BasicAuth fails in scary ways when using Classic() + static content

[geofffranks]

Based on the readme, I should be able to do something like:

m := martini.Classic()
m.Use(auth.Basic("username", "secretpassword"))
m.Run()

However, when serving static files via "./public" under Classic mode, none of the static files are authenticated, unless their content does not exist (all content that exists is not subject to basic auth).

You can verify the tests by modifying them like this:

diff --git a/basic_test.go b/basic_test.go
index b4f057b..616d756 100644
--- a/basic_test.go
+++ b/basic_test.go
@@ -13,11 +13,14 @@ func Test_BasicAuth(t *testing.T) {

        auth := "Basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar"))

-       m := martini.New()
+       m := martini.Classic()
        m.Use(Basic("foo", "bar"))
        m.Use(func(res http.ResponseWriter, req *http.Request, u User) {
                res.Write([]byte("hello " + u))
        })
+       m.Get("/foo", func() string {
+               return "bar"
+       })

        r, _ := http.NewRequest("GET", "foo", nil)

If the "public/foo" file exists, tests fail with this:

$ go test
[martini] Started GET foo for
[martini] [Static] Serving foo
[martini] Completed 200 OK in 5.934997ms
[martini] Started GET foo for
[martini] [Static] Serving foo
[martini] Completed 200 OK in 43.234µs
--- FAIL: Test_BasicAuth (0.01s)
    basic_test.go:30: Response not 401
    basic_test.go:46: Auth failed, got:
FAIL
exit status 1
FAIL    github.com/martini-contrib/auth 0.013s

If "public/foo" does not exist, tests pass:

$ go test
[martini] Started GET foo for
[martini] Completed 401 Unauthorized in 92.823µs
[martini] Started GET foo for
[martini] Completed 200 OK in 15.74µs
PASS
ok      github.com/martini-contrib/auth 0.007s