Factor out authentication logic from handlers.

author: Marius Peter <dev@marius-peter.com> 2025-11-30 18:39:57 +0100
committer: Marius Peter <dev@marius-peter.com> 2025-11-30 18:39:57 +0100
commit: 60ccbcc94bf66692bcc1c2db21d5244cc40146ee (patch)
tree: 68fa7247a7cc81f893732b0ce6697bd4b510c736 /authentication.rkt
parent: eae3703c7b86dc8630f60d45f2734336da757eea (diff)
1 files changed, 33 insertions, 0 deletions
diff --git a/authentication.rkt b/authentication.rkt
new file mode 100644
index 0000000..9e9400b
--- /dev/null
+++ b/authentication.rkt
@@ -0,0 +1,33 @@
+#lang racket
+
+(provide make-auth-dispatch)
+
+(require web-server/http
+         web-server/http/basic-auth)
+
+(define ferti-user
+  (or (getenv "FERTI_USER") (error 'authentication "FERTI_USER environment variable is not set")))
+(define ferti-pass
+  (or (getenv "FERTI_PASS") (error 'authentication "FERTI_PASS environment variable is not set")))
+
+(define (make-auth-dispatch handler)
+  (lambda (req)
+    (if (authorized? req)
+        (handler req)
+        (unauthorized-response))))
+
+(define (authorized? req)
+  (match (request->basic-credentials req)
+    [(cons user-b pass-b)
+     (define user (bytes->string/utf-8 user-b))
+     (define pass (bytes->string/utf-8 pass-b))
+     (and (string=? user ferti-user) (string=? pass ferti-pass))]
+    [_ #f]))
+
+(define (unauthorized-response)
+  (response 401
+            #"Unauthorized"
+            (current-seconds)
+            TEXT/HTML-MIME-TYPE
+            (list (make-basic-auth-header (format "Basic Auth Test: ~a" (gensym))))
+            void))
author	Marius Peter <dev@marius-peter.com>	2025-11-30 18:39:57 +0100
committer	Marius Peter <dev@marius-peter.com>	2025-11-30 18:39:57 +0100
commit	60ccbcc94bf66692bcc1c2db21d5244cc40146ee (patch)
tree	68fa7247a7cc81f893732b0ce6697bd4b510c736 /authentication.rkt
parent	eae3703c7b86dc8630f60d45f2734336da757eea (diff)