work on #609

2014-11-07 14:46:13 -05:00 · 2014-11-07 14:46:13 -05:00 · abc57b6e43
commit abc57b6e43
parent a01b4baca2
6 changed files with 53 additions and 35 deletions
--- a/modules/base/tool.go
+++ b/modules/base/tool.go
@ -9,7 +9,9 @@ import (
 	"crypto/md5"
 	"crypto/rand"
 	"crypto/sha1"
+	"encoding/base64"
 	"encoding/hex"
+	"errors"
 	"fmt"
 	"hash"
 	"html/template"
@ -31,6 +33,26 @@ func EncodeMd5(str string) string {
 	return hex.EncodeToString(m.Sum(nil))
 }

+func BasicAuthDecode(encoded string) (user string, name string, err error) {
+	var s []byte
+	s, err = base64.StdEncoding.DecodeString(encoded)
+	if err != nil {
+		return user, name, err
+	}
+
+	a := strings.Split(string(s), ":")
+	if len(a) == 2 {
+		user, name = a[0], a[1]
+	} else {
+		err = errors.New("decode failed")
+	}
+	return user, name, err
+}
+
+func BasicAuthEncode(username, password string) string {
+	return base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
+}
+
 // GetRandomString generate random string by specify chars.
 func GetRandomString(n int, alphabets ...byte) string {
 	const alphanum = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"
--- a/modules/middleware/context.go
+++ b/modules/middleware/context.go
@ -173,6 +173,27 @@ func Contexter() macaron.Handler {

 		// Get user from session if logined.
 		ctx.User = auth.SignedInUser(ctx.Req.Header, ctx.Session)
+
+		// Check with basic auth again.
+		if ctx.User == nil {
+			baHead := ctx.Req.Header.Get("Authorization")
+			auths := strings.Fields(baHead)
+			if len(auths) == 2 && auths[0] == "Basic" {
+				uname, passwd, _ := base.BasicAuthDecode(auths[1])
+				u, err := models.GetUserByName(uname)
+				if err != nil {
+					if err != models.ErrUserNotExist {
+						ctx.Handle(500, "GetUserByName", err)
+						return
+					}
+				} else {
+					if u.ValidtePassword(passwd) {
+						ctx.User = u
+					}
+				}
+			}
+		}
+
 		if ctx.User != nil {
 			ctx.IsSigned = true
 			ctx.Data["IsSigned"] = ctx.IsSigned