nicoeri/filebrowser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adjustment based on the review

Browse Source
This commit is contained in:
Marvin Weck 2018-08-06 16:12:36 +02:00
parent d821395097
commit 94fc3f03d5
1 changed files with 30 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
http/auth.go
View File

@ -54,11 +54,22 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
if c.NoAuth {
// NoAuth instances shouldn't call this method.
return 0, nil
} else if c.AuthMethod == "proxy" {
// Receive the Username from the Header.
cred.Username = r.Header.Get(c.LoginHeader)
} else {
}
if c.AuthMethod == "proxy" {
// Receive the Username from the Header and check if it exists.
u, err := c.Store.Users.GetByUsername(r.Header.Get(c.LoginHeader), c.NewFS)
if err != nil {
return http.StatusForbidden, nil
}
c.User = u
return printToken(c, w)
}
// Receive the credentials from the request and unmarshal them.
var cred cred
if r.Body == nil {
return http.StatusForbidden, nil
}
@ -79,7 +90,6 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
return http.StatusForbidden, nil
}
}
}
// Checks if the user exists.
u, err := c.Store.Users.GetByUsername(cred.Username, c.NewFS)
@ -87,12 +97,10 @@ func authHandler(c *fb.Context, w http.ResponseWriter, r *http.Request) (int, er
return http.StatusForbidden, nil
}
if c.AuthMethod != "proxy" {
// Checks if the password is correct.
if !fb.CheckPasswordHash(cred.Password, u.Password) {
return http.StatusForbidden, nil
}
}
c.User = u
return printToken(c, w)