summaryrefslogtreecommitdiffhomepage
path: root/response.cpp
diff options
context:
space:
mode:
authorRoland Reichwein <mail@reichwein.it>2020-04-26 19:52:44 +0200
committerRoland Reichwein <mail@reichwein.it>2020-04-26 19:52:44 +0200
commita595932283a3f3bf002eff5bf044762b78cab5f0 (patch)
tree790ba05f95b3fd3d6790f8132f9f6f95f908f18a /response.cpp
parentc73f913844f6aed9e740780f8a6732477fa3d680 (diff)
crypt(3) http auth pws
Diffstat (limited to 'response.cpp')
-rw-r--r--response.cpp5
1 files changed, 4 insertions, 1 deletions
diff --git a/response.cpp b/response.cpp
index 696b859..9eda5ff 100644
--- a/response.cpp
+++ b/response.cpp
@@ -1,5 +1,6 @@
#include "response.h"
+#include "auth.h"
#include "base64.h"
#include "file.h"
@@ -292,7 +293,9 @@ response_type generate_response(request_type& req, Server& server)
std::string password{authorization.substr(pos + 1)};
auto it {auth.find(login)};
- if (it == auth.end() || it->second != password)
+ // it.second contains crypted/hash
+ // password is plain text to validate against the hash
+ if (it == auth.end() || !Auth::validate(it->second, password))
return HttpStatusAndStats("401", "Bad Authorization", req_ctx, res);
}