Add solution for Challenge 5 by tufstraka (#1581)

tufstraka · web-flow · commit 8f4dde6f57a8 · 2026-04-13T02:23:23.000Z
Auto-merged after 2 days with all checks passing. PR: #1581 Author: @tufstraka
diff --git a/challenge-5/submissions/tufstraka/solution-template.go b/challenge-5/submissions/tufstraka/solution-template.go
@@ -0,0 +1,56 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+)
+
+const validToken = "secret"
+
+// AuthMiddleware checks the "X-Auth-Token" header.
+// If it's "secret", call the next handler.
+// Otherwise, respond with 401 Unauthorized.
+func AuthMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		
+		token := r.Header.Get("X-Auth-Token")
+		
+		if token == "" || token != validToken {
+		    http.Error(w,"", http.StatusUnauthorized)
+		    
+		    return
+		}
+		
+		next.ServeHTTP(w, r)
+	})
+}
+
+// helloHandler returns "Hello!" on GET /hello
+func helloHandler(w http.ResponseWriter, r *http.Request) {
+	fmt.Fprint(w, "Hello!")
+}
+
+// secureHandler returns "You are authorized!" on GET /secure
+func secureHandler(w http.ResponseWriter, r *http.Request) {
+	fmt.Fprint(w, "You are authorized!")
+}
+
+// SetupServer configures the HTTP routes with the authentication middleware.
+func SetupServer() http.Handler {
+	mux := http.NewServeMux()
+
+	// Public route: /hello (no auth required)
+	mux.HandleFunc("/hello", helloHandler)
+
+	// Secure route: /secure
+	// Wrap with AuthMiddleware
+	secureRoute := http.HandlerFunc(secureHandler)
+	mux.Handle("/secure", AuthMiddleware(secureRoute))
+
+	return mux
+}
+
+func main() {
+	// Optional: you can run a real server for local testing
+	http.ListenAndServe(":8080", SetupServer())
+}
