MCPcopy
hub / github.com/caddyserver/caddy / HTTPBasicAuth

Struct HTTPBasicAuth

modules/caddyhttp/caddyauth/basicauth.go:37–68  ·  view source on GitHub ↗

HTTPBasicAuth facilitates HTTP basic authentication.

Source from the content-addressed store, hash-verified

35
36// HTTPBasicAuth facilitates HTTP basic authentication.
37type HTTPBasicAuth struct {
38 // The algorithm with which the passwords are hashed. Default: bcrypt
39 HashRaw json.RawMessage `json:"hash,omitempty" caddy:"namespace=http.authentication.hashes inline_key=algorithm"`
40
41 // The list of accounts to authenticate.
42 AccountList []Account `json:"accounts,omitempty"`
43
44 // The name of the realm. Default: restricted
45 Realm string `json:"realm,omitempty"`
46
47 // If non-nil, a mapping of plaintext passwords to their
48 // hashes will be cached in memory (with random eviction).
49 // This can greatly improve the performance of traffic-heavy
50 // servers that use secure password hashing algorithms, with
51 // the downside that plaintext passwords will be stored in
52 // memory for a longer time (this should not be a problem
53 // as long as your machine is not compromised, at which point
54 // all bets are off, since basicauth necessitates plaintext
55 // passwords being received over the wire anyway). Note that
56 // a cache hit does not mean it is a valid password.
57 HashCache *Cache `json:"hash_cache,omitempty"`
58
59 Accounts map[string]Account `json:"-"`
60 Hash Comparer `json:"-"`
61
62 // fakePassword is used when a given user is not found,
63 // so that timing side-channels can be mitigated: it gives
64 // us something to hash and compare even if the user does
65 // not exist, which should have similar timing as a user
66 // account that does exist.
67 fakePassword []byte
68}
69
70// CaddyModule returns the Caddy module information.
71func (HTTPBasicAuth) CaddyModule() caddy.ModuleInfo {

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected