security.go

Documentation: github.com/go-openapi/runtime/middleware

     1  // Copyright 2015 go-swagger maintainers
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //    http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package middleware
    16  
    17  import "net/http"
    18  
    19  func newSecureAPI(ctx *Context, next http.Handler) http.Handler {
    20  	return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
    21  		route, rCtx, _ := ctx.RouteInfo(r)
    22  		if rCtx != nil {
    23  			r = rCtx
    24  		}
    25  		if route != nil && !route.NeedsAuth() {
    26  			next.ServeHTTP(rw, r)
    27  			return
    28  		}
    29  
    30  		_, rCtx, err := ctx.Authorize(r, route)
    31  		if err != nil {
    32  			ctx.Respond(rw, r, route.Produces, route, err)
    33  			return
    34  		}
    35  		r = rCtx
    36  
    37  		next.ServeHTTP(rw, r)
    38  	})
    39  }
    40
View as plain text