diff options
Diffstat (limited to 'src/helsinki.at/rhimport/session_store.go')
| -rw-r--r-- | src/helsinki.at/rhimport/session_store.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/helsinki.at/rhimport/session_store.go b/src/helsinki.at/rhimport/session_store.go index 2aabc44..e065182 100644 --- a/src/helsinki.at/rhimport/session_store.go +++ b/src/helsinki.at/rhimport/session_store.go @@ -79,7 +79,15 @@ type SessionStore struct { } func (self *SessionStore) new(ctx *ImportContext) (resp newSessionResponse) { - // TODO: for untrusted interfaces we need to check Username and PassWord!!!! + if !ctx.Trusted { + if ok, err := ctx.rddb.CheckPassword(ctx.UserName, ctx.Password); err != nil { + resp.err = err + return + } else if !ok { + resp.err = fmt.Errorf("invalid username and/or password") + return + } + } b := uuid.NewV4().Bytes() resp.id = strings.ToLower(strings.TrimRight(base32.StdEncoding.EncodeToString(b), "=")) if _, exists := self.store[ctx.UserName]; !exists { |