From 3db298ec3eca0ed94cb7912f660df7dd1f4582e0 Mon Sep 17 00:00:00 2001
From: plutorocks <>
Date: Thu, 26 Feb 2026 21:30:32 +0000
Subject: initial commit

---
 admin_auih.go | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)
 create mode 100644 admin_auih.go

(limited to 'admin_auih.go')

diff --git a/admin_auih.go b/admin_auih.go
new file mode 100644
index 0000000..7bb97aa
--- /dev/null
+++ b/admin_auih.go
@@ -0,0 +1,44 @@
+// admin_auth.go
+package main
+
+import (
+	"net/http"
+	"os"
+)
+
+type AdminAuth struct {
+	users map[string]string
+}
+
+func newAdminAuthFromEnv() *AdminAuth {
+	users := make(map[string]string)
+	u1 := os.Getenv("ADMIN_USER")
+	p1 := os.Getenv("ADMIN_PASS")
+	if u1 != "" && p1 != "" {
+		users[u1] = p1
+	}
+	u2 := os.Getenv("ADMIN_USER2")
+	p2 := os.Getenv("ADMIN_PASS2")
+	if u2 != "" && p2 != "" {
+		users[u2] = p2
+	}
+	return &AdminAuth{users: users}
+}
+
+func (a *AdminAuth) requireAdmin(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		user, pass, ok := r.BasicAuth()
+		if !ok {
+			w.Header().Set("WWW-Authenticate", "Basic realm=\"bridge-admin\"")
+			w.WriteHeader(http.StatusUnauthorized)
+			return
+		}
+		expected, ok := a.users[user]
+		if !ok || expected != pass {
+			w.Header().Set("WWW-Authenticate", "Basic realm=\"bridge-admin\"")
+			w.WriteHeader(http.StatusUnauthorized)
+			return
+		}
+		next.ServeHTTP(w, r)
+	})
+}
\ No newline at end of file
-- 
cgit v1.2.3