(req *http.Request)
| 301 | } |
| 302 | |
| 303 | func (da *DevAuth) AllowedAccess(req *http.Request) Operation { |
| 304 | _, pass, err := httputil.BasicAuth(req) |
| 305 | if err == nil { |
| 306 | if pass == da.Password { |
| 307 | return OpAll |
| 308 | } |
| 309 | if da.VivifyPass != nil && pass == *da.VivifyPass { |
| 310 | return OpVivify |
| 311 | } |
| 312 | } |
| 313 | |
| 314 | if authTokenHeaderMatches(req) { |
| 315 | return OpAll |
| 316 | } |
| 317 | if websocketTokenMatches(req) { |
| 318 | return OpAll |
| 319 | } |
| 320 | |
| 321 | // See if the local TCP port is owned by the same non-root user as this |
| 322 | // server. This check performed last as it may require reading from the |
| 323 | // kernel or exec'ing a program. |
| 324 | if httputil.IsLocalhost(req) { |
| 325 | return OpAll |
| 326 | } |
| 327 | |
| 328 | return 0 |
| 329 | } |
| 330 | |
| 331 | func (da *DevAuth) AddAuthHeader(req *http.Request) { |
| 332 | req.SetBasicAuth("", da.Password) |
nothing calls this directly
no test coverage detected