From d94f67e0c87b07bd747f357983253eee5c4a81b5 Mon Sep 17 00:00:00 2001 From: boasting-squirrel Date: Sat, 13 Apr 2019 21:44:17 +0200 Subject: Fixed auth check --- src/auth.rs | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) (limited to 'src/auth.rs') diff --git a/src/auth.rs b/src/auth.rs index e8600fb..10e7a4a 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -7,7 +7,6 @@ pub struct Auth; /// HTTP Basic authentication errors pub enum BasicAuthError { Base64DecodeError, - InvalidUsernameFormat, } #[derive(Clone, Debug)] @@ -24,13 +23,14 @@ pub fn parse_basic_auth( let basic_removed = authorization_header.to_str().unwrap().replace("Basic ", ""); let decoded = base64::decode(&basic_removed).map_err(|_| BasicAuthError::Base64DecodeError)?; let decoded_str = String::from_utf8_lossy(&decoded); - let strings: Vec<&str> = decoded_str.splitn(2, ':').collect(); - if strings.len() != 2 { - return Err(BasicAuthError::InvalidUsernameFormat); - } + let credentials: Vec<&str> = decoded_str.splitn(2, ':').collect(); + + // If argument parsing went fine, it means the HTTP credentials string is well formatted + // So we can safely unpack the username and the password + Ok(BasicAuthParams { - username: strings[0].to_owned(), - password: strings[1].to_owned(), + username: credentials[0].to_owned(), + password: credentials[1].to_owned(), }) } @@ -50,11 +50,6 @@ impl Middleware for Auth { auth_headers.to_str().unwrap() )))); } - Err(BasicAuthError::InvalidUsernameFormat) => { - return Ok(Response::Done( - HttpResponse::BadRequest().body("Invalid basic auth format"), - )); - } }; if auth_req.username != required_auth.username || auth_req.password != required_auth.password -- cgit v1.2.3