+
+func (rtr *router) mgmtAuth(h http.Handler) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ if rtr.Config.ManagementToken == "" {
+ http.Error(w, "disabled", http.StatusNotFound)
+ } else if ah := r.Header.Get("Authorization"); ah == "" {
+ http.Error(w, "authorization required", http.StatusUnauthorized)
+ } else if ah != "Bearer "+rtr.Config.ManagementToken {
+ http.Error(w, "authorization error", http.StatusForbidden)
+ } else {
+ h.ServeHTTP(w, r)
+ }
+ })
+}
+
+func (rtr *router) jsonHandler(fn func() interface{}) http.Handler {
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ logger := logger(r.Context())
+ w.Header().Set("Content-Type", "application/json")
+ enc := json.NewEncoder(w)
+ err := enc.Encode(fn())
+ if err != nil {
+ msg := "encode failed"
+ logger.WithError(err).Error(msg)
+ http.Error(w, msg, http.StatusInternalServerError)
+ }
+ })
+}