diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/base/tool.go | 22 | ||||
| -rw-r--r-- | modules/middleware/context.go | 21 |
2 files changed, 43 insertions, 0 deletions
diff --git a/modules/base/tool.go b/modules/base/tool.go index 5b56d1f6..4d3e1c7b 100644 --- a/modules/base/tool.go +++ b/modules/base/tool.go @@ -9,7 +9,9 @@ import ( "crypto/md5" "crypto/rand" "crypto/sha1" + "encoding/base64" "encoding/hex" + "errors" "fmt" "hash" "html/template" @@ -31,6 +33,26 @@ func EncodeMd5(str string) string { return hex.EncodeToString(m.Sum(nil)) } +func BasicAuthDecode(encoded string) (user string, name string, err error) { + var s []byte + s, err = base64.StdEncoding.DecodeString(encoded) + if err != nil { + return user, name, err + } + + a := strings.Split(string(s), ":") + if len(a) == 2 { + user, name = a[0], a[1] + } else { + err = errors.New("decode failed") + } + return user, name, err +} + +func BasicAuthEncode(username, password string) string { + return base64.StdEncoding.EncodeToString([]byte(username + ":" + password)) +} + // GetRandomString generate random string by specify chars. func GetRandomString(n int, alphabets ...byte) string { const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" diff --git a/modules/middleware/context.go b/modules/middleware/context.go index d2620fed..7d767b9e 100644 --- a/modules/middleware/context.go +++ b/modules/middleware/context.go @@ -173,6 +173,27 @@ func Contexter() macaron.Handler { // Get user from session if logined. ctx.User = auth.SignedInUser(ctx.Req.Header, ctx.Session) + + // Check with basic auth again. + if ctx.User == nil { + baHead := ctx.Req.Header.Get("Authorization") + auths := strings.Fields(baHead) + if len(auths) == 2 && auths[0] == "Basic" { + uname, passwd, _ := base.BasicAuthDecode(auths[1]) + u, err := models.GetUserByName(uname) + if err != nil { + if err != models.ErrUserNotExist { + ctx.Handle(500, "GetUserByName", err) + return + } + } else { + if u.ValidtePassword(passwd) { + ctx.User = u + } + } + } + } + if ctx.User != nil { ctx.IsSigned = true ctx.Data["IsSigned"] = ctx.IsSigned |