(req *http.Request, writer http.ResponseWriter)
| 159 | } |
| 160 | |
| 161 | func (a *AuthMiddleware) BasicAuthCheckMiddlewareWithHttp(req *http.Request, writer http.ResponseWriter) (token *jwt.Token, err error) { |
| 162 | token = nil |
| 163 | authHeaderValue := req.Header.Get("Authorization") |
| 164 | bearerValueParts := strings.Split(authHeaderValue, " ") |
| 165 | if len(bearerValueParts) < 2 { |
| 166 | return |
| 167 | } |
| 168 | |
| 169 | tokenString := bearerValueParts[1] |
| 170 | tokenValue, err := base64.StdEncoding.DecodeString(tokenString) |
| 171 | if err != nil { |
| 172 | return |
| 173 | } |
| 174 | tokenValueParts := strings.Split(string(tokenValue), ":") |
| 175 | username := tokenValueParts[0] |
| 176 | password := "" |
| 177 | if len(tokenValueParts) > 1 { |
| 178 | password = tokenValueParts[1] |
| 179 | } |
| 180 | transaction, err := a.db.Beginx() |
| 181 | if err != nil { |
| 182 | CheckErr(err, "Failed to begin transaction [168]") |
| 183 | return |
| 184 | } |
| 185 | |
| 186 | existingPasswordHash, err := a.userCrud.GetUserPassword(username, transaction) |
| 187 | transaction.Rollback() |
| 188 | if err != nil { |
| 189 | return |
| 190 | } |
| 191 | |
| 192 | if BcryptCheckStringHash(password, existingPasswordHash) { |
| 193 | token = &jwt.Token{ |
| 194 | Claims: jwt.MapClaims{ |
| 195 | "name": strings.Split(username, "@")[0], |
| 196 | "email": username, |
| 197 | "sub": username, |
| 198 | }, |
| 199 | } |
| 200 | } |
| 201 | |
| 202 | return |
| 203 | } |
| 204 | |
| 205 | func BcryptCheckStringHash(newString, hash string) bool { |
| 206 | err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(newString)) |
no test coverage detected