Added server config and middleware to use password to protect endpoints.

cmd/csaf_provider/config.go

@@ -8,6 +8,7 @@ import (
 	"github.com/BurntSushi/toml"
 	"github.com/ProtonMail/gopenpgp/v2/crypto"
 	"github.com/csaf-poc/csaf_distribution/csaf"
+	"golang.org/x/crypto/bcrypt"
 )
 
 const (
@@ -19,6 +20,7 @@ const (
 )
 
 type config struct {
+	Password                *string         `toml:"password"`
 	Key                     string          `toml:"key"`
 	Folder                  string          `toml:"folder"`
 	Web                     string          `toml:"web"`
@@ -83,6 +85,11 @@ func (cfg *config) loadCryptoKey() (*crypto.Key, error) {
 	return crypto.NewKeyFromArmoredReader(f)
 }
 
+func (cfg *config) checkPassword(hash string) bool {
+	return cfg.Password == nil ||
+		bcrypt.CompareHashAndPassword([]byte(hash), []byte(*cfg.Password)) == nil
+}
+
 func loadConfig() (*config, error) {
 	path := os.Getenv(configEnv)
 	if path == "" {