octoleo/syncthing
1
0
Fork 0
mirror of https://github.com/octoleo/syncthing.git synced 2024-12-22 10:58:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

lib/api: http.Request.BasicAuth instead of custom code (#8039)

Browse Source
This commit is contained in:
greatroar 2021-11-06 12:38:08 +01:00 committed by GitHub
parent 41bfb7a330
commit db15e52743
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/api/api_auth.go
View File

@ -7,9 +7,7 @@
package api
import (
"bytes"
"crypto/tls"
"encoding/base64"
"fmt"
"net"
"net/http"
@ -66,28 +64,12 @@ func basicAuthAndSessionMiddleware(cookieName string, guiCfg config.GUIConfigura
http.Error(w, "Not Authorized", http.StatusUnauthorized)
}
hdr := r.Header.Get("Authorization")
if !strings.HasPrefix(hdr, "Basic ") {
username, password, ok := r.BasicAuth()
if !ok {
error()
return
}
hdr = hdr[6:]
bs, err := base64.StdEncoding.DecodeString(hdr)
if err != nil {
error()
return
}
fields := bytes.SplitN(bs, []byte(":"), 2)
if len(fields) != 2 {
error()
return
}
username := string(fields[0])
password := string(fields[1])
authOk := auth(username, password, guiCfg, ldapCfg)
if !authOk {
usernameIso := string(iso88591ToUTF8([]byte(username)))