From 2d25a53949f2591da6ffe2d2cf1e7e9aa25a1487 Mon Sep 17 00:00:00 2001
From: Paul Brinkmeier <hallo@pbrinkmeier.de>
Date: Thu, 18 Jul 2024 21:56:51 +0200
Subject: [PATCH] Send WWW-Authenticate along with 401 for RFC 7235 conformity

---
 README.md | 2 +-
 main.go   | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index ac5a864..05fbe3e 100644
--- a/README.md
+++ b/README.md
@@ -9,4 +9,4 @@
 - [x] Write ESP8266 client
 - [ ] Make port configurable
 - [ ] Transfer using JSON
-- [ ] Correctly implement basic auth
+- [x] Correctly implement basic auth
diff --git a/main.go b/main.go
index 54bc201..0baae7d 100644
--- a/main.go
+++ b/main.go
@@ -148,6 +148,7 @@ func main() {
 	http.HandleFunc("/departures", func(w http.ResponseWriter, r *http.Request) {
 		user, pass, ok := r.BasicAuth()
 		if !(ok && user == "admin" && pass == password) {
+			w.Header().Set("WWW-Authenticate", "Basic realm=\"Access to departure API\"")
 			http.Error(w, "You shall not pass", http.StatusUnauthorized)
 			return
 		}