MCPcopy
hub / github.com/daptin/daptin / BasicAuthCheckMiddlewareWithHttp

Method BasicAuthCheckMiddlewareWithHttp

server/auth/auth.go:161–203  ·  view source on GitHub ↗
(req *http.Request, writer http.ResponseWriter)

Source from the content-addressed store, hash-verified

159}
160
161func (a *AuthMiddleware) BasicAuthCheckMiddlewareWithHttp(req *http.Request, writer http.ResponseWriter) (token *jwt.Token, err error) {
162 token = nil
163 authHeaderValue := req.Header.Get("Authorization")
164 bearerValueParts := strings.Split(authHeaderValue, " ")
165 if len(bearerValueParts) < 2 {
166 return
167 }
168
169 tokenString := bearerValueParts[1]
170 tokenValue, err := base64.StdEncoding.DecodeString(tokenString)
171 if err != nil {
172 return
173 }
174 tokenValueParts := strings.Split(string(tokenValue), ":")
175 username := tokenValueParts[0]
176 password := ""
177 if len(tokenValueParts) > 1 {
178 password = tokenValueParts[1]
179 }
180 transaction, err := a.db.Beginx()
181 if err != nil {
182 CheckErr(err, "Failed to begin transaction [168]")
183 return
184 }
185
186 existingPasswordHash, err := a.userCrud.GetUserPassword(username, transaction)
187 transaction.Rollback()
188 if err != nil {
189 return
190 }
191
192 if BcryptCheckStringHash(password, existingPasswordHash) {
193 token = &jwt.Token{
194 Claims: jwt.MapClaims{
195 "name": strings.Split(username, "@")[0],
196 "email": username,
197 "sub": username,
198 },
199 }
200 }
201
202 return
203}
204
205func BcryptCheckStringHash(newString, hash string) bool {
206 err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(newString))

Callers 1

Calls 5

CheckErrFunction · 0.70
BcryptCheckStringHashFunction · 0.70
GetMethod · 0.65
BeginxMethod · 0.65
GetUserPasswordMethod · 0.65

Tested by

no test coverage detected