Complete these tasks to reinforce what you learned in this module.
In an axum handler, read the Authorization header. If it is Basic <base64> and the decoded value is admin:secret, return 200 with body "ok". Otherwise return 401 with body "unauthorized". Use Request extractor and req.headers().get("authorization"). Decode base64 with the base64 crate.
"Basic <base64>". Decode the base64 part to get username:password, then split and compare to the expected credentials. The theory and example show the flow.// Task 1: Basic auth. See tasks/TASKS.md.
fn main() {
todo!("Handler: Basic auth admin:secret -> 200, else 401");
}
Read the Authorization header. If it is Bearer secret-token, return 200 with body "authenticated". Otherwise return 401. No JWT; just a fixed string check.
"Bearer " and the rest equals the expected token. You can use strip_prefix or manual slicing.// Task 2: Bearer token. See tasks/TASKS.md.
fn main() {
todo!("Handler: Bearer secret-token -> 200, else 401");
}