From: Steinar H. Gunderson Date: Mon, 29 Jun 2009 09:37:58 +0000 (+0200) Subject: Refactor the authentication a bit, in anticipation of digest-auth support. X-Git-Url: https://git.sesse.net/?p=pr0n;a=commitdiff_plain;h=238c9466b74b540cedc7569ca3d81a9de911c225 Refactor the authentication a bit, in anticipation of digest-auth support. --- diff --git a/perl/Sesse/pr0n/Common.pm b/perl/Sesse/pr0n/Common.pm index 57d0a6b..14ae88b 100644 --- a/perl/Sesse/pr0n/Common.pm +++ b/perl/Sesse/pr0n/Common.pm @@ -312,19 +312,34 @@ sub update_image_info { sub check_access { my $r = shift; + + #return qw(sesse Sesse); my $auth = $r->headers_in->{'authorization'}; - if (!defined($auth) || $auth !~ m#^Basic ([a-zA-Z0-9+/]+=*)$#) { - $r->content_type('text/plain; charset=utf-8'); - $r->status(401); - $r->headers_out->{'www-authenticate'} = 'Basic realm="pr0n.sesse.net"'; - $r->print("Need authorization\n"); + if (!defined($auth)) { + output_401($r); return undef; } - - #return qw(sesse Sesse); + if ($auth =~ /^Basic ([a-zA-Z0-9+\/]+=*)$/) { + return check_basic_auth($r, $1); + } + output_401($r); + return undef; +} + +sub output_401 { + my $r = shift; + $r->content_type('text/plain; charset=utf-8'); + $r->status(401); + $r->headers_out->{'www-authenticate'} = 'Basic realm="pr0n.sesse.net"'; + $r->print("Need authorization\n"); +} + +sub check_basic_auth { + my ($r, $auth) = @_; + + my ($user, $pass) = split /:/, MIME::Base64::decode_base64($auth); - my ($user, $pass) = split /:/, MIME::Base64::decode_base64($1); # WinXP is stupid :-) if ($user =~ /^.*\\(.*)$/) { $user = $1; @@ -344,11 +359,8 @@ sub check_access { undef, $user, $pass, $r->get_server_name); if ($ref->{'auth'} != 1) { $r->content_type('text/plain; charset=utf-8'); - warn "No user exists, only $auth"; - $r->status(401); - $r->headers_out->{'www-authenticate'} = 'Basic realm="pr0n.sesse.net"'; - $r->print("Authorization failed"); $r->log->warn("Authentication failed for $user/$takenby"); + output_401($r); return undef; }