update basic auth method

This commit is contained in:
fatedier 2017-03-21 21:36:48 +08:00
parent 54bbfe26b0
commit 9e683fe446

View File

@ -15,11 +15,9 @@
package server package server
import ( import (
"encoding/base64"
"fmt" "fmt"
"net" "net"
"net/http" "net/http"
"strings"
"time" "time"
"github.com/fatedier/frp/assets" "github.com/fatedier/frp/assets"
@ -75,25 +73,13 @@ func basicAuth(h http.HandlerFunc) http.HandlerFunc {
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`) w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
s := strings.SplitN(r.Header.Get("Authorization"), " ", 2) username, passwd, ok := r.BasicAuth()
if len(s) != 2 { if !ok {
http.Error(w, "Not authorized", 401) http.Error(w, "Not authorized", 401)
return return
} }
b, err := base64.StdEncoding.DecodeString(s[1]) if username != config.ServerCommonCfg.DashboardUser || passwd != config.ServerCommonCfg.DashboardPwd {
if err != nil {
http.Error(w, err.Error(), 401)
return
}
pair := strings.SplitN(string(b), ":", 2)
if len(pair) != 2 {
http.Error(w, "Not authorized", 401)
return
}
if pair[0] != config.ServerCommonCfg.DashboardUser || pair[1] != config.ServerCommonCfg.DashboardPwd {
http.Error(w, "Not authorized", 401) http.Error(w, "Not authorized", 401)
return return
} }