Ything-RepoMirrors/rqlite
1
0
Fork 0
mirror of https://github.com/rqlite/rqlite.git synced 2026-01-25 04:16:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Tweak hashed password implementation

Browse Source
This commit is contained in:
Philip O'Toole
2018-03-17 10:38:03 -04:00
parent 1abbe0fa4b
commit 6fae0d4cee
2 changed files with 10 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
auth/credential_store.go
View File

@@ -18,23 +18,20 @@ type BasicAuther interface {
type Credential struct {
Username string `json:"username,omitempty"`
Password string `json:"password,omitempty"`
Hashed *bool `json:"hashed,omitempty"`
Perms []string `json:"perms,omitempty"`
}
// CredentialsStore stores authentication and authorization information for all users.
type CredentialsStore struct {
store map[string]string
perms map[string]map[string]bool
isbcrypted map[string]bool
store map[string]string
perms map[string]map[string]bool
}
// NewCredentialsStore returns a new instance of a CredentialStore.
func NewCredentialsStore() *CredentialsStore {
return &CredentialsStore{
store: make(map[string]string),
perms: make(map[string]map[string]bool),
isbcrypted: make(map[string]bool),
store: make(map[string]string),
perms: make(map[string]map[string]bool),
}
}
@@ -58,9 +55,6 @@ func (c *CredentialsStore) Load(r io.Reader) error {
for _, p := range cred.Perms {
c.perms[cred.Username][p] = true
}
if cred.Hashed != nil && *cred.Hashed {
c.isbcrypted[cred.Username] = true
}
}
// Read closing bracket.
@@ -78,12 +72,8 @@ func (c *CredentialsStore) Check(username, password string) bool {
if !ok {
return false
}
if _, ok = c.isbcrypted[username]; ok {
err := bcrypt.CompareHashAndPassword([]byte(pw), []byte(password))
return err == nil
} else {
return password == pw
}
return password == pw ||
bcrypt.CompareHashAndPassword([]byte(pw), []byte(password)) == nil
}
// CheckRequest returns true if b contains a valid username and password.

7
auth/credential_store_test.go
View File

@@ -167,10 +167,11 @@ func Test_AuthLoadHashedSingleRequest(t *testing.T) {
[
{
"username": "username1",
"password": "$2a$10$fKRHxrEuyDTP6tXIiDycr.nyC8Q7UMIfc31YMyXHDLgRDyhLK3VFS",
"hashed": true
"password": "$2a$10$fKRHxrEuyDTP6tXIiDycr.nyC8Q7UMIfc31YMyXHDLgRDyhLK3VFS"
},
{"username": "username2", "password": "password2", "hashed":false}
{ "username": "username2",
"password": "password2"
}
]
`