From 44b429b4597913cb682eeaba1dae6b4a4b9ef54f Mon Sep 17 00:00:00 2001
From: Dan Sosedoff <dan.sosedoff@gmail.com>
Date: Wed, 29 Oct 2014 19:45:12 -0500
Subject: [PATCH] Implement HTTP basic authentication

---
 README.md | 22 ++++++++++++----------
 main.go   |  8 ++++++++
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md
index 94ff6b4..e0bf48a 100644
--- a/README.md
+++ b/README.md
@@ -68,16 +68,18 @@ Usage:
   pgweb [OPTIONS]
 
 Application Options:
-  -v, --version  Print version
-  -d, --debug    Enable debugging mode (false)
-      --url=     Database connection string
-      --host=    Server hostname or IP (localhost)
-      --port=    Server port (5432)
-      --user=    Database user (postgres)
-      --pass=    Password for user
-      --db=      Database name (postgres)
-      --ssl=     SSL option (disable)
-      --listen=  HTTP server listen port (8080)
+  -v, --version    Print version
+  -d, --debug      Enable debugging mode (false)
+      --url=       Database connection string
+      --host=      Server hostname or IP (localhost)
+      --port=      Server port (5432)
+      --user=      Database user (postgres)
+      --pass=      Password for user
+      --db=        Database name (postgres)
+      --ssl=       SSL option (disable)
+      --listen=    HTTP server listen port (8080)
+      --auth-user= HTTP basic auth user
+      --auth-pass= HTTP basic auth password
 ```
 
 ## Compile from source
diff --git a/main.go b/main.go
index 24622b5..8b0b4e3 100644
--- a/main.go
+++ b/main.go
@@ -23,6 +23,8 @@ var options struct {
 	DbName   string `long:"db" description:"Database name" default:"postgres"`
 	Ssl      string `long:"ssl" description:"SSL option" default:"disable"`
 	HttpPort uint   `long:"listen" description:"HTTP server listen port" default:"8080"`
+	AuthUser string `long:"auth-user" description:"HTTP basic auth user"`
+	AuthPass string `long:"auth-pass" description:"HTTP basic auth password"`
 }
 
 var dbClient *Client
@@ -96,6 +98,12 @@ func initOptions() {
 func startServer() {
 	router := gin.Default()
 
+	// Enable HTTP basic authentication only if both user and password are set
+	if options.AuthUser != "" && options.AuthPass != "" {
+		auth := map[string]string{options.AuthUser: options.AuthPass}
+		router.Use(gin.BasicAuth(auth))
+	}
+
 	router.GET("/", API_Home)
 	router.GET("/databases", API_GetDatabases)
 	router.GET("/info", API_Info)