diff options
| author | Roland Reichwein <mail@reichwein.it> | 2020-04-26 19:52:44 +0200 |
|---|---|---|
| committer | Roland Reichwein <mail@reichwein.it> | 2020-04-26 19:52:44 +0200 |
| commit | a595932283a3f3bf002eff5bf044762b78cab5f0 (patch) | |
| tree | 790ba05f95b3fd3d6790f8132f9f6f95f908f18a /response.cpp | |
| parent | c73f913844f6aed9e740780f8a6732477fa3d680 (diff) | |
crypt(3) http auth pws
Diffstat (limited to 'response.cpp')
| -rw-r--r-- | response.cpp | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/response.cpp b/response.cpp index 696b859..9eda5ff 100644 --- a/response.cpp +++ b/response.cpp @@ -1,5 +1,6 @@ #include "response.h" +#include "auth.h" #include "base64.h" #include "file.h" @@ -292,7 +293,9 @@ response_type generate_response(request_type& req, Server& server) std::string password{authorization.substr(pos + 1)}; auto it {auth.find(login)}; - if (it == auth.end() || it->second != password) + // it.second contains crypted/hash + // password is plain text to validate against the hash + if (it == auth.end() || !Auth::validate(it->second, password)) return HttpStatusAndStats("401", "Bad Authorization", req_ctx, res); } |