// FromBasicAuth tries do identify a Passenger by the access token he gave us.
// It will look up the the user by username and try to match password.
func FromBasicAuth(ctx context.Context, username, pw string) (p *Passenger, err error) {
p = new(Passenger)
p.UserKey, err = model.NewQueryForUser().
Filter("Name=", username).
Limit(1).
Run(ctx).
Next(&p.User)
if err != nil {
return
}
err = password.Check([]byte(pw), p.User.HashedPassword)
// TODO(flowlo): Depending on bcrypt is very fragile. We
// should encapsulate that.
if err == bcrypt.ErrMismatchedHashAndPassword {
userKey := p.UserKey
p, err = FromAccessToken(ctx, pw)
if err != nil {
return
}
if !p.UserKey.Equal(userKey) {
return nil, ErrTokenNotMatchingUser{Parent: p.UserKey, Actual: userKey}
}
}
return
}
// FromBasicAuth tries do identify a Passenger by the access token he gave us.
// It will look up the the user by username and try to match password.
func FromBasicAuth(ctx context.Context, username, pw string) (p *Passenger, err error) {
p.UserKey, err = model.NewQueryForUser().
Filter("Username=", username).
Limit(1).
Run(ctx).
Next(p.User)
err = password.Check([]byte(pw), p.User.HashedPassword)
return
}
