(req *http.Request)
| 242 | } |
| 243 | |
| 244 | func (up *UserPass) AllowedAccess(req *http.Request) Operation { |
| 245 | user, pass, err := httputil.BasicAuth(req) |
| 246 | if err == nil { |
| 247 | if subtle.ConstantTimeCompare([]byte(user), []byte(up.Username)) == 1 { |
| 248 | if subtle.ConstantTimeCompare([]byte(pass), []byte(up.Password)) == 1 { |
| 249 | return OpAll |
| 250 | } |
| 251 | if up.VivifyPass != nil && subtle.ConstantTimeCompare([]byte(pass), []byte(*up.VivifyPass)) == 1 { |
| 252 | return OpVivify |
| 253 | } |
| 254 | } |
| 255 | } |
| 256 | |
| 257 | if authTokenHeaderMatches(req) { |
| 258 | return OpAll |
| 259 | } |
| 260 | if websocketTokenMatches(req) { |
| 261 | return OpAll |
| 262 | } |
| 263 | if up.OrLocalhost && httputil.IsLocalhost(req) { |
| 264 | return OpAll |
| 265 | } |
| 266 | |
| 267 | return 0 |
| 268 | } |
| 269 | |
| 270 | func (up *UserPass) AddAuthHeader(req *http.Request) { |
| 271 | req.SetBasicAuth(up.Username, up.Password) |
nothing calls this directly
no test coverage detected