rnhmjoj/magnetico
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Improve authentication logs

Browse Source
This commit is contained in:
Michał Gątkowski 2022-08-05 22:44:20 +02:00
parent 53d0ba0410
commit bd435d1a13
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cmd/magneticow/main.go
View File

@ -274,13 +274,13 @@ func loadCred(cred string) error {
reader := bufio.NewReader(file) reader := bufio.NewReader(file)
for lineno := 1; true; lineno++ { for lineno := 1; true; lineno++ {
line, err := reader.ReadBytes('\n') line, err := reader.ReadBytes('\n')
zap.L().Debug("Credentials: " + string(line))
if err != nil { if err != nil {
if err == io.EOF { if err == io.EOF {
break break
} }
return errors.Wrapf(err, "while reading line %d", lineno) return errors.Wrapf(err, "while reading line %d", lineno)
} }
line = line[:len(line)-1] // strip '\n' line = line[:len(line)-1] // strip '\n'
/* The following regex checks if the line satisfies the following conditions: /* The following regex checks if the line satisfies the following conditions:
@ -297,7 +297,6 @@ func loadCred(cred string) error {
if !re.Match(line) { if !re.Match(line) {
return fmt.Errorf("on line %d: format should be: <USERNAME>:<BCRYPT HASH>, instead got: %s", lineno, line) return fmt.Errorf("on line %d: format should be: <USERNAME>:<BCRYPT HASH>, instead got: %s", lineno, line)
} }
tokens := bytes.Split(line, []byte(":")) tokens := bytes.Split(line, []byte(":"))
opts.Credentials[string(tokens[0])] = tokens[1] opts.Credentials[string(tokens[0])] = tokens[1]
} }
@ -333,12 +332,14 @@ func BasicAuth(handler http.HandlerFunc, realm string) http.HandlerFunc {
hashedPassword, ok := opts.Credentials[username] hashedPassword, ok := opts.Credentials[username]
opts.CredentialsRWMutex.RUnlock() opts.CredentialsRWMutex.RUnlock()
if !ok { // User not found if !ok { // User not found
zap.L().Error("User \"" + string(username) + "\" not found!")
authenticate(w, realm) authenticate(w, realm)
return return
} }
if err := bcrypt.CompareHashAndPassword(hashedPassword, []byte(password)); err != nil { // Wrong password if err := bcrypt.CompareHashAndPassword(hashedPassword, []byte(password)); err != nil { // Wrong password
authenticate(w, realm) authenticate(w, realm)
zap.L().Error("Wrong password provided!")
return return
} }