Here we go

CHANGELOG.md

@@ -0,0 +1,6 @@
+
+# v1.0.0
+## 07/01/2016
+
+1. [](#new)
+    * ChangeLog started...

LICENSE

@@ -0,0 +1,25 @@
+# DON'T BE A DICK PUBLIC LICENSE
+
+> Copyright (C) 2016 Florent Hernandez <[email protected]>
+
+ Everyone is permitted to copy and distribute verbatim or modified
+ copies of this license document, and changing it is allowed as long
+ as the name is changed.
+
+> DON'T BE A DICK PUBLIC LICENSE
+> TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+ 1. Do whatever you like with the original work, just don't be a dick.
+
+     Being a dick includes - but is not limited to - the following instances:
+
+     1a. Outright copyright infringement - Don't just copy this and change the name.  
+     1b. Selling the unmodified original with no work done what-so-ever, that's REALLY being a dick.  
+     1c. Modifying the original work to contain hidden harmful content. That would make you a PROPER dick.  
+
+ 2. If you become rich through modifications, related works/services, or supporting the original work,
+ share the love. Only a dick would make loads off this work and not buy the original work's 
+ creator(s) a pint.
+
+ 3. Code is provided with no warranty. Using somebody else's code and bitching when it goes wrong makes 
+ you a DONKEY dick. Fix the problem yourself. A non-dick would submit the fix back.

README.md

@@ -0,0 +1,3 @@
+# Grav HTTP Auth Basic Plugin
+
+Allow user authentication via Basic access authentication

blueprints.yaml

@@ -0,0 +1,15 @@
+name: HTTP Basic Authentication
+version: 1.0.0
+description: Enables usage of basic authentication.
+icon: sign-in
+author:
+  name: lithrel
+  email: [email protected]
+  url: http://braindump.randomdomainname.net
+homepage: https://github.com/lithrel/grav-plugin-httpbasicauth
+keywords: login, authentication
+bugs: https://github.com/lithrel/grav-plugin-httpbasicauth/issues
+license: DBAD
+
+dependencies:
+  - login

hebe.json

@@ -0,0 +1,15 @@
+{
+   "project":"grav-plugin-httpbasicauth",
+   "platforms":{
+      "grav":{
+         "nodes":{
+            "plugin":[
+               {
+                  "source":"/",
+                  "destination":"/user/plugins/httpbasicauth"
+               }
+            ]
+         }
+      }
+   }
+}

httpbasicauth.php

@@ -0,0 +1,97 @@
+<?php
+namespace Grav\Plugin;
+
+use Grav\Common\File\CompiledYamlFile;
+use Grav\Common\Plugin;
+use Grav\Common\User\User;
+
+class HttpbasicauthPlugin extends Plugin
+{
+    /**
+     * @return array
+     */
+    public static function getSubscribedEvents()
+    {
+        return [
+            'onPageInitialized' => ['checkAuthentication', 1], // before LoginPlugin
+        ];
+    }
+
+    /**
+     * Check user authentication
+     *
+     * @return bool
+     */
+    public function checkAuthentication()
+    {
+        /** @var User $user */
+        $user = $this->grav['user'];
+
+        // Already identified
+        if ($user->authenticated) {
+            return;
+        }
+
+        // HTTP Basic Auth values
+        $auth = self::extractFromHeaders();
+
+        // Nothing to read
+        if (empty($auth['username']) || empty($auth['password'])) {
+            return;
+        }
+
+        $this->authenticate($auth['username'], $auth['password']);
+    }
+
+    /**
+     * Authenticate user
+     *
+     * @param  string $username
+     * @param  string $password
+     * @return bool
+     */
+    protected function authenticate($username, $password)
+    {
+        if (empty($username) || empty($password)) {
+            return false;
+        }
+
+        // Normal login process
+        $user = User::load($username);
+        if (!$user->exists()) {
+            return false;
+        }
+
+        // Failed authentication
+        if (!$result = $user->authenticate($password)) {
+            return false;
+        }
+
+        // Success
+        $this->grav['session']->user = $user;
+        unset($this->grav['user']);
+        $this->grav['user'] = $user;
+        return $user->authenticated = $user->authorize('site.login');
+    }
+
+    /**
+     * Extract username/password from headers
+     *
+     * @return array
+     */
+    public static function extractFromHeaders()
+    {
+        $username = !empty($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null;
+        $password = !empty($_SERVER['PHP_AUTH_PWD']) ? $_SERVER['PHP_AUTH_PWD'] : null;
+        $httpAuth = !empty($_SERVER['HTTP_AUTHORIZATION']) ? $_SERVER['HTTP_AUTHORIZATION'] : null;
+
+        if ((empty($username) || empty($password)) && !empty($httpAuth)) {
+            list($type, $authString) = explode(' ', $httpAuth);
+            if (strcasecmp($type, 'Basic') === 0) {
+                list($username, $password) = explode(':', base64_decode($authString));
+            }
+        }
+
+        return ['username' => $username, 'password' => $password];
+    }
+}

httpbasicauth.yaml

@@ -0,0 +1 @@
+enabled: true