diff options
Diffstat (limited to 'src/modules/auth')
| -rw-r--r-- | src/modules/auth/basic.rs | 9 | ||||
| -rw-r--r-- | src/modules/auth/mod.rs | 8 |
2 files changed, 10 insertions, 7 deletions
diff --git a/src/modules/auth/basic.rs b/src/modules/auth/basic.rs index 08870c4..9af5b01 100644 --- a/src/modules/auth/basic.rs +++ b/src/modules/auth/basic.rs @@ -13,7 +13,9 @@ use hyper::{ use log::debug; use serde::Deserialize; use serde_yaml::Value; -use std::{collections::HashSet, pin::Pin, sync::Arc}; +use std::{pin::Pin, sync::Arc}; + +use super::Credentials; pub struct HttpBasicAuthKind; impl NodeKind for HttpBasicAuthKind { @@ -28,7 +30,7 @@ impl NodeKind for HttpBasicAuthKind { #[derive(Deserialize)] pub struct HttpBasicAuth { realm: String, - valid: HashSet<String>, + users: Credentials, next: DynNode, } @@ -46,7 +48,8 @@ impl Node for HttpBasicAuth { .ok_or(ServiceError::BadAuth)?; let k = base64::engine::general_purpose::STANDARD.decode(k)?; let k = String::from_utf8(k)?; - if self.valid.contains(&k) { + let (username, password) = k.split_once(":").ok_or(ServiceError::BadAuth)?; + if self.users.authentificate(username, password) { debug!("valid auth"); return self.next.handle(context, request).await; } else { diff --git a/src/modules/auth/mod.rs b/src/modules/auth/mod.rs index d6e1a35..715ca97 100644 --- a/src/modules/auth/mod.rs +++ b/src/modules/auth/mod.rs @@ -19,12 +19,12 @@ struct Credentials { } impl Credentials { - fn get(&self, usernamme: &str) -> &PasswordHashString { - self.hashes.get(usernamme).unwrap_or(&self.wrong_user) + fn get(&self, username: &str) -> &PasswordHashString { + self.hashes.get(username).unwrap_or(&self.wrong_user) } - pub fn authentificate(&self, usernamme: &str, password: &str) -> bool { + pub fn authentificate(&self, username: &str, password: &str) -> bool { let algo = Argon2::new(Algorithm::Argon2id, Version::V0x13, Params::default()); - let hash = self.get(usernamme); + let hash = self.get(username); match hash.algorithm().as_str() { "argon2id" => algo .verify_password( |