MCPcopy
hub / github.com/syncthing/syncthing / passwordAuthHandler

Method passwordAuthHandler

lib/api/api_auth.go:179–200  ·  view source on GitHub ↗
(w http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

177}
178
179func (m *basicAuthAndSessionMiddleware) passwordAuthHandler(w http.ResponseWriter, r *http.Request) {
180 var req struct {
181 Username string
182 Password string
183 StayLoggedIn bool
184 }
185 if err := unmarshalTo(http.MaxBytesReader(w, r.Body, maxLoginRequestSize), &req); err != nil {
186 l.Debugln("Failed to parse username and password:", err)
187 http.Error(w, "Failed to parse username and password.", http.StatusBadRequest)
188 return
189 }
190
191 if auth(req.Username, req.Password, m.guiCfg, m.ldapCfg) {
192 m.tokenCookieManager.createSession(req.Username, req.StayLoggedIn, w, r)
193 w.WriteHeader(http.StatusNoContent)
194 return
195 }
196
197 emitLoginAttempt(false, req.Username, r, m.evLogger)
198 antiBruteForceSleep()
199 forbidden(w)
200}
201
202func attemptBasicAuth(r *http.Request, guiCfg config.GUIConfiguration, ldapCfg config.LDAPConfiguration, evLogger events.Logger) (string, bool) {
203 username, password, ok := r.BasicAuth()

Callers

nothing calls this directly

Calls 9

unmarshalToFunction · 0.85
authFunction · 0.85
emitLoginAttemptFunction · 0.85
antiBruteForceSleepFunction · 0.85
forbiddenFunction · 0.85
DebuglnMethod · 0.80
createSessionMethod · 0.80
ErrorMethod · 0.65
WriteHeaderMethod · 0.45

Tested by

no test coverage detected