Auth authenticates the user via a json in content body.
(r *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server)
| 31 | |
| 32 | // Auth authenticates the user via a json in content body. |
| 33 | func (a JSONAuth) Auth(r *http.Request, usr users.Store, _ *settings.Settings, srv *settings.Server) (*users.User, error) { |
| 34 | var cred jsonCred |
| 35 | |
| 36 | if r.Body == nil { |
| 37 | return nil, os.ErrPermission |
| 38 | } |
| 39 | |
| 40 | err := json.NewDecoder(r.Body).Decode(&cred) |
| 41 | if err != nil { |
| 42 | return nil, os.ErrPermission |
| 43 | } |
| 44 | |
| 45 | // If ReCaptcha is enabled, check the code. |
| 46 | if a.ReCaptcha != nil && a.ReCaptcha.Secret != "" { |
| 47 | ok, err := a.ReCaptcha.Ok(cred.ReCaptcha) |
| 48 | |
| 49 | if err != nil { |
| 50 | return nil, err |
| 51 | } |
| 52 | |
| 53 | if !ok { |
| 54 | return nil, os.ErrPermission |
| 55 | } |
| 56 | } |
| 57 | |
| 58 | u, err := usr.Get(srv.Root, srv.FollowExternalSymlinks, cred.Username) |
| 59 | |
| 60 | hash := dummyHash |
| 61 | if err == nil { |
| 62 | hash = u.Password |
| 63 | } |
| 64 | |
| 65 | if !users.CheckPwd(cred.Password, hash) { |
| 66 | return nil, os.ErrPermission |
| 67 | } |
| 68 | |
| 69 | if err != nil { |
| 70 | return nil, os.ErrPermission |
| 71 | } |
| 72 | |
| 73 | return u, nil |
| 74 | } |
| 75 | |
| 76 | // LoginPage tells that json auth doesn't require a login page. |
| 77 | func (a JSONAuth) LoginPage() bool { |