fix: always send www-authenticate header with 401

Signed-off-by: Thorsten Hans <[email protected]>
fermyon · Jan 15, 2025 · fa1880c · fa1880c
1 parent 7acc462
commit fa1880c
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 15 deletions.
diff --git a/src/bartholomew.rs b/src/bartholomew.rs
@@ -52,9 +52,8 @@ fn has_credentials() -> bool {
 pub fn render(req: Request) -> Result<Response> {
     if has_credentials() {
         match is_authenticated(&req) {
-            Ok(false) => return response::send_unauthorized(false),
             Ok(true) => (),
-            _ => return response::send_unauthorized(true),
+            _ => return response::send_unauthorized(),
         }
     }
     // Preview mode lets you see content marked as unpublished.

diff --git a/src/response.rs b/src/response.rs
@@ -93,19 +93,13 @@ pub fn send_redirect(route: String, location: String, status: u16) -> Result<Res
     Ok(bldr.body(None)?)
 }
 
-pub fn send_unauthorized(with_challenge: bool) -> Result<Response> {
-    if with_challenge {
-        let realm =
-            std::env::var(BASIC_AUTH_REALM).unwrap_or(FALLBACK_BASIC_AUTH_REALM.to_string());
-        let response_builder = Builder::new().status(401).header(
-            http::header::WWW_AUTHENTICATE,
-            format!("Basic realm=\"{}\"", realm),
-        );
-
-        return Ok(response_builder.body(None)?);
-    }
-
-    Ok(Builder::new().status(401).body(None)?)
+pub fn send_unauthorized() -> Result<Response> {
+    let realm = std::env::var(BASIC_AUTH_REALM).unwrap_or(FALLBACK_BASIC_AUTH_REALM.to_string());
+    let response_builder = Builder::new().status(401).header(
+        http::header::WWW_AUTHENTICATE,
+        format!("Basic realm=\"{}\"", realm),
+    );
+    Ok(response_builder.body(None)?)
 }
 /// Based on the Accept-Encoding header, return the best Content-Encoding.
 fn parse_encoding(enc: Option<&HeaderValue>) -> Result<ContentEncoding> {