From 19f860f4187bb9949f8e152e868bb739aeb9a51a Mon Sep 17 00:00:00 2001
From: daru <daru@sn0w.dev>
Date: Fri, 15 Apr 2022 01:38:03 +0200
Subject: [PATCH] GheddoAuth

---
 ober.go | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/ober.go b/ober.go
index aeaa0dc..4bc4ac6 100644
--- a/ober.go
+++ b/ober.go
@@ -180,7 +180,24 @@ func Register(ctx *fasthttp.RequestCtx) {
 }
 
 func WatchPost(ctx *fasthttp.RequestCtx) {
-	//
+	auth := ctx.Request.Header.Peek("X-HUSO-AUTH")
+	if ctx.UserValue("user") == nil || auth == nil || string(auth) == "" {
+		ctx.SetStatusCode(fasthttp.StatusBadRequest)
+		return
+	}
+	username := fmt.Sprintf("%s", ctx.UserValue("user"))
+	if !authenticate(username, string(auth)) {
+		ctx.SetStatusCode(fasthttp.StatusUnauthorized)
+		return
+	}
+}
+
+func authenticate(username, auth string) bool {
+	user, err := ReadUser(username)
+	if err != nil {
+		return false
+	}
+	return user.Secret == auth
 }
 
 func addErrorToCtx(ctx *fasthttp.RequestCtx, err error) {