diff options
Diffstat (limited to 'response.cpp')
| -rw-r--r-- | response.cpp | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/response.cpp b/response.cpp index 696b859..9eda5ff 100644 --- a/response.cpp +++ b/response.cpp @@ -1,5 +1,6 @@ #include "response.h" +#include "auth.h" #include "base64.h" #include "file.h" @@ -292,7 +293,9 @@ response_type generate_response(request_type& req, Server& server) std::string password{authorization.substr(pos + 1)}; auto it {auth.find(login)}; - if (it == auth.end() || it->second != password) + // it.second contains crypted/hash + // password is plain text to validate against the hash + if (it == auth.end() || !Auth::validate(it->second, password)) return HttpStatusAndStats("401", "Bad Authorization", req_ctx, res); } |