Remove basic auth middleware

2016-11-26 21:50:50 +03:00 · 2016-11-26 21:50:50 +03:00 · b4c10a3f59
commit b4c10a3f59
parent 13293a675d
4 changed files with 0 additions and 79 deletions
--- a/spec/helpers_spec.cr
+++ b/spec/helpers_spec.cr
@ -1,13 +1,6 @@
 require "./spec_helper"

 describe "Macros" do
-  describe "#basic_auth" do
-    it "adds HTTPBasicAuthHandler" do
-      basic_auth "serdar", "123"
-      Kemal.config.handlers.size.should eq 6
-    end
-  end
-
  describe "#public_folder" do
    it "sets public folder" do
      public_folder "/some/path/to/folder"
--- a/spec/middleware/http_basic_auth_spec.cr
+++ b/spec/middleware/http_basic_auth_spec.cr
@ -1,28 +0,0 @@
-require "../spec_helper"
-
-describe "Kemal::Middleware::HTTPBasicAuth" do
-  it "goes to next handler with correct credentials" do
-    auth_handler = Kemal::Middleware::HTTPBasicAuth.new("serdar", "123")
-    request = HTTP::Request.new(
-      "GET",
-      "/",
-      headers: HTTP::Headers{"Authorization" => "Basic c2VyZGFyOjEyMw=="},
-    )
-
-    io_with_context = create_request_and_return_io(auth_handler, request)
-    client_response = HTTP::Client::Response.from_io(io_with_context, decompress: false)
-    client_response.status_code.should eq 404
-  end
-
-  it "returns 401 with incorrect credentials" do
-    auth_handler = Kemal::Middleware::HTTPBasicAuth.new("serdar", "123")
-    request = HTTP::Request.new(
-      "GET",
-      "/",
-      headers: HTTP::Headers{"Authorization" => "NotBasic"},
-    )
-    io_with_context = create_request_and_return_io(auth_handler, request)
-    client_response = HTTP::Client::Response.from_io(io_with_context, decompress: false)
-    client_response.status_code.should eq 401
-  end
-end
--- a/src/kemal/helpers/helpers.cr
+++ b/src/kemal/helpers/helpers.cr
@ -3,12 +3,6 @@ def add_handler(handler)
  Kemal.config.add_handler handler
 end

-# Uses Kemal::Middleware::HTTPBasicAuth to easily add HTTP Basic Auth support.
-def basic_auth(username, password)
-  auth_handler = Kemal::Middleware::HTTPBasicAuth.new(username, password)
-  add_handler auth_handler
-end
-
 # Sets public folder from which the static assets will be served.
 # By default this is `/public` not `src/public`.
 def public_folder(path)
--- a/src/kemal/middleware/http_basic_auth.cr
+++ b/src/kemal/middleware/http_basic_auth.cr
@ -1,38 +0,0 @@
-require "base64"
-
-module Kemal::Middleware
-  # This middleware adds HTTP Basic Auth support to your application.
-  # Returns 401 "Unauthorized" with wrong credentials.
-  #
-  # auth_handler = Kemal::Middleware::HTTPBasicAuth.new("username", "password")
-  # Kemal.config.add_handler auth_handler
-  #
-  class HTTPBasicAuth < HTTP::Handler
-    BASIC                 = "Basic"
-    AUTH                  = "Authorization"
-    AUTH_MESSAGE          = "Could not verify your access level for that URL.\nYou have to login with proper credentials"
-    HEADER_LOGIN_REQUIRED = "Basic realm=\"Login Required\""
-
-    def initialize(@username : String?, @password : String?)
-    end
-
-    def call(context)
-      if context.request.headers[AUTH]?
-        if value = context.request.headers[AUTH]
-          if value.size > 0 && value.starts_with?(BASIC)
-            return call_next(context) if authorized?(value)
-          end
-        end
-      end
-      headers = HTTP::Headers.new
-      context.response.status_code = 401
-      context.response.headers["WWW-Authenticate"] = HEADER_LOGIN_REQUIRED
-      context.response.print AUTH_MESSAGE
-    end
-
-    def authorized?(value)
-      username, password = Base64.decode_string(value[BASIC.size + 1..-1]).split(":")
-      @username == username && @password == password
-    end
-  end
-end