Required.
  6. Validator BasicAuthValidator
  7. // Realm is a string to define realm attribute of BasicAuth.
  8. // Default value "Restricted".
  9. Realm string
  10. }

Default Configuration

  1. DefaultBasicAuthConfig = BasicAuthConfig{
  2. Skipper: DefaultSkipper,
  3. }