2018-11-19 12:15:18 -06:00
|
|
|
package api
|
2018-11-14 14:42:47 -06:00
|
|
|
|
|
|
|
import (
|
|
|
|
"crypto/subtle"
|
2021-09-01 04:18:30 -05:00
|
|
|
"net/http"
|
2018-11-14 14:42:47 -06:00
|
|
|
)
|
|
|
|
|
2018-11-19 12:15:18 -06:00
|
|
|
// BasicAuthenticatedRequest parses the provided HTTP request for basic authentication credentials
|
2018-11-14 14:42:47 -06:00
|
|
|
// and returns true if the provided credentials match the expected username and password.
|
|
|
|
// Returns false if the request is unauthenticated.
|
|
|
|
// Uses constant-time comparison in order to mitigate timing attacks.
|
2021-09-01 04:18:30 -05:00
|
|
|
func BasicAuthenticatedRequest(req *http.Request, expectedUser, expectedPass string) bool {
|
2018-11-14 14:42:47 -06:00
|
|
|
user, pass, ok := req.BasicAuth()
|
2018-11-14 16:37:32 -06:00
|
|
|
if !ok || subtle.ConstantTimeCompare([]byte(user), []byte(expectedUser)) != 1 || subtle.ConstantTimeCompare([]byte(pass), []byte(expectedPass)) != 1 {
|
2018-11-14 14:42:47 -06:00
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
return true
|
|
|
|
}
|