addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
async function handleRequest(request) {
const NAME = AUTH_USERNAME // env variable
const PASS = AUTH_PASSWORD // env variable
const headers = new Headers({
'WWW-Authenticate': 'Basic realm="User Visible Realm"',
})
const authorization = request.headers.get('Authorization')
if (!authorization) {
return new Response('Unauthorized', {
status: 401,
headers: headers
})
}
const encoded = authorization.split(' ')[1]
const decoded = atob(encoded)
const credentials = decoded.split(':')
if (credentials[0] !== NAME || credentials[1] !== PASS) {
return new Response('Invalid credentials', {
status: 401,
headers: headers
})
}
return fetch(request)
}