Add ability to set authenticated user in request header (#889)

* Add ability to set authenticated user in request header Some web applications provide the ability to authorize users based on the authenticated from Basic Auth. This patch provides a way to set a key to which the authenticated user can be set in the Header. For example, if I set `HeaderValue = "X-WebAuth-User"` and authenticate, my application will be able to read my user name from that header and provide me with the proper access. This fixes #802
2016-12-16 07:42:51 -08:00 · 2016-12-16 07:42:51 -08:00 · 94bb7a1435
commit 94bb7a1435
parent 913a297e8d
4 changed files with 59 additions and 3 deletions
--- a/middlewares/authenticator.go
+++ b/middlewares/authenticator.go
@ -31,9 +31,13 @@ func NewAuthenticator(authConfig *types.Auth) (*Authenticator, error) {
 		basicAuth := auth.NewBasicAuthenticator("traefik", authenticator.secretBasic)
 		authenticator.handler = negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 			if username := basicAuth.CheckAuth(r); username == "" {
-				log.Debugf("Auth failed...")
+				log.Debugf("Basic auth failed...")
 				basicAuth.RequireAuth(w, r)
 			} else {
+				log.Debugf("Basic auth success...")
+				if authConfig.HeaderField != "" {
+					r.Header[authConfig.HeaderField] = []string{username}
+				}
 				next.ServeHTTP(w, r)
 			}
 		})
@ -45,8 +49,13 @@ func NewAuthenticator(authConfig *types.Auth) (*Authenticator, error) {
 		digestAuth := auth.NewDigestAuthenticator("traefik", authenticator.secretDigest)
 		authenticator.handler = negroni.HandlerFunc(func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
 			if username, _ := digestAuth.CheckAuth(r); username == "" {
+				log.Debugf("Digest auth failed...")
 				digestAuth.RequireAuth(w, r)
 			} else {
+				log.Debugf("Digest auth success...")
+				if authConfig.HeaderField != "" {
+					r.Header[authConfig.HeaderField] = []string{username}
+				}
 				next.ServeHTTP(w, r)
 			}
 		})