mirror of
https://github.com/TwiN/gatus.git
synced 2024-11-22 07:53:38 +01:00
Make sure that the SHA512 hash is lowercase
This commit is contained in:
parent
402525d572
commit
8fd6eddc16
@ -2,12 +2,13 @@ package security
|
|||||||
|
|
||||||
import (
|
import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
func Handler(handler http.HandlerFunc, security *Config) http.HandlerFunc {
|
func Handler(handler http.HandlerFunc, security *Config) http.HandlerFunc {
|
||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
usernameEntered, passwordEntered, ok := r.BasicAuth()
|
usernameEntered, passwordEntered, ok := r.BasicAuth()
|
||||||
if !ok || usernameEntered != security.Basic.Username || Sha512(passwordEntered) != security.Basic.PasswordSha512Hash {
|
if !ok || usernameEntered != security.Basic.Username || Sha512(passwordEntered) != strings.ToLower(security.Basic.PasswordSha512Hash) {
|
||||||
w.Header().Set("WWW-Authenticate", "Basic")
|
w.Header().Set("WWW-Authenticate", "Basic")
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
_, _ = w.Write([]byte("Unauthorized"))
|
_, _ = w.Write([]byte("Unauthorized"))
|
||||||
|
Loading…
Reference in New Issue
Block a user