Adjustment based on the review

http/auth.go

@@ -54,11 +54,22 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
 	if c.NoAuth {
 		// NoAuth instances shouldn't call this method.
 		return 0, nil
-	} else if c.AuthMethod == "proxy" {
+	}
-		// Receive the Username from the Header.
+
-		cred.Username = r.Header.Get(c.LoginHeader)
+	if c.AuthMethod == "proxy" {
-	} else {
+		// Receive the Username from the Header and check if it exists.
+		u, err := c.Store.Users.GetByUsername(r.Header.Get(c.LoginHeader), c.NewFS)
+		if err != nil {
+			return http.StatusForbidden, nil
+		}
+
+		c.User = u
+		return printToken(c, w)
+	}
+
 	// Receive the credentials from the request and unmarshal them.
+	var cred cred
+
 	if r.Body == nil {
 		return http.StatusForbidden, nil
 	}
@@ -79,7 +90,6 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
 			return http.StatusForbidden, nil
 		}
 	}
-	}
 
 	// Checks if the user exists.
 	u, err := c.Store.Users.GetByUsername(cred.Username, c.NewFS)
@@ -87,12 +97,10 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
 		return http.StatusForbidden, nil
 	}
 
-	if c.AuthMethod != "proxy" {
 	// Checks if the password is correct.
 	if !fb.CheckPasswordHash(cred.Password, u.Password) {
 		return http.StatusForbidden, nil
 	}
-	}
 
 	c.User = u
 	return printToken(c, w)