working commit

app/handler/authmw.go

@@ -36,9 +36,14 @@ func (hand *Handler) CheckAccess(rctx *router.Context) (bool, error) {
 	var res bool
 
 	authHeader := rctx.GetHeader("Authorization")
-	hand.logg.Debugf("Authorization header is %s", authHeader)
-	username, password, err := auxhttp.ParseBasicAuth(authHeader)
-	hand.logg.Debugf("Authorization username is %s:%s", username, password)
+        if authHeader != "" {
+                hand.logg.Debugf("Authorization header is %s", authHeader)
+                username, password, err := auxhttp.ParseBasicAuth(authHeader)
+                if err != nil {
+                        return res, err
+                }
+                hand.logg.Debugf("Authorization username is %s:%s", username, password)
+        }
 
 	res = true
 

app/handler/blob.go

@@ -22,15 +22,8 @@ func (hand *Handler) BlobExists(rctx *router.Context) {
 	name, _ := rctx.GetSubpath("name")
 	digest, _ := rctx.GetSubpath("digest")
 
-	auth := rctx.GetHeader("Authorization")
 	hand.DumpHeaders("BlobExists", rctx)
 
-	if auth == "" {
-		rctx.SetHeader("WWW-Authenticate", `Basic realm="mstore"`)
-		rctx.SetStatus(http.StatusUnauthorized)
-		return
-	}
-
 	params := &operator.BlobExistsParams{
 		Name:   name,
 		Digest: digest,

app/handler/version.go

@@ -10,6 +10,8 @@
 package handler
 
 import (
+        "net/http"
+
 	"mstore/app/operator"
 	"mstore/app/router"
 )
@@ -19,7 +21,12 @@ func (hand *Handler) GetVersion(rctx *router.Context) {
 	params := &operator.GetVersionParams{}
 
 	hand.DumpHeaders("GetVersion", rctx)
-
+        authorization := rctx.GetHeader("Authorization")
+        if authorization == "" {
+                rctx.SetHeader("WWW-Authenticate", `Basic realm="mstore"`)
+                rctx.SetStatus(http.StatusUnauthorized)
+                return
+        }
 	ctx := rctx.GetContext()
 	_, code, err := hand.oper.GetVersion(ctx, params)
 	if err != nil {