MWojt/gertdns
1
0
Fork 0
mirror of https://github.com/MarekWojt/gertdns.git synced 2025-12-13 04:19:51 +01:00
Code Issues Projects Releases Wiki Activity

more sensible error handling: auth failure

Browse Source
This commit is contained in:
MarekWojt
2023-01-07 17:47:18 +01:00
parent 7bf92a6241
commit 285ea8438e
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
auth/auth.go
View File

@@ -1,6 +1,8 @@
package auth package auth
import ( import (
"errors"
"github.com/MarekWojt/gertdns/util" "github.com/MarekWojt/gertdns/util"
"github.com/raja/argon2pw" "github.com/raja/argon2pw"
) )
@@ -56,11 +58,11 @@ func (selfUser *userRaw) Tidy() (user, error) {
func IsPasswordAuthenticated(request PasswordAuthenticationRequest) (bool, error) { func IsPasswordAuthenticated(request PasswordAuthenticationRequest) (bool, error) {
currentUser, found := parsedUsers[request.User] currentUser, found := parsedUsers[request.User]
if !found { if !found {
return false, nil return false, errors.New("user does not exist")
} }
if _, ok := currentUser.domains[request.Domain]; !ok { if _, ok := currentUser.domains[request.Domain]; !ok {
return false, nil return false, errors.New("user does not have access to this domain")
} }
return currentUser.Authenticate(request.Password) return currentUser.Authenticate(request.Password)

6
web/web.go
View File

@@ -189,6 +189,12 @@ func authenticatedRequest(request func(ctx *fasthttp.RequestCtx)) func(ctx *fast
} }
authenticated, err := auth.IsPasswordAuthenticated(authRequest) authenticated, err := auth.IsPasswordAuthenticated(authRequest)
if err != nil && !authenticated {
ctx.WriteString("Authentication failed: " + err.Error())
ctx.SetStatusCode(fasthttp.StatusForbidden)
return
}
if err != nil { if err != nil {
ctx.WriteString("Internal server error") ctx.WriteString("Internal server error")
ctx.SetStatusCode(fasthttp.StatusInternalServerError) ctx.SetStatusCode(fasthttp.StatusInternalServerError)