aboutsummaryrefslogtreecommitdiff
path: root/lib/api/api_auth.go
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/api_auth.go')
-rw-r--r--lib/api/api_auth.go8
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/api/api_auth.go b/lib/api/api_auth.go
index 7f9610068..7af4faacb 100644
--- a/lib/api/api_auth.go
+++ b/lib/api/api_auth.go
@@ -42,8 +42,8 @@ func antiBruteForceSleep() {
time.Sleep(time.Duration(rand.Intn(100)+100) * time.Millisecond)
}
-func unauthorized(w http.ResponseWriter) {
- w.Header().Set("WWW-Authenticate", "Basic realm=\"Authorization Required\"")
+func unauthorized(w http.ResponseWriter, shortID string) {
+ w.Header().Set("WWW-Authenticate", fmt.Sprintf(`Basic realm="Authorization Required (%s)"`, shortID))
http.Error(w, "Not Authorized", http.StatusUnauthorized)
}
@@ -78,7 +78,7 @@ func isNoAuthPath(path string) bool {
})
}
-func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfiguration, ldapCfg config.LDAPConfiguration, next http.Handler, evLogger events.Logger) http.Handler {
+func basicAuthAndSessionMiddleware(cookieName, shortID string, guiCfg config.GUIConfiguration, ldapCfg config.LDAPConfiguration, next http.Handler, evLogger events.Logger) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if hasValidAPIKeyHeader(r, guiCfg) {
next.ServeHTTP(w, r)
@@ -117,7 +117,7 @@ func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfigura
// Some browsers don't send the Authorization request header unless prompted by a 401 response.
// This enables https://user:pass@localhost style URLs to keep working.
if guiCfg.SendBasicAuthPrompt {
- unauthorized(w)
+ unauthorized(w, shortID)
return
}
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion