MCPcopy Index your code
hub / github.com/sqlmapproject/sqlmap / check_authentication

Function check_authentication

lib/utils/api.py:299–319  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

297
298@hook('before_request')
299def check_authentication():
300 if not any((DataStore.username, DataStore.password)):
301 return
302
303 authorization = request.headers.get("Authorization", "")
304 match = re.search(r"(?i)\ABasic\s+([^\s]+)", authorization)
305
306 if not match:
307 request.environ["PATH_INFO"] = "/error/401"
308
309 try:
310 creds = decodeBase64(match.group(1), binary=False)
311 except:
312 request.environ["PATH_INFO"] = "/error/401"
313 else:
314 if creds.count(':') != 1:
315 request.environ["PATH_INFO"] = "/error/401"
316 else:
317 username, password = creds.split(':')
318 if username.strip() != (DataStore.username or "") or password.strip() != (DataStore.password or ""):
319 request.environ["PATH_INFO"] = "/error/401"
320
321@hook("after_request")
322def security_headers(json_header=True):

Callers

nothing calls this directly

Calls 3

decodeBase64Function · 0.90
getMethod · 0.45
searchMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…