diff options
author | Christian Pointner <equinox@helsinki.at> | 2016-04-02 16:50:06 (GMT) |
---|---|---|
committer | Christian Pointner <equinox@helsinki.at> | 2016-04-02 16:50:06 (GMT) |
commit | 761d6d0824c0cc92fc746b77499ac563f4e6e579 (patch) | |
tree | 06bd6587085c6a572bee5077c440b445a4479b6a /src | |
parent | 8933910f9846bac630bf0dab06a4b7cd6b2b5ce3 (diff) |
reenable password check for upload
Diffstat (limited to 'src')
-rw-r--r-- | src/rhimportd/uploadWeb.go | 39 |
1 files changed, 19 insertions, 20 deletions
diff --git a/src/rhimportd/uploadWeb.go b/src/rhimportd/uploadWeb.go index 4dc0368..4b56a43 100644 --- a/src/rhimportd/uploadWeb.go +++ b/src/rhimportd/uploadWeb.go @@ -88,26 +88,25 @@ func webUploadHandler(conf *rhimport.Config, db *rddb.DBChan, sessions *rhimport } username := r.FormValue("LOGIN_NAME") - // TODO: re-add this after testing is done!!!! - // password := r.FormValue("PASSWORD") - // if username == "" { - // webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME") - // return - // } - // if password == "" { - // webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME") - // return - // } - - // if authenticated, err := db.CheckPassword(username, password); err != nil { - // rhl.Printf("WebUploadHandler: error checking username/password: %v", err) - // webUploadErrorResponse(w, http.StatusUnauthorized, err.Error()) - // return - // } else if !authenticated { - // rhl.Printf("WebUploadHandler: invalid username/password") - // webUploadErrorResponse(w, http.StatusUnauthorized, "invalid username/password") - // return - // } + password := r.FormValue("PASSWORD") + if username == "" { + webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME") + return + } + if password == "" { + webUploadErrorResponse(w, http.StatusBadRequest, "missing field LOGIN_NAME") + return + } + + if authenticated, err := db.CheckPassword(username, password); err != nil { + rhl.Printf("WebUploadHandler: error checking username/password: %v", err) + webUploadErrorResponse(w, http.StatusUnauthorized, err.Error()) + return + } else if !authenticated { + rhl.Printf("WebUploadHandler: invalid username/password") + webUploadErrorResponse(w, http.StatusUnauthorized, "invalid username/password") + return + } src, hdr, err := r.FormFile("FILENAME") if err != nil { |