MCPcopy
hub / github.com/filebrowser/filebrowser / Auth

Method Auth

auth/json.go:33–74  ·  view source on GitHub ↗

Auth authenticates the user via a json in content body.

(r *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server)

Source from the content-addressed store, hash-verified

31
32// Auth authenticates the user via a json in content body.
33func (a JSONAuth) Auth(r *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server) (*users.User, error) {
34 var cred jsonCred
35
36 if r.Body == nil {
37 return nil, os.ErrPermission
38 }
39
40 err := json.NewDecoder(r.Body).Decode(&cred)
41 if err != nil {
42 return nil, os.ErrPermission
43 }
44
45 // If ReCaptcha is enabled, check the code.
46 if a.ReCaptcha != nil && a.ReCaptcha.Secret != "" {
47 ok, err := a.ReCaptcha.Ok(cred.ReCaptcha)
48
49 if err != nil {
50 return nil, err
51 }
52
53 if !ok {
54 return nil, os.ErrPermission
55 }
56 }
57
58 u, err := usr.Get(srv.Root, srv.FollowExternalSymlinks, cred.Username)
59
60 hash := dummyHash
61 if err == nil {
62 hash = u.Password
63 }
64
65 if !users.CheckPwd(cred.Password, hash) {
66 return nil, os.ErrPermission
67 }
68
69 if err != nil {
70 return nil, os.ErrPermission
71 }
72
73 return u, nil
74}
75
76// LoginPage tells that json auth doesn't require a login page.
77func (a JSONAuth) LoginPage() bool {

Callers

nothing calls this directly

Calls 3

CheckPwdFunction · 0.92
OkMethod · 0.80
GetMethod · 0.65

Tested by

no test coverage detected