MCPcopy
hub / github.com/filebrowser/filebrowser / authenticateShareRequest

Function authenticateShareRequest

http/public.go:137–162  ·  view source on GitHub ↗
(r *http.Request, l *share.Link)

Source from the content-addressed store, hash-verified

135})
136
137func authenticateShareRequest(r *http.Request, l *share.Link) (int, error) {
138 if l.PasswordHash == "" {
139 return 0, nil
140 }
141
142 if subtle.ConstantTimeCompare([]byte(r.URL.Query().Get("token")), []byte(l.Token)) == 1 {
143 return 0, nil
144 }
145
146 password := r.Header.Get("X-SHARE-PASSWORD")
147 password, err := url.QueryUnescape(password)
148 if err != nil {
149 return 0, err
150 }
151 if password == "" {
152 return http.StatusUnauthorized, nil
153 }
154 if err := bcrypt.CompareHashAndPassword([]byte(l.PasswordHash), []byte(password)); err != nil {
155 if errors.Is(err, bcrypt.ErrMismatchedHashAndPassword) {
156 return http.StatusUnauthorized, nil
157 }
158 return 0, err
159 }
160
161 return 0, nil
162}
163
164func healthHandler(w http.ResponseWriter, _ *http.Request) {
165 w.WriteHeader(http.StatusOK)

Callers 1

public.goFile · 0.85

Calls 1

GetMethod · 0.65

Tested by

no test coverage detected