Fixed auth check

1 files changed, 17 insertions, 6 deletions

diff --git a/src/args.rs b/src/args.rs
index 516e0b6..d1250c0 100644
--- a/src/args.rs
+++ b/src/args.rs
@@ -77,13 +77,24 @@ fn parse_interface(src: &str) -> Result<IpAddr, std::net::AddrParseError> {
 
 /// Checks wether the auth string is valid, i.e. it follows the syntax username:password
 fn parse_auth(src: &str) -> Result<(String, String), String> {
-    match src.find(':') {
-        Some(_) => {
-            let split = src.split(':').collect::<Vec<_>>();
-            Ok((split[0].to_owned(), split[1].to_owned()))
-        }
-        None => Err("Correct format is username:password".to_owned()),
+    let mut split = src.splitn(2, ':');
+
+    let username = match split.next() {
+        Some(username) => username,
+        None => return Err("Invalid credentials string, expected format is username:password".to_owned())
+    };
+
+    let password = match split.next() {
+        Some(password) => password,
+        None => return Err("Invalid credentials string, expected format is username:password".to_owned())
+    };
+    // Should we allow empty passwords ?
+
+    if username.len() > 255 {
+        return Err("Username length cannot exceed 255 characters".to_owned());
     }
+
+    Ok((username.to_owned(), password.to_owned()))
 }
 
 /// Parses the command line arguments