CheckAuthFlag checks whether the given authKey is set and valid Falls back to checkBasicAuth if authKey is not set
(w http.ResponseWriter, r *http.Request, expectedKey *flagutil.Password)
| 463 | // |
| 464 | // Falls back to checkBasicAuth if authKey is not set |
| 465 | func CheckAuthFlag(w http.ResponseWriter, r *http.Request, expectedKey *flagutil.Password) bool { |
| 466 | expectedValue := expectedKey.Get() |
| 467 | if expectedValue == "" { |
| 468 | return CheckBasicAuth(w, r) |
| 469 | } |
| 470 | if len(r.FormValue("authKey")) == 0 { |
| 471 | authKeyRequestErrors.Inc() |
| 472 | http.Error(w, fmt.Sprintf("Expected to receive non-empty authKey when -%s is set", expectedKey.Name()), http.StatusUnauthorized) |
| 473 | return false |
| 474 | } |
| 475 | if r.FormValue("authKey") != expectedValue { |
| 476 | authKeyRequestErrors.Inc() |
| 477 | http.Error(w, fmt.Sprintf("The provided authKey doesn't match -%s", expectedKey.Name()), http.StatusUnauthorized) |
| 478 | return false |
| 479 | } |
| 480 | return true |
| 481 | } |
| 482 | |
| 483 | // CheckBasicAuth validates credentials provided in request if httpAuth.* flags are set |
| 484 | // returns true if credentials are valid or httpAuth.* flags are not set |
searching dependent graphs…