MCPcopy Index your code
hub / github.com/syncthing/syncthing / attemptBasicAuth

Function attemptBasicAuth

lib/api/api_auth.go:202–223  ·  view source on GitHub ↗
(r *http.Request, guiCfg config.GUIConfiguration, ldapCfg config.LDAPConfiguration, evLogger events.Logger)

Source from the content-addressed store, hash-verified

200}
201
202func attemptBasicAuth(r *http.Request, guiCfg config.GUIConfiguration, ldapCfg config.LDAPConfiguration, evLogger events.Logger) (string, bool) {
203 username, password, ok := r.BasicAuth()
204 if !ok {
205 return "", false
206 }
207
208 slog.Debug("Sessionless HTTP request with authentication; this is expensive.")
209
210 if auth(username, password, guiCfg, ldapCfg) {
211 return username, true
212 }
213
214 usernameFromIso := string(iso88591ToUTF8([]byte(username)))
215 passwordFromIso := string(iso88591ToUTF8([]byte(password)))
216 if auth(usernameFromIso, passwordFromIso, guiCfg, ldapCfg) {
217 return usernameFromIso, true
218 }
219
220 emitLoginAttempt(false, username, r, evLogger)
221 antiBruteForceSleep()
222 return "", false
223}
224
225func (m *basicAuthAndSessionMiddleware) handleLogout(w http.ResponseWriter, r *http.Request) {
226 m.tokenCookieManager.destroySession(w, r)

Callers 1

ServeHTTPMethod · 0.85

Calls 4

authFunction · 0.85
iso88591ToUTF8Function · 0.85
emitLoginAttemptFunction · 0.85
antiBruteForceSleepFunction · 0.85

Tested by

no test coverage detected