Example #1
0
// FromBasicAuth tries do identify a Passenger by the access token he gave us.
// It will look up the the user by username and try to match password.
func FromBasicAuth(ctx context.Context, username, pw string) (p *Passenger, err error) {
	p = new(Passenger)
	p.UserKey, err = model.NewQueryForUser().
		Filter("Name=", username).
		Limit(1).
		Run(ctx).
		Next(&p.User)

	if err != nil {
		return
	}
	err = password.Check([]byte(pw), p.User.HashedPassword)

	// TODO(flowlo): Depending on bcrypt is very fragile. We
	// should encapsulate that.
	if err == bcrypt.ErrMismatchedHashAndPassword {
		userKey := p.UserKey
		p, err = FromAccessToken(ctx, pw)
		if err != nil {
			return
		}
		if !p.UserKey.Equal(userKey) {
			return nil, ErrTokenNotMatchingUser{Parent: p.UserKey, Actual: userKey}
		}
	}
	return
}
Example #2
0
// FromBasicAuth tries do identify a Passenger by the access token he gave us.
// It will look up the the user by username and try to match password.
func FromBasicAuth(ctx context.Context, username, pw string) (p *Passenger, err error) {
	p.UserKey, err = model.NewQueryForUser().
		Filter("Username=", username).
		Limit(1).
		Run(ctx).
		Next(p.User)

	err = password.Check([]byte(pw), p.User.HashedPassword)
	return
}