feat: add option to send Basic Auth header with webhook requests (#2137)

Resolves https://github.com/go-vikunja/vikunja/issues/2136 Docs PR: https://github.com/go-vikunja/website/pull/284
2026-04-29 19:10:51 -05:00 · 2026-01-30 07:07:31 -07:00
parent a89b1bed85
commit cf029cef0c
9 changed files with 106 additions and 5 deletions
--- a/pkg/models/webhooks.go
+++ b/pkg/models/webhooks.go
@@ -55,6 +55,9 @@ type Webhook struct {
 	ProjectID int64 `xorm:"bigint not null index" json:"project_id" param:"project"`
 	// If provided, webhook requests will be signed using HMAC. Check out the docs about how to use this: https://vikunja.io/docs/webhooks/#signing
 	Secret string `xorm:"null" json:"secret"`
+	// If provided, webhook requests will be sent with a Basic Auth header.
+	BasicAuthUser     string `xorm:"null" json:"basic_auth_user"`
+	BasicAuthPassword string `xorm:"null" json:"basic_auth_password"`

 	// The user who initially created the webhook target.
 	CreatedBy   *user.User `xorm:"-" json:"created_by" valid:"-"`
@@ -289,6 +292,10 @@ func (w *Webhook) sendWebhookPayload(p *WebhookPayload) (err error) {
 		req.Header.Add("X-Vikunja-Signature", signature)
 	}

+	if len(w.BasicAuthUser) > 0 && len(w.BasicAuthPassword) > 0 {
+		req.Header.Add("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte(w.BasicAuthUser+":"+w.BasicAuthPassword)))
+	}
+
 	req.Header.Add("User-Agent", "Vikunja/"+version.Version)
 	req.Header.Add("Content-Type", "application/json")