summaryrefslogtreecommitdiff
path: root/src/rhimportd
diff options
context:
space:
mode:
authorChristian Pointner <equinox@helsinki.at>2016-04-02 16:50:06 (GMT)
committerChristian Pointner <equinox@helsinki.at>2016-04-02 16:50:06 (GMT)
commit761d6d0824c0cc92fc746b77499ac563f4e6e579 (patch)
tree06bd6587085c6a572bee5077c440b445a4479b6a /src/rhimportd
parent8933910f9846bac630bf0dab06a4b7cd6b2b5ce3 (diff)
reenable password check for upload
Diffstat (limited to 'src/rhimportd')
-rw-r--r--src/rhimportd/uploadWeb.go39
1 files changed, 19 insertions, 20 deletions
diff --git a/src/rhimportd/uploadWeb.go b/src/rhimportd/uploadWeb.go
index 4dc0368..4b56a43 100644
--- a/src/rhimportd/uploadWeb.go
+++ b/src/rhimportd/uploadWeb.go
@@ -88,26 +88,25 @@ func webUploadHandler(conf *rhimport.Config, db *rddb.DBChan, sessions *rhimport
}
username := r.FormValue("LOGIN_NAME")
- // TODO: re-add this after testing is done!!!!
- // password := r.FormValue("PASSWORD")
- // if username == "" {
- // webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME")
- // return
- // }
- // if password == "" {
- // webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME")
- // return
- // }
-
- // if authenticated, err := db.CheckPassword(username, password); err != nil {
- // rhl.Printf("WebUploadHandler: error checking username/password: %v", err)
- // webUploadErrorResponse(w, http.StatusUnauthorized, err.Error())
- // return
- // } else if !authenticated {
- // rhl.Printf("WebUploadHandler: invalid username/password")
- // webUploadErrorResponse(w, http.StatusUnauthorized, "invalid username/password")
- // return
- // }
+ password := r.FormValue("PASSWORD")
+ if username == "" {
+ webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME")
+ return
+ }
+ if password == "" {
+ webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME")
+ return
+ }
+
+ if authenticated, err := db.CheckPassword(username, password); err != nil {
+ rhl.Printf("WebUploadHandler: error checking username/password: %v", err)
+ webUploadErrorResponse(w, http.StatusUnauthorized, err.Error())
+ return
+ } else if !authenticated {
+ rhl.Printf("WebUploadHandler: invalid username/password")
+ webUploadErrorResponse(w, http.StatusUnauthorized, "invalid username/password")
+ return
+ }
src, hdr, err := r.FormFile("FILENAME")
if err != nil {