From 425445f4430ebaacf6da23534eab969ed85b50d6 Mon Sep 17 00:00:00 2001 From: Simon Ser Date: Fri, 10 Jan 2020 19:35:55 +0100 Subject: [PATCH] Add Session.SetHTTPBasicAuth This is not 100% idiot-proof, but still makes it mroe difficult for plugins to steal credentials. --- session.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/session.go b/session.go index e753d84..743cbf7 100644 --- a/session.go +++ b/session.go @@ -7,6 +7,7 @@ import ( "fmt" "sync" "time" + "net/http" imapclient "github.com/emersion/go-imap/client" "github.com/emersion/go-sasl" @@ -104,6 +105,13 @@ func (s *Session) DoSMTP(f func(*smtp.Client) error) error { return nil } +// SetHTTPBasicAuth adds an Authorization header field to the request with +// this session's credentials. +func (s *Session) SetHTTPBasicAuth(req *http.Request) { + // TODO: find a way to make it harder for plugins to steal credentials + req.SetBasicAuth(s.username, s.password) +} + // Close destroys the session. This can be used to log the user out. func (s *Session) Close() { select {