MCPcopy
hub / github.com/perkeep/perkeep / AllowedAccess

Method AllowedAccess

pkg/auth/auth.go:244–268  ·  view source on GitHub ↗
(req *http.Request)

Source from the content-addressed store, hash-verified

242}
243
244func (up *UserPass) AllowedAccess(req *http.Request) Operation {
245 user, pass, err := httputil.BasicAuth(req)
246 if err == nil {
247 if subtle.ConstantTimeCompare([]byte(user), []byte(up.Username)) == 1 {
248 if subtle.ConstantTimeCompare([]byte(pass), []byte(up.Password)) == 1 {
249 return OpAll
250 }
251 if up.VivifyPass != nil && subtle.ConstantTimeCompare([]byte(pass), []byte(*up.VivifyPass)) == 1 {
252 return OpVivify
253 }
254 }
255 }
256
257 if authTokenHeaderMatches(req) {
258 return OpAll
259 }
260 if websocketTokenMatches(req) {
261 return OpAll
262 }
263 if up.OrLocalhost && httputil.IsLocalhost(req) {
264 return OpAll
265 }
266
267 return 0
268}
269
270func (up *UserPass) AddAuthHeader(req *http.Request) {
271 req.SetBasicAuth(up.Username, up.Password)

Callers

nothing calls this directly

Calls 4

BasicAuthFunction · 0.92
IsLocalhostFunction · 0.92
authTokenHeaderMatchesFunction · 0.85
websocketTokenMatchesFunction · 0.85

Tested by

no test coverage detected