I would also add that you’re mixing up HTTP Basic Auth with Authorization Bearer - those are two different things.
If you want to try the Authorization Bearer approach, here’s a quick-and-dirty Caddyfile. Feel free to tweak it as needed:
{
http_port 8080
}
:8080 {
@apiToken {
header Authorization "Bearer 067D5328-2E4D-45BE-B57B-C6641F933B8E"
}
handle @apiToken {
respond "API section"
}
respond "Unauthorized" 401
}
$ caddy run --config Caddyfile
And here are my curl tests:
$ curl http://localhost:8080
Unauthorized
$ curl http://localhost:8080 -H 'Authorization: Bearer 067D5328-2E4D-45BE-B57B-C6641F933B8E'
API section
The token 067D5328-2E4D-45BE-B57B-C6641F933B8E is just an example - be sure to replace it with your own. You can generate one using the uuidgen command. Also, make sure to use HTTPS rather than HTTP.