asp/keep
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add WWW-Authenticate header for 401 responses

Browse Source 
Co-authored-by: aider (openai/andrew/openrouter/deepseek/deepseek-chat-v3.1) <aider@aider.chat>
This commit is contained in:
Andrew Phillips
2025-08-28 16:18:28 -03:00
parent 9b793fa7ba
commit b8f42ed03f
1 changed files with 8 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/modes/server/common.rs
View File

@@ -238,7 +238,14 @@ pub fn create_auth_middleware(
if !check_auth(&headers, &password, &password_hash) { if !check_auth(&headers, &password, &password_hash) {
warn!("Unauthorized request to {} from {}", uri, addr); warn!("Unauthorized request to {} from {}", uri, addr);
return Err(StatusCode::UNAUTHORIZED); // Add WWW-Authenticate header to trigger basic auth in browsers
let mut response = Response::new(axum::body::Body::from("Unauthorized"));
*response.status_mut() = StatusCode::UNAUTHORIZED;
response.headers_mut().insert(
"www-authenticate",
"Basic realm=\"Keep Server\", charset=\"UTF-8\"".parse().unwrap(),
);
return Ok(response);
} }
let response = next.run(request).await; let response = next.run(request).await;