diff options
author | Christian Pointner <equinox@helsinki.at> | 2015-12-26 08:58:34 (GMT) |
---|---|---|
committer | Christian Pointner <equinox@helsinki.at> | 2015-12-26 08:58:34 (GMT) |
commit | e2dee26e41817302ed4e14207ce779d58004f797 (patch) | |
tree | 1c472734f4bac38856d070a45ae979101af1c6d2 /session_store.go | |
parent | 7f63f817486684c0dcb440bf57ff79c07c487911 (diff) |
session store now checks password
Diffstat (limited to 'session_store.go')
-rw-r--r-- | session_store.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/session_store.go b/session_store.go index 2aabc44..e065182 100644 --- a/session_store.go +++ b/session_store.go @@ -79,7 +79,15 @@ type SessionStore struct { } func (self *SessionStore) new(ctx *ImportContext) (resp newSessionResponse) { - // TODO: for untrusted interfaces we need to check Username and PassWord!!!! + if !ctx.Trusted { + if ok, err := ctx.rddb.CheckPassword(ctx.UserName, ctx.Password); err != nil { + resp.err = err + return + } else if !ok { + resp.err = fmt.Errorf("invalid username and/or password") + return + } + } b := uuid.NewV4().Bytes() resp.id = strings.ToLower(strings.TrimRight(base32.StdEncoding.EncodeToString(b), "=")) if _, exists := self.store[ctx.UserName]; !exists { |