protocol: check basic auth on ws connection

diff --git a/src/protocol.c b/src/protocol.c
index 8aa2021781a2b94b3550ea3671d725d03e66b8c2..43dc441c02d499baabf02a78f5f8c87d8e1e0667 100644 (file)
--- a/src/protocol.c
+++ b/src/protocol.c
@@ -155,6 +155,10 @@ int callback_tty(struct lws *wsi, enum lws_callback_reasons reason, void *user,
         lwsl_warn("refuse to serve WS client due to the --max-clients option.\n");
         return 1;
       }
+      if (server->credential != NULL) {
+        n = lws_hdr_copy(wsi, buf, sizeof(buf), WSI_TOKEN_HTTP_AUTHORIZATION);
+        if (n < 7 || !strstr(buf, "Basic ") || strcmp(buf +6, server->credential)) return 1;
+      }
 
       n = lws_hdr_copy(wsi, pss->path, sizeof(pss->path), WSI_TOKEN_GET_URI);
 #if defined(LWS_ROLE_H2)